Stories
Slash Boxes
Comments

SoylentNews is people

posted by Fnord666 on Friday September 27 2019, @02:07AM   Printer-friendly
from the testing-is-a-good-thing dept.

On Monday night, Variety reported that film editors around Los Angeles who had Avid Media Composer software installed were suddenly finding that their Macs were unable to reboot. The publication speculated that malware may have been the cause. On Wednesday, Google disclosed the real cause—a Chrome browser update.

Specifically, it was a new version of Chrome's Keystone updater that caused so many Macs to stop rebooting, according to this Chrome open bug post. When the update was installed on Macs that had disabled a security feature known as system integrity protection and met several other conditions, a crucial part of the Mac system file was damaged, a Google employee said in the forum.

"This appears to be an issue with a new version of Google Keystone," a different Google employee wrote earlier in the thread. "We have halted the rollout and are working on remediation right now."

[...] Google has instructions for restoring unbootable Macs here. The process involves booting into recovery mode and then opening a terminal window, which among other ways can be accessed from the utilities folder. From there, run the following commands:

chroot /Volumes/Macintosh\ HD # "Macintosh HD" is the default
rm -rf /Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle
mv var var_back # var may not exist, but this is fine
ln -sh private/var var
chflags -h restricted /var
chflags -h hidden /var
xattr -sw com.apple.rootless "" /var

Then reboot.

If everything goes right, the Mac will restart with the buggy Chrome update no longer installed and with the damaged file system repaired. It wasn't immediately clear when a fixed version of the Chrome update will be available.


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2) by mth on Friday September 27 2019, @03:55AM (5 children)

    by mth (2848) on Friday September 27 2019, @03:55AM (#899420) Homepage

    The "System Integrity Protection" is a mechanism to reject writes to certain system areas, even to root, except by processes with dedicated privileges. This mechanism is turned on by default, but the affected people had turned it off. Which, according to the WIkipedia page, is a far from trivial process, so they must have done so deliberately. Maybe Avid Media Composer doesn't play well with it, but that's just a guess based on the reporting that users of that particular piece of software were affected.

    Starting Score:    1  point
    Karma-Bonus Modifier   +1  

    Total Score:   2  
  • (Score: 2, Insightful) by fustakrakich on Friday September 27 2019, @03:59AM (3 children)

    by fustakrakich (6150) on Friday September 27 2019, @03:59AM (#899423) Journal

    except by processes with dedicated privileges.

    There should be no such thing. Load that stuff in another space.

    --
    La politica e i criminali sono la stessa cosa..
    • (Score: 2) by mth on Friday September 27 2019, @05:04AM (2 children)

      by mth (2848) on Friday September 27 2019, @05:04AM (#899444) Homepage

      If your only concern is security, I agree. But as a user, I do like not having to reboot on every system upgrade.

      • (Score: 1) by fustakrakich on Friday September 27 2019, @05:18AM (1 child)

        by fustakrakich (6150) on Friday September 27 2019, @05:18AM (#899447) Journal

        I also question the quality of a system that needs so many upgrades so often. A system on ROM is invulnerable and can always boot clean when something breaks. All your drivers and whatnot stay outside the fence. Most of them should be on their own ROM also, ready to run when power is applied, not three minutes later like an old vacuum tube television.

        --
        La politica e i criminali sono la stessa cosa..
        • (Score: 2) by mth on Friday September 27 2019, @05:51AM

          by mth (2848) on Friday September 27 2019, @05:51AM (#899455) Homepage

          Code hasn't been running directly from ROM for a long time. I have an 80's computer which copies the ROM into write-protected RAM on startup so it can read it faster.

          With modern flash ROMs, you can't even execute directly from them: you have to retrieve a whole page and then error-correct it before you can use the data.

  • (Score: 2, Interesting) by Anonymous Coward on Friday September 27 2019, @05:12AM

    by Anonymous Coward on Friday September 27 2019, @05:12AM (#899445)

    AVC injects a module into the kernel in order to hide their DRM dongle from most processes. It is basically an anti-circumvention measure, but in order to work, their installer turns off SIP.