Discussion in 'Article Discussion' started by Gareth Halfacree, 13 Apr 2016.
Looks to lock out bad cables.
Get ready to pay £30 + for a cable then!
Tbh I read 'aims to lock out bad cables' as 'aims to lock out cheap cables' too...
Yes there are shoddy cables out there, but this just seems like it'll bump prices for no appreciable benefit as there will still be shoddy cables out there...
so long as the don't go crazy with the price bumps, and any cable, no matter it's cost, can get the certification if it meets the standards, i'm all for this. buying cheap cables takes too much effort currently if you care at all about the overall battery lifespan on your device, this would at least give a way to quickly determine if it's a viable option or not.
Well, to be fair to them, they did try the nice free market approach.. then some ****ing ***** decided to abuse it hard enough actual fire hazards cropped up. And thus, we have this solution to it. The objective is pretty simple: make it so expensive to engineer a shitty cable that they may as well just make decent cables instead.
Pardon me for being an idiot but will existing devices be able to authenticate the cables or just hardware produced after the standard is implemented.
I'm not sure.. I'll try and get back after I've read the USB-IF spec.
sounds like once this is implemented you will need to buy all new cables and **** for stuff to work. Sounds like this is going to really piss off and confuse even more customers. Why is my **** not working it used to work fine? People will be pissed when this hits the market.
There should just be a certification, if you buy certified cables and are safe good for you and if you buy the cheep **** and you get lucky and it does not fry your **** then great.
Would have to buy new things anyway, USB Type-C uses entirely different connectors from previous versions of USB
So... this works for six months, then China clones the chips and it stops being any sort of deterrent. Good plan, USB-IF, you are now blatantly copying Apple and you can copy their endgame too!
USB exists for 20 years now and this has only become an issue with USB C type cables?
They should be fixing the endpoints (chipset), not adding Appleish "features" to the cables themselves.
Finally got round to reading the spec in question.
The long and short of it is that cables without a chip will be treated as a legacy cable, detected via simple timeout of the auth request. How the various devices work from there will vary, but odds are that most devices will simply go down to base USB Type-C spec meaning 10Gbit/s transfer over 4 lane, 5V×1.5A power.
Yes, it does mean that a cheap cable without auth will very likely be unable to charge your USB-C laptop, but it's much less of an issue for something lower power, like your phone.
One side benefit that auth allows is being able to limit USB devices connected to a host by simply adding your own certificate to said USB devices and cables. Great for IT in places like banks and such where the current choices are either disabling the USB ports completely, or dealing with the inevitable fallout of someone using an unauthorised, unencrypted USB device and walking out with confidential data.. and then losing the damn thing.
With USB type A and type B cabling, the max voltage and current were set at 5V and 0.5A (0.9A for USB 3.0/3.1 Gen1). At those levels, the absolute worse that would happen were a melty cable (in theory at least....).
With Type-C power delivery specs (max of 5A at 20V), the worst that happen is now sparking and setting fire to things. Simply, the risks associated with a dodgy cable are much greater now.
Now, we could of course have the controllers implement a battery of tests of every device, but overall that comes out a lot more expensive than just adding a 5c chip to every cable.
As I said in my comment earlier: you can thank half-assed chinese morons who didn't bother reading the ****ing spec in the first place and shoveled dangerous **** onto the market.
Not that much of an issue I think:
1. By the time you clone the chip, you've put in enough effort to make a decent cable in the first place
2. Even with a cloned chip, it means little, since you still need to put the certificate on said chip. Since the system uses a very TLS-like public-key certificate-based authentication system, you can simply revoke keys that have been leaked, and recall legit cables in for a reflash.
There was always a problem with dodgy USB cables, only previously it wasn't such a big problem, because it operated at relatively low frequencies. The main problem with USB2 was current capacity of cable - majority of cables use way thinner power conductors than the spec dictates. Was ok for data transfer, not so much then the device was powered from USB.
With USB3s increased current, voltage (remember, you can push 100W over the cable) and highly increased frequencies this will be even more of a problem.
And lets not even start on dodgy or right out dangerous chargers.
How exactly should they "fix" endpoints? Making them more robust would only encourage manufacturers to make even more out-of-spec cables.
Also, authentication of peripherals was a real problem, with USB becoming "jack of all things" this feature is understandable.
Is this the best solution? Probably not, but there is no easy/cheap solution for this problem.
p.s. ZeDestructor beat me to it
Imo, wont matter, chineese will clone stuff regardless. Noone is going to recall compromised cables - it will be too expensive and a logistics nightmare and, as "FTDI-gates" has shown, it will create a lot of bad press. Also, any "reprogrammable" ID chip will be
a) less secure
b) more expensive
than ROM based. So if they do revoke certs the most likely scenario is that they will send you a replacement cable. But this will create s*** ton of ewaste, so governments wont be thrilled about it.
I used to work for one of the offending suppliers of the faultily manufactured USB C cables reviewed by Benson. I remember spending the best part of two months trying to get the MD and Commercial Director to pull the cables and get them resolved as soon as I found out they had spec'd incorrect units. I had two big troubles, firstly, despite being the heads of a tech firm, neither of them had any idea how USB works or the faintest idea what the USB standards were, and even when I managed to drive that home, claimed that as long as they didnt state in the product description that their cable would work with a particular gadget, that they would be protected from accusations their cables were faulty. Shocking behaviour. Of course their product line bombed and they lost a lot of money over it.
I left there very soon after and now have a successful work elsewhere, where the owners know what business they're in.
I'm just glad that they are slowly taking away USB from the filthy 99%, it's outrageous that the 1% has to use the same interface as commoners. And it was OK when you could use the exclusive lightning port on your apple laptop, but when apple started to use USB-C it became so that you just felt dirty using a port that commoners also use.
There are a few comment theorizing about how they might bypass it to make cheap cables, but I think we forget that the motherboards are made in asia too, and they know the market, and I suspect they will simply put a option in the BIOS to disable the proposed encryption on the motherboard side so you can use any cable.
At least I would hope so, because unless the encryption/certification gets much cheaper I don't think it's doable for a large part of the world to start paying a lot for simple cables.
Don't forget that apart from the less well-off in the western countries the larger part of the world is simply pretty poor overall, from asia, with billions of people, to south america to africa, it's just not a world full of well-paid people.
Darn right! The filthy plebes need to get back on RS232 where they belong!
Hey. HEY. Don't you be trash-talking no RS232, foo. Serial fo' lyfe, yo.
I'm not so sure. By the looks of it, it's done on both ends, meaning that you need both sides to ignore it. Based on what the spec says, it also looks to be OS-enforced, not firmware-enforced, since it has a full PK infrastructure setup for custom key installation and authentication.
As I said up, for the most part it changes little: data will move through super-fast just fine, as will low-voltage power. It's basically only laptops that will feel the effects, since those are actually fairly high-power devices. Since laptops, phones and tablets are devices that are portable and internationally-used, I think the EC and FCC (and your regional equivalent) would be putting pressure that all devices implement it properly.
Please, it's all about the UART nowadays
Separate names with a comma.