Categories: GooglePushed

Google pushed a one-character typo to production, bricking Chrome OS devices

I guess three testing channels are not enough? —

Google broke a conditional statement that verifies passwords. A fix is rolling out.


Bloomberg / Getty Images

Google says it has fixed a major Chrome OS bug that locked users out of their devices. Google’s bulletin says that Chrome OS version 91.0.4472.165, which was briefly available this week, renders users unable to log in to their devices, essentially bricking them.

Chrome OS automatically downloads updates and switches to the new version after a reboot, so users who reboot their devices are suddenly locked out them. The go-to advice while this broken update is out there is to not reboot.

The bulletin says that a new build, version 91.0.4472.167, is rolling out now to fix the issue, but it could take a “few days” to hit everyone. Users affected by the bad update can either wait for the device to update again or “powerwash” their device—meaning wipe all the local data—to get logged in. Chrome OS is primarily cloud-based, so if you’re not doing something advanced like running Linux apps, this solution presents less of an inconvenience than it would on other operating systems. Still, some users are complaining about lost data.

ChromeOS is open source, so we can get a bit more detail about the fix thanks to Android Police hunting down a Reddit comment from user elitist_ferret. The problem apparently boils down to a single-character typo. Google flubbed a conditional statement in Chrome OS’s Cryptohome VaultKeyset, the part of the OS that holds user encryption keys. The line should read “if (key_data_.has_value() && !key_data_->label().empty()) {” but instead of “&&”—the C++ version of the “AND” operator—the bad update used a single ampersand, breaking the second half of the conditional statement.

Enlarge / ChromeOS’s programming typo. It happens to the best of us.

It sounds like, because of this error, Chrome OS never properly checked user passwords against the stored keys, so even correct passwords came back with a message saying, “Sorry, your password could not be verified.”

The whole selling point of Chrome OS is that it’s reliable and unbreakable, and botched updates like this hurt the OS. It’s not clear how such an obvious, show-stopping problem like this made it into the stable release channel. Chrome OS has three testing channels

Read More

News Bot

Share
Published by
News Bot
Tags: GooglePushed

Recent Posts

Dipping a ball in titanium tetrachloride to make the world’s smokiest ball

This guy bought some titanium tetrachloride which basically turns into white smoke when exposed to…

24 mins ago

FDA clears Synchron’s brain-computer interface device for human trials

A company that makes an implantable brain-computer interface (BCI) has been given the go-ahead by…

24 mins ago

Google will require coronavirus vaccines for returning office employees

Google will require its employees to get vaccinated against the coronavirus before they’re allowed to…

24 mins ago

State attorneys general will appeal dismissal of Facebook antitrust suit

The antitrust lawsuit brought by 48 attorneys general against Facebook isn't dead yet. A federal…

24 mins ago

Activision Blizzard CEO says response to harassment lawsuit was ‘tone deaf’

Following nearly a week of internal unrest, Activision Blizzard has published a letter from CEO…

24 mins ago

James Bond’s iconic Aston Martin is coming to ‘Rocket League’

Yet another iconic car is coming to Rocket League, and it's one that'll be nigh-on…

24 mins ago