On Monday night, Variety reported that film editors around Los Angeles who had Avid Media Composer software installed were suddenly finding that their Macs were unable to reboot. The publication speculated that malware may have been the cause. On Wednesday, Google disclosed the real cause—a Chrome browser update.
Specifically, it was a new version of Chrome's Keystone updater that caused so many Macs to stop rebooting, according to this Chrome open bug post. When the update was installed on Macs that had disabled a security feature known as system integrity protection and met several other conditions, a crucial part of the Mac system file was damaged, a Google employee said in the forum.
"This appears to be an issue with a new version of Google Keystone," a different Google employee wrote earlier in the thread. "We have halted the rollout and are working on remediation right now."
[...] Google has instructions for restoring unbootable Macs here. The process involves booting into recovery mode and then opening a terminal window, which among other ways can be accessed from the utilities folder. From there, run the following commands:
chroot /Volumes/Macintosh\ HD # "Macintosh HD" is the default
rm -rf /Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle
mv var var_back # var may not exist, but this is fine
ln -sh private/var var
chflags -h restricted /var
chflags -h hidden /var
xattr -sw com.apple.rootless "" /varThen reboot.
If everything goes right, the Mac will restart with the buggy Chrome update no longer installed and with the damaged file system repaired. It wasn't immediately clear when a fixed version of the Chrome update will be available.
(Score: 2) by mth on Friday September 27 2019, @05:04AM (2 children)
If your only concern is security, I agree. But as a user, I do like not having to reboot on every system upgrade.
(Score: 1) by fustakrakich on Friday September 27 2019, @05:18AM (1 child)
I also question the quality of a system that needs so many upgrades so often. A system on ROM is invulnerable and can always boot clean when something breaks. All your drivers and whatnot stay outside the fence. Most of them should be on their own ROM also, ready to run when power is applied, not three minutes later like an old vacuum tube television.
La politica e i criminali sono la stessa cosa..
(Score: 2) by mth on Friday September 27 2019, @05:51AM
Code hasn't been running directly from ROM for a long time. I have an 80's computer which copies the ROM into write-protected RAM on startup so it can read it faster.
With modern flash ROMs, you can't even execute directly from them: you have to retrieve a whole page and then error-correct it before you can use the data.