Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
×
Bug Chrome

Mysterious Mac Pro Shutdowns Likely Caused By Chrome Update (tomshardware.com) 91

A faulty Google Chrome update is likely to blame for the issue Monday that resulted in Mac Pro workstations being rendered unusable at a number of Hollywood studios. "We recently discovered that a Chrome update may have shipped with a bug that damages the file system on MacOS machines," the company wrote in a forum post. "We've paused the release while we finalize a new update that addresses the problem." Variety reports: Reports of Mac Pro workstations refusing to reboot started to circulate among video editors late Monday. At the time, the common denominator among impacted machines seemed to be the presence of Avid's Media Composer software. The issue apparently knocked out dozens of machines at multiple studios, with one "Modern Family" reporting that the show's entire editing team was affected. Avid's leadership updated users of its software throughout the day, advising them to back up their work and not to reboot their machines.

The real culprit was apparently a recent release of Google's Keystone software, which is included in its Chrome browser to automatically download updates of the browser. On computers that had Apple's System Integrity Protection disabled, the update corrupted the computer's file system, making it impossible to reboot. System Integrity Protection is an Apple technology that is meant to ensure that malicious software doesn't corrupt core system files. Google advised affected users on how to uninstall the Chrome update, and also suggested that most users may not be at risk at all. "If you have not taken steps to disable System Integrity Protection and your computer is on OS X 10.9 or later, this issue cannot affect you," the forum post reads. A possible connection to Chrome was first detailed on the Mr. Macintosh blog Tuesday afternoon.
As for why several Hollywood studios were hit the hardest, one theory suggests it's because many of the video editors had to disable System Integrity Protection in order to work with external audio and video devices that are common in professional editing setups.

Variety also suggests that the hardware dongles used for licensing Avid may have played some role in the shut-downs.
This discussion has been archived. No new comments can be posted.

Mysterious Mac Pro Shutdowns Likely Caused By Chrome Update

Comments Filter:
  • SIP needs to be disabled for unsigned kernel extensions.
    Which begs the question, what hardware where these movie production houses running that needed unsigned kernel extensions?
    Does AVID hardware need unsinged kernel extensions for their cards or dongles?
    Or, were they running Hackintoshes which requires SIP to be disabled?

    • by guruevi ( 827432 ) on Wednesday September 25, 2019 @09:16PM (#59237630)

      Avid requires it for their USB dongles. ReFX does the same and there is a host of other software that does the same thing, when SIP got released a few years ago, they simply refused to update their software and instead chose to simply disable SIP.

      • by dgatwood ( 11270 )

        If true, I'm beyond horrified. That would be a new low, even for AVID, which given the sorts of games they used to play back in the day, is saying something.

        Why in h*** would a USB dongle need a kernel-mode driver in the first place? It's USB! That's what user-space device interfaces are for.

        SMH.

        • by elcor ( 4519045 ) on Wednesday September 25, 2019 @11:08PM (#59237892)
          the USB dongle needs kernel mode driver to avoid being listened on by memory sniffers that's how pirates make emulators.
          • by Anonymous Coward on Wednesday September 25, 2019 @11:40PM (#59237950)

            the USB dongle needs kernel mode driver to avoid being listened on by memory sniffers that's how pirates make emulators.

            Which is ironic as hell given that SIP would be the very thing preventing you from running a memory sniffer in the first place, and disabling SIP makes it trivial to do so.

            This is why the world switched to smartcards containing half a key pair that you issue challenges to over USB.

            If a pirate can crack sha256 RSA without the private key, frankly they wouldn't need to, they would have all the data and access to be had and could just buy a billion AVID licenses for everyone, seeing as they would also have all the worlds money.

            • It's not laziness. they need a kernel driver because if they used a user-space driver, you wouldn't even need to sniff memory to crack it, you could write a user-space program that performs a man-in-the-middle attack on the USB key and the application.

              The interesting question is why is Chrome doing anything with /var? The answer probably has to do with generating a UUID for everyone's computer for Chrome's video DRM and tracking users.

