Categories: GooglePushed

Google pushed a one-character typo to production, bricking Chrome OS devices

I guess three testing channels are not enough? —

Google broke a conditional statement that verifies passwords. A fix is rolling out.


Bloomberg / Getty Images

Google says it has fixed a major Chrome OS bug that locked users out of their devices. Google’s bulletin says that Chrome OS version 91.0.4472.165, which was briefly available this week, renders users unable to log in to their devices, essentially bricking them.

Chrome OS automatically downloads updates and switches to the new version after a reboot, so users who reboot their devices are suddenly locked out them. The go-to advice while this broken update is out there is to not reboot.

The bulletin says that a new build, version 91.0.4472.167, is rolling out now to fix the issue, but it could take a “few days” to hit everyone. Users affected by the bad update can either wait for the device to update again or “powerwash” their device—meaning wipe all the local data—to get logged in. Chrome OS is primarily cloud-based, so if you’re not doing something advanced like running Linux apps, this solution presents less of an inconvenience than it would on other operating systems. Still, some users are complaining about lost data.

ChromeOS is open source, so we can get a bit more detail about the fix thanks to Android Police hunting down a Reddit comment from user elitist_ferret. The problem apparently boils down to a single-character typo. Google flubbed a conditional statement in Chrome OS’s Cryptohome VaultKeyset, the part of the OS that holds user encryption keys. The line should read “if (key_data_.has_value() && !key_data_->label().empty()) {” but instead of “&&”—the C++ version of the “AND” operator—the bad update used a single ampersand, breaking the second half of the conditional statement.

Enlarge / ChromeOS’s programming typo. It happens to the best of us.

It sounds like, because of this error, Chrome OS never properly checked user passwords against the stored keys, so even correct passwords came back with a message saying, “Sorry, your password could not be verified.”

The whole selling point of Chrome OS is that it’s reliable and unbreakable, and botched updates like this hurt the OS. It’s not clear how such an obvious, show-stopping problem like this made it into the stable release channel. Chrome OS has three testing channels

Read More

News Bot

Share
Published by
News Bot
Tags: GooglePushed

Recent Posts

This guy spent five years building this world record domino robot

Mark Rober, the former NASA engineer who builds all those package thief glitter bombs, spent…

55 mins ago

Are we getting cyber security skills all wrong?

Thank you for joining!Access your Pro+ Content below. 27 July 2021Are we getting cyber security…

55 mins ago

Intel will build chips for Qualcomm as part of its ambitious foundry plans

Earlier today, Intel unveiled detailed plans for its future chip technology, describing how it plans…

56 mins ago

Lucasfilm hires YouTuber who used deepfake to improve ‘The Mandalorian’

Luke Skywalker's CGI face in the character's The Mandalorian cameo was met with a lot…

56 mins ago

Samsung’s 49-inch mini-LED gaming monitor will sell for $2,500

How much would you spend for a no-compromise mini-LED gaming monitor? Samsung thinks it has…

56 mins ago

Samsung says an S Pen for foldables is coming at Unpacked

Ahead of its upcoming Galaxy Unpacked event, Samsung has published a blog post by its…

56 mins ago