Categories: GooglePushed

Google pushed a one-character typo to production, bricking Chrome OS devices

I guess three testing channels are not enough? —

Google broke a conditional statement that verifies passwords. A fix is rolling out.


Bloomberg / Getty Images

Google says it has fixed a major Chrome OS bug that locked users out of their devices. Google’s bulletin says that Chrome OS version 91.0.4472.165, which was briefly available this week, renders users unable to log in to their devices, essentially bricking them.

Chrome OS automatically downloads updates and switches to the new version after a reboot, so users who reboot their devices are suddenly locked out them. The go-to advice while this broken update is out there is to not reboot.

The bulletin says that a new build, version 91.0.4472.167, is rolling out now to fix the issue, but it could take a “few days” to hit everyone. Users affected by the bad update can either wait for the device to update again or “powerwash” their device—meaning wipe all the local data—to get logged in. Chrome OS is primarily cloud-based, so if you’re not doing something advanced like running Linux apps, this solution presents less of an inconvenience than it would on other operating systems. Still, some users are complaining about lost data.

ChromeOS is open source, so we can get a bit more detail about the fix thanks to Android Police hunting down a Reddit comment from user elitist_ferret. The problem apparently boils down to a single-character typo. Google flubbed a conditional statement in Chrome OS’s Cryptohome VaultKeyset, the part of the OS that holds user encryption keys. The line should read “if (key_data_.has_value() && !key_data_->label().empty()) {” but instead of “&&”—the C++ version of the “AND” operator—the bad update used a single ampersand, breaking the second half of the conditional statement.

Enlarge / ChromeOS’s programming typo. It happens to the best of us.

It sounds like, because of this error, Chrome OS never properly checked user passwords against the stored keys, so even correct passwords came back with a message saying, “Sorry, your password could not be verified.”

The whole selling point of Chrome OS is that it’s reliable and unbreakable, and botched updates like this hurt the OS. It’s not clear how such an obvious, show-stopping problem like this made it into the stable release channel. Chrome OS has three testing channels

Read More

News Bot

Share
Published by
News Bot
Tags: GooglePushed

Recent Posts

COVID restrictions: Parallels between health and cyber security

Castle-and-moat cyber security has been abandoned because all threats can’t be blocked. This lesson needs…

53 mins ago

Shares of Australian miner BHP jump 3% after news of nickel supply deal with Tesla

"Demand for nickel in batteries is estimated to grow by over 500 per cent over…

53 mins ago

Newcastle United show ‘serious interest’ in Spurs defender

The Newcastle United target has 12 … The post Newcastle United show ‘serious interest’ in…

53 mins ago

Amazon and eBay next in line for ACCC’s digital platforms assault

The watchdog has now moved onto examining competition and consumer concerns with online retail marketplaces…

53 mins ago

‘One of the kindest people’ flew to Canberra ‘to flog Treasurer’

The West Australian has said he will not leave Canberra "until the job is done",…

53 mins ago

Meghan Markle’s brother Thomas reportedly arrives in Australia to appear in ‘Big Brother VIP’

The Duchess of Sussex’s estranged half-brother is believed to have touched down in Sydney on…

54 mins ago