              • by dgatwood ( 11270 )

                It's not laziness. they need a kernel driver because if they used a user-space driver, you wouldn't even need to sniff memory to crack it, you could write a user-space program that performs a man-in-the-middle attack on the USB key and the application.

                And I can stick a bus analyzer on the USB bus, too. Anything vulnerable to that sort of sniffing is just as vulnerable whether you're sniffing it in software or in hardware.

                Besides, dongles are an abomination. On average, copy protection technology lasts O(w

      • > when SIP got released a few years ago, they simply refused to update their software and instead chose to simply disable SIP.

        Could it be that they don't see the reason to update their software to a newer version every single year, especially when the work they do involves multi-year projects and they don't want to have to constant stop and re-learn every time the UI / UX changes because some "designer" needs to justify their job by changing it?

        No matter - the movement to make all software subscription b

        • You know we are talking about a god damn USB device driver, right? For the licensing dongle for software? Which Avid probably doesn't even make, and just licenses themselves?

          Nice screed though.

        • by jythie ( 914043 ) on Thursday September 26, 2019 @08:13AM (#59238964)
          Updating your software along with OS release schedules should be a planned part of development. OSes are constnatly locking things down as they try to deal with security issues and applications sometimes need to be adjusted as weak points get closed off, even if they were weak points that made the developer's life easier. Quite a few apps I've worked on over the years had to be updated when various OSes moved away from 'everything runs as root' systems.
          • I'd say that these editing workstations should probably not even be connected to the Internet, but they did have Google Chrome.

            Some of these workflows take years to fine tune, and often involve archaic software. The best solution is often to freeze your security level and just don't put yourself at risk. Even yearly software updates is sometimes too much.

            • by jythie ( 914043 )
              Yeah, I tend to be in favor of walling off machines that require exotic OS altering software used for multiyear projects. A common solution would be lock down the workstation and let them use a laptop or something for all their web browsing needs, though I guess how well that works would depend on how they get relevant files on and off the machines.

              Last project I worked on that had a media aspect involved a lot of layout files and such being passed around as email attachments or accessed via web based con
              • True. A walled-off Intranet might be fine too. Especially since any big video shop is going to be using SANs anyway.

        • Could it be that they don't see the reason to update their software to a newer version every single year, especially when the work they do involves multi-year projects and they don't want to have to constant stop and re-learn every time the UI / UX changes because some "designer" needs to justify their job by changing it?

          From what I have read, it is because Avid (like Adobe and some others), take "a while" to start "officially" supporting a New OS version, and when time and lack-of-hiccups are of the essence (like with video and audio recording, editing and post-production), it is easier just to keep running the same version of OS and Applications for as long as practical.

          This is one of the reasons why, as I have been told, Abbey Road Studio keeps at least one copy of all their old versions of software and hardware running,

      • by jythie ( 914043 )
        Huh. I had mostly heard people assuming it was to load an nVidia driver, but that might have just been a case of existing narrative fitting into a new outrage.
    • People using hardware Apple refuses to sign drivers for. Like Nvidia gpus

    • Maybe they wanted actual product choice, and wanted to run Nvidia GPUs, where the only reason you can't run the latest in a Mac is because Apple won't sign the drivers that Nvidia writes and puts on their website.

      Apple's can fuck off for hobbling their customers out of keeping a grudge alive.

    • by lgw ( 121541 )

      Why on Earth would Chrome affect any of this? How do you even?

      I can't imagine the combination of stupid in both OS and web browser that allows a software update to corrupt a file system.

    • by tlhIngan ( 30335 )

      SIP needs to be disabled for unsigned kernel extensions.
      Which begs the question, what hardware where these movie production houses running that needed unsigned kernel extensions?
      Does AVID hardware need unsinged kernel extensions for their cards or dongles?
      Or, were they running Hackintoshes which requires SIP to be disabled?

      One common one is nVidia cards. They make awesome hardware, but their business practices leave something to be desired.

