Categories: GooglePushed

Google pushed a one-character typo to production, bricking Chrome OS devices

I guess three testing channels are not enough? —

Google broke a conditional statement that verifies passwords. A fix is rolling out.


Bloomberg / Getty Images

Google says it has fixed a major Chrome OS bug that locked users out of their devices. Google’s bulletin says that Chrome OS version 91.0.4472.165, which was briefly available this week, renders users unable to log in to their devices, essentially bricking them.

Chrome OS automatically downloads updates and switches to the new version after a reboot, so users who reboot their devices are suddenly locked out them. The go-to advice while this broken update is out there is to not reboot.

The bulletin says that a new build, version 91.0.4472.167, is rolling out now to fix the issue, but it could take a “few days” to hit everyone. Users affected by the bad update can either wait for the device to update again or “powerwash” their device—meaning wipe all the local data—to get logged in. Chrome OS is primarily cloud-based, so if you’re not doing something advanced like running Linux apps, this solution presents less of an inconvenience than it would on other operating systems. Still, some users are complaining about lost data.

ChromeOS is open source, so we can get a bit more detail about the fix thanks to Android Police hunting down a Reddit comment from user elitist_ferret. The problem apparently boils down to a single-character typo. Google flubbed a conditional statement in Chrome OS’s Cryptohome VaultKeyset, the part of the OS that holds user encryption keys. The line should read “if (key_data_.has_value() && !key_data_->label().empty()) {” but instead of “&&”—the C++ version of the “AND” operator—the bad update used a single ampersand, breaking the second half of the conditional statement.

Enlarge / ChromeOS’s programming typo. It happens to the best of us.

It sounds like, because of this error, Chrome OS never properly checked user passwords against the stored keys, so even correct passwords came back with a message saying, “Sorry, your password could not be verified.”

The whole selling point of Chrome OS is that it’s reliable and unbreakable, and botched updates like this hurt the OS. It’s not clear how such an obvious, show-stopping problem like this made it into the stable release channel. Chrome OS has three testing channels

Read More

News Bot

Share
Published by
News Bot
Tags: GooglePushed

Recent Posts

Jack Dorsey’s Square Buys Australian Fintech Company Afterpay for $29 Billion

Afterpay’s ”buy now, pay later“ model became popular among users during the pandemic Financial tech…

5 mins ago

Anna Gross, Film Exec Behind ‘The Neverending Story,’ Dies at 68

Gross also worked on Oscar winners like ”Tootsie,“ ”Out of Africa“ and ”Life Is Beautiful“…

5 mins ago

Iron Man ‘Could Be Played by Almost Anyone’? Marvel and Robert Downey Jr. Fans Revolt

Even Marvel director James Gunn calls the U.K.-based Sunday Times’ suggestion ”bulls—“ Would the “Iron…

5 mins ago

Kevin McCarthy: It Will Be ‘Hard Not to Hit’ Nancy Pelosi With Gavel if I Become House Speaker

House GOP leader made the joke at a Republican fundraiser in Tennessee Getty House Minority…

6 mins ago

Murdochs’ Sky News Australia Suspended From YouTube Over COVID-19 Misinformation

One-week suspension comes as News Corp Australia faces internal and external pressure over COVID-19 coverage…

6 mins ago

Ariana Grande Heads to ‘Fortnite’ for ‘Rift Tour’ Virtual Event

The Rift Tour will feature experiences that pair Grande's music with elements from Fortnite.As an…

6 mins ago