As reported by TechCrunch:
Someone at Oculus screwed up pretty badly today [Wednesday]: An expired certificate appears to have soft-bricked all of the company's Rift VR headsets, with users still unable to fire up software on the devices and no word of an incoming fix from the company yet.
Issues were first reported several hours ago on Reddit, where a post on the topic has already garnered hundreds of comments. The problem seems to have resulted from Oculus failing to update an expired certificate with the update, which is now leaving users with an error message saying that the system "Can't reach Oculus Runtime Service."
If it must phone home, it is not yours. Words to live, and die, by.
(Score: 5, Insightful) by MostCynical on Friday March 09 2018, @01:27AM (5 children)
Alas, most will get angry at the device, and not get the lesson.
"I guess once you start doubting, there's no end to it." -Batou, Ghost in the Shell: Stand Alone Complex
(Score: 5, Insightful) by bzipitidoo on Friday March 09 2018, @04:27AM
What about the practice of using kill dates, without any graceful degradation? Go from working perfectly one second to dead, snuffed it, turned toes up to the daisies, like Monty Python's dead parrot, in the next second. Shouldn't that get some of the blame? Haven't we seen enough troubles from needless certificate and password churn? This is what now, over a dozen incidents in which a major website, even of supposedly technically savvy owners such as Microsoft and Google, has embarrassed themselves by forgetting their cert was about to expire?
There's a reason why forcing users to change passwords every month was quickly abandoned. That's brain dead, rigid security. Scaling back the forced change to once every 6 months or year didn't help.
Okay, car analogy time! Abrupt certificate expiry is like your car's engine going dead at midnight of the last day its annual license and/or inspection is valid. There you are, driving along, and bam! your engine stops, and neither you power steering or power brakes are powered any more. If you don't wreck, you end up stranded at the side of the road.
(Score: 4, Insightful) by tonyPick on Friday March 09 2018, @06:56AM (3 children)
Much as I hate them, this isn't a "phone home"/always connected style flaw.
The certificate expiration just means that the driver won't load past a certain date/time since the signing certificate used by the driver has expired. This happens when the time rolls forward, connected or not.
This was referenced from Ars, showing the step they missed:
https://msdn.microsoft.com/en-us/library/windows/desktop/bb931395.aspx [microsoft.com]
(Of course, self expiring drivers where nobody is left/willing/able to re-issue the driver with a new cert would be as bad as phone home IMO, but the two issues aren't necessarily related)
(Score: 2) by acid andy on Friday March 09 2018, @11:48AM (1 child)
Interesting. Is there a workaround for the end user? Can you add an exception, set the system date back or self-sign the driver somehow?
If a cat has kittens, does a rat have rittens, a bat bittens and a mat mittens?
(Score: 3, Informative) by tonyPick on Friday March 09 2018, @03:14PM
You can't self sign the driver, but according to the Ars story
(Score: 0) by Anonymous Coward on Friday March 09 2018, @05:17PM
you're missing the point. the point is if you act like a slave, you will be treated like a slave. you buy slaveware like a groveling piglet and you will get treated like bacon.