      It basically boils down to several things - from the 2008 GPU recal

  • It just works
  • Stuck on "Stupid" (Score:4, Interesting)

    by Brett Buck ( 811747 ) on Wednesday September 25, 2019 @08:47PM (#59237546)

    When I read the headline, I thought "That can't happen! What kind of bug bypasses System Integr....Oh". "Wait, what brand of idiot turns off...." ... Oh. Hollywood"

            Chrome having a bug that corrupts the file system is a sad situation, bad on them, but you have to give extra credit to people who turn off the more-or-less bulletproof system that prevents bugs like that from propagaing, or accept ancillary devices that require that to be off to function.

    • Re:Stuck on "Stupid" (Score:4, Interesting)

      by Anonymous Coward on Wednesday September 25, 2019 @09:12PM (#59237618)

      When I read the headline, I thought "That can't happen! What kind of bug bypasses System Integr....Oh". "Wait, what brand of idiot turns off...." ... Oh. Hollywood"

              Chrome having a bug that corrupts the file system is a sad situation, bad on them, but you have to give extra credit to people who turn off the more-or-less bulletproof system that prevents bugs like that from propagaing, or accept ancillary devices that require that to be off to function.

      The software used by Hollywood video editors is heavily DRM'd. Heavily. And like all DRM, it is the shittiest of the shit.

      I wouldn't be surprised if they had to turn off SIP in order to get the drivers for their DRM Dongles to work.

      • by CanadianMacFan ( 1900244 ) on Wednesday September 25, 2019 @09:24PM (#59237648)

        Would you trust Hollywood not to pirate your software?

      • Oh, the irony. Content creators, who are the cheerleaders for DRM, getting disproportionately fucked over by DRM.

        The universe really does have a way of self-correcting.

      • by AmiMoJo ( 196126 )

        It's a drive issue. They need to disable SIP to make their video capture cards work because they don't have drivers signed by Apple.

        Depending on who you ask it's either the video capture device manufacture being too cheap to get the drivers signed, or Apple refusing to for some reason.

        • They need to disable SIP to make their video capture cards work

          Video capture cards.... Unless you're doing live production, everything is both digital and already on a filesystem. And show me an HD SDI capture device that doesn't have signed drivers. Are you stuck in the 90s?

      • There's a story my friend tells about how this one studio he worked at tried and failed for a week to get Maya licensing to work on their network, even the guys from Autodesk couldn't get it to work, so they said "Ok, fine, just use the crack".

    • When I read the headline, I thought "That can't happen! What kind of bug bypasses System Integr....Oh". "Wait, what brand of idiot turns off...." ... Oh. Hollywood"

      I thought: Oh, Apple...

      Because their shit like usual doesn't fucking work unless you turn stuff like that off.

    • by jythie ( 914043 )
      Let us also not forget though, this also means that the Chrome updater is running as root instead of a user process, otherwise even with SIP turned off it would not be able to do that kind of damage.
      • Let us also not forget though, this also means that the Chrome updater is running as root instead of a user process, otherwise even with SIP turned off it would not be able to do that kind of damage.

        Exactly.

  • by Now15 ( 9715 ) on Wednesday September 25, 2019 @09:02PM (#59237596) Homepage

    Add this to the list of rubbish software by Google. People just assume that because a small number of Google projects have legitimately impressing programming prowess that this standard of quality is consistent among the ~30,000 engineers at the company. In my experience, Google software tends to be fairly poor on average.

    Legitimately good:

    * Some parts of Android
    * Chrome (due in no small part to the architectural origins set by KHTML and Apple)
    * V8

    Assumed to be good because the results are great but who the fuck knows what sort of hacked up garbage is under the hood:

    * Google search
    * Google maps
    * Advertising networks
    * ChromeOS

    Was already good when they bought the company that made it:

    * Google Docs
    * Google Earth
    * SketchUp

    Hot garbage:

    * Many parts of Android
    * Most of the Android SDK
    * Google Desktop, Toolbar, Talk and countless other pieces of shit Windows software

    • linux repo update system better then each app having it's own update system / app.

    • a modern browser is. They're like little Operating Systems that are also under constant attack.

      Speaking of Operating systems, why the hell is it even possible for a userland app to corrupt a file system in a modern Unix? I don't care if SIP is off or not.
      • Thatâ(TM)s like asking: why can an elevated user still run: rm -rf /

        Apple did prevent this from happening. They also provided a way for advanced and knowledgable users to disable it if they needed to, and Avid abused that.

