Categories: GooglePushed

Google pushed a one-character typo to production, bricking Chrome OS devices

I guess three testing channels are not enough? —

Google broke a conditional statement that verifies passwords. A fix is rolling out.


Bloomberg / Getty Images

Google says it has fixed a major Chrome OS bug that locked users out of their devices. Google’s bulletin says that Chrome OS version 91.0.4472.165, which was briefly available this week, renders users unable to log in to their devices, essentially bricking them.

Chrome OS automatically downloads updates and switches to the new version after a reboot, so users who reboot their devices are suddenly locked out them. The go-to advice while this broken update is out there is to not reboot.

The bulletin says that a new build, version 91.0.4472.167, is rolling out now to fix the issue, but it could take a “few days” to hit everyone. Users affected by the bad update can either wait for the device to update again or “powerwash” their device—meaning wipe all the local data—to get logged in. Chrome OS is primarily cloud-based, so if you’re not doing something advanced like running Linux apps, this solution presents less of an inconvenience than it would on other operating systems. Still, some users are complaining about lost data.

ChromeOS is open source, so we can get a bit more detail about the fix thanks to Android Police hunting down a Reddit comment from user elitist_ferret. The problem apparently boils down to a single-character typo. Google flubbed a conditional statement in Chrome OS’s Cryptohome VaultKeyset, the part of the OS that holds user encryption keys. The line should read “if (key_data_.has_value() && !key_data_->label().empty()) {” but instead of “&&”—the C++ version of the “AND” operator—the bad update used a single ampersand, breaking the second half of the conditional statement.

Enlarge / ChromeOS’s programming typo. It happens to the best of us.

It sounds like, because of this error, Chrome OS never properly checked user passwords against the stored keys, so even correct passwords came back with a message saying, “Sorry, your password could not be verified.”

The whole selling point of Chrome OS is that it’s reliable and unbreakable, and botched updates like this hurt the OS. It’s not clear how such an obvious, show-stopping problem like this made it into the stable release channel. Chrome OS has three testing channels

Read More

News Bot

Share
Published by
News Bot
Tags: GooglePushed

Recent Posts

Tap into your inner musician with this 4.5 star reviewed training bundle

You love music, and you’ve always dreamed of becoming a musician. Maybe you’ve strummed a…

11 mins ago

6 router settings you should change right now

This post has been updated. It was originally published on December 6, 2018. Your router’s…

11 mins ago

Sony WH-1000XM4 review: Noise-cancelling headphones you can live in

Can a single headphone contain multitudes? Can one piece of audio equipment be something to…

11 mins ago

The best headphone stands for audiophiles, gamers, and anyone with a desk

Best headphone stands for gamers Razer Base Station V2 Chroma Check Price Upgrade your gaming…

11 mins ago

Our infrastructure can’t handle climate disasters. We need to build differently.

Heat waves that buckle streets. Flash floods that wipe out entire towns. Wildfires that create…

11 mins ago