        • To many of us, filesystems are ext4, fat32, apfs, ntfs, etc.
          Creating a filesystem is also known as "formatting the drive". When you format a drive, you create the filesystem. You don't yet have any files, you just have a filesystem - structures that can later be used to organize field. Applications shouldn't be do anything to the filesystem, or even know which filesystem you are using. They should just work with the files.

          The bug deletes a *file*. It does not do anything to the *filesystem*. Specificall

        • by jythie ( 914043 )
          Even with SIP disabled, that still leaves the question of why Chrome's updater needed to run as root. If it was user process, it would not have been able to wipe var even with SIP turned off.
          • Even on Windows, you can either install Chrome as an unprivileged user or as adminstrator (systemwide). To make a program available to all users, you have to have access to system files and folders.

    • by lgw ( 121541 )

      When Chrome first released, you could type a couple characters into the browser address bar, and crash Chrome. Despite the lies that every tab runs in its on isolated process, you'd crash all of Chrome. Some isolation.

      "Chrome", as such, was never good. Chrome was hot garbage dumped over some good components they took from others.

  • I know! I know! Let's see now...

    Because it prevents their Scientology overseers from monitoring the progress of their artistic projects!

  • by cubicle ( 121759 ) on Wednesday September 25, 2019 @09:54PM (#59237722) Homepage

    Googles Response was why turn off system integrity. My response why is your software modifying the file system outside your applications bundle and the users setting folder. One of the things I like about OS X is you don't have to modify the registry or even run an installer. All you normally have to do is drag the applications bundle to the application folder, which is how commercial software on the Mac should install. To Non Mac programmers the application bundle is a special folder that ends in .app. When you click the folder there is a script which is kind of like the autostart that you used to find on Windows CD DVD that in Windows usually launched an installer. In this case the script launches the application which is usually hidden in the application bundle folder. If you want to learn more about bundles I would look at Nextstep and it's Afterstep for a simple explanation, Apple took this from the Next Computer when Apple bought Next after Apple re-hired Steve jobs who started Next computer.

    • It's been ages since I wrote an OpenStep app, but there was no "autorun" script - just a plist file that described the structure; the DE was responsible for parsing it and getting the binary running.

      The autorun system was arbitrary code execution as a feature.

      • by cubicle ( 121759 )

        I was making a comparison between something a windows developer would understand and a mac developer would understand I was in no way trying to say they are the same thing but comparing different technologies which work in similar ways. My main point was to show two instances where you click on a folder and an something happens where you did not click on the executable directly.

  • Ad company (Score:4, Insightful)

    by AHuxley ( 892839 ) on Wednesday September 25, 2019 @10:14PM (#59237774) Journal
    Why let an ad company into your computers?
    They are only interested in tracking users and ensuring the ads show.
    Find a web browser that is a web browser and not the user end of an ad delivery network.
  • Need better QA and apple needs to be more open (DON'T block nvida and don't force people to edit pcid's to use non apple ati cards)

    • by jythie ( 914043 )
      Are they really blocking nvidia, or is nvidia refusing to go through the signing process? Signing drivers is usually not a big deal, which makes me wonder if nvidia is just trying to mobilize its fanbase against apple for something that is their own fault.
  • by EzInKy ( 115248 )

    Who in the world would design a web browser that can crash a whole system, and what system developer would be stupid enough to allow such a thing to happen?

    • Read the article - for some reason (perhaps to permit some peripherals that are poorly design) the "victims" had SIP, intended to prevent exactly that, OFF.

    • by AHuxley ( 892839 )
      Surf the web with extra ads while the Mac works away on the movie?
    • Re:WTF? (Score:5, Informative)

      by 93 Escort Wagon ( 326346 ) on Thursday September 26, 2019 @02:10AM (#59238190)

      It’s not the Chrome web browser - it’s the Google Keystone auto update software that basically tricks users into giving it stupidly high privileges so it can update Chrome itself and also dig through parts of all users home directories.

      Chrome works just fine without Keystone, it just updates on launch rather than in the background. There’s really no good reason to actually install Keystone on most machines.

    • by jythie ( 914043 )
      It required both SIP to be disabled in order for some DRM to work AND that fact Chrome's updater runs as root. So OSX had two layers of protection against something like happening and required two separate vendors requiring both layers to be disabled.
    • by jythie ( 914043 )
      Heh, I remember that!

      Upthread there was someone complaining about how software developers should not have to update their applications just because "every time the UI / UX changes because some "designer" needs to justify their job by changing it?".... but the EvE story is a good example of exactly the type of loophole system designers have been closing for years and software that requires it really needs to change.
  • System Integrity Protection off missing from qa!

  • All I read was if you don't have extra protection, Chrome will corrupt your filing system. I hate to be modded into oblivion, but when I require Chrome (or any Google or Adobe product) I run it in a VM, and I use my CS4 quite often. I wish InDesign and Visio would have a baby and sell it for $20.
  • Are they refusing to shutdown?

    or are they refusing to reboot?

    From this post :

    "Mysterious Mac Pro Shutdowns Likely Caused By Chrome Update " (The title)

    "Reports of Mac Pro workstations refusing to reboot started to circulate among video editors late Monday." (First quoted line of text)

    • In other news: Hundreds if not thousands Mac Pros have gathered outside their respective studios and refuse to reboot or shutdown. Battle cries for pro-choice and dignity echo in the air.

  • by aglider ( 2435074 ) on Wednesday September 25, 2019 @11:55PM (#59237978) Homepage

    By a browser can only occur when you directly access the underlying block device. Which is usually unwritable by normal users/applications.
    Or when the filesystem is buggy.
    In the latter case you can blame the application for triggering a bug, not for causing the damage.

    • by vrt3 ( 62368 ) on Thursday September 26, 2019 @04:32AM (#59238442) Homepage

      "A bug that damages the file system" is what was said, but that is not the correct description of the bug. See this comment in the Chromium bug tracker: https://bugs.chromium.org/p/ch... [chromium.org]:

      ... Upon meeting these conditions, Keystone 1.2.13.75 will remove the /var symbolic link. This results in system instability that may include ...

      So the file system is not damaged in the sense of corrupt inodes or things like that; it's just that Keystone removes things that no application should ever even begin to think about removing.

    • The root directory, /, must be writable by the logged-in user.

      Wtf?

    • The word filesystem is used to refer to both the on-disk block format (ext2, hfs, etc) and also the hierarchy of major system folders. It's the latter definition they were referring to, but the summary was very unclear on that. To use an analogy, you're looking at the wrong level of the OSI model.

      If someone asked you, what is the basic Linux filesystem structure, would you answer with the technical details of ext or with the main folders of /home/ /var/ and /bin/ and so on?

  • var-sectomy (Score:5, Funny)

    by Retired ICS ( 6159680 ) on Thursday September 26, 2019 @12:03AM (#59237990)

    I love the headline that The Register used for this article, that Google gave Apple a var-sectomy in order to stop Apple from breeding. Bloody brilliant!

  • Apple blames OS crash on the application, who woulda thunkit? "You're running on it wrong!!!"

  • ArsTechnica [arstechnica.com]

    The specific conditions required for the Chrome update to make this change are:

    SIP must be disabled (or not present, as is the case pre-OS X 10.11)

    The root directory, /, must be writable by the logged-in user

    A Keystone version containing the bug, 1.2.13.75, must be installed

    Keystone must update a product that it supervises.

    Nutscrape never asked for those permissions.

  • An honest question: was it "... the update corrupted the computer's file system ... " or did it actually corrupted system files - because seems like a big difference to me?
  • Don't blame it on the disabled setting, it's still Google's fault, how can an update of a browser corrupt a system this much...
  • I am sure this is a purposeful attempt by Google to show how unreliable Mac hardware is.
    or their programmers f*ed things up.
    Take your pick. Sort of an Occam's razor thing.
  • It doesn't damage the file system. It damages system files. There is a distinct difference.

You are always doing something marginal when the boss drops by your desk.

Working...