Oculus Rift Headsets Are Offline Following a Software Error (polygon.com) 111
Polygon reports that Oculus Rift virtual reality headsets around the world are experiencing an outage. The outage appears to be a result of an expired security certificate. "That certificate has expired," said the Oculus support team on its forums, "and we're looking at a few different ways to resolve the issue. We'll update you with the latest info as available. We recommend you wait until we provide an official fix. Thanks for your patience." Polygon reports: One place where users experiencing the issue are gathering is on the Oculus forums. Last night user apexmaster booted up his computer, tried to open the Oculus app and was greeted by an error indicating that the software could not reach the "Oculus Runtime Service." That same error is cropping up on computers all around the world, including several devices here at Polygon. Once it has appeared, there's no way to restart the Oculus app, which renders the Rift headset unusable.
Re: (Score:1)
And confirmed that changing your computer's clock back a few days resolves the issue.
Cool, I got that VR humble bundle a while back, I've been meaning to try it out.
Ouch (Score:4, Insightful)
It sounds like The Cloud bites again!
gridlock (Score:4, Interesting)
This, except now imagine that it's your self-driving, no steering wheel car. Will the manufacturer give you a note telling your boss that you couldn't make it to work because of a buggy software update?
Re: (Score:3)
Buggy software problem? Have you tried turning the horse off and on again?
Re:gridlock (Score:5, Insightful)
On a deeper level, who the fuck would ever pay for an Oculus product going forward when this just proves you can't actually buy one to own and they can shut you down at any time (CRL, anyone?).
Re:gridlock (Score:5, Insightful)
Yeah... it's sort of hard to believe the bumbling that would allow a certificate to expire before realizing that it would shut down every single one of their users. I mean, I understand bugs slip through, but this is sort of astoundingly bad.
More to the point, as you indicated, what the hell is an expiring certificate doing in their software anyhow? A normal code-signing certificate expires after a time, but the software that was signed with it does NOT expire. We now know that their device-critical software has a time bomb in it that only they can periodically reset, and they were already slipshod enough to miss the deadline once.
Re: (Score:3)
More to the point, as you indicated, what the hell is an expiring certificate doing in their software anyhow? A normal code-signing certificate expires after a time, but the software that was signed with it does NOT expire. We now know that their device-critical software has a time bomb in it that only they can periodically reset, and they were already slipshod enough to miss the deadline once.
This is what I don't get. If anyone who has a Rift not working check signing date of: c:\Program Files\Oculus\Support\oculus-runtime\OculusAppFramework.dll
From explorer right click select digital signatures and the signing date should be there.
My system works even though DLL was signed with the same now expired cert however my Rift was firewalled and runtime hasn't been updated in ages.
Found this post about release notes on the 5th starting to wonder whether problem is they actually did sign this thing usi
Tells us how it goes in 10 years... (Score:1)
When hopefully your company has grown to 200-300 people and the production support team reminded the dev team who told them that was their job after the reorg and they need to talk to the product manager to get approval for the purchase and the product manager emailed finance who was going to ask a question but was distracted and forgot and ... oops.
Itâ(TM)s not a valid excuse but itâ(TM)s what happens. OfficeSpace is not a comedy, itâ(TM)s a warning.
Re: (Score:2)
I don't think this is actually a problem with a code-signing certificate. Or at least, I can't figure out how they could screw that up. There's nothing in your own code which checks for that. It's a function of the OS.
This sounds like something a bit different, like their own code is checking for a cert. But for what possible reason, I can't imagine. Maybe some sort of DRM or authentication system?
I don't have this hardware, but I'm sort of interested to hear what actually happened here. We might neve
Re: (Score:1)
Re: (Score:2)
Did they sign the code with the expired certificate and then push it out? I would have expected headlines like "Latest Oculus update breaks Rift" over "Expired certificate breaks Rift", if so, but it would make more sense.
If that was the path, it feels a bit more understandable; it's more "pushed out code with something that broke", which is still bad, but not a time bomb.
Re: (Score:3)
Re: (Score:2)
There is if you make one. If you're reinstalling, you've backed up the app store download to a disk to use for future recovery. Otherwise, you're always forced to the latest release.
Re: (Score:3)
Or, alternatively, let me use my hardware/software without an internet connection. Almost as though I owned it....
Re: (Score:1)
Re: (Score:2)
It's not buggy software. The software seems to be doing exactly what it was intended to do. This is a fucking specification problem - some idiot decided that proper behavior is to shut down the system when a cert expires, instead of simply warning the user and asking if it was OK to continue.
This is what I don't understand. The software .. at least version of it I have appears to actually be signed properly including third party timestamps that would allow signatures to remain valid post expiration.
If they never intended for the software to work past expiration date why bother with countersigning?
My Oculus works and it is signed with the same expired cert. I just have an older runtime than everyone else.
Re: (Score:2)
The problematic certificate is missing exactly those third party timestamps that you apparently have in your older runtime so Windows stops executing the code once the certificate expires. I guess a problem during the build process, maybe the third party server was not reachable.
Re: gridlock (Score:2)
Cert may have been revoked by Symantec following the private key debacle with Trustico.
Re:gridlock (Score:5, Insightful)
Can't access it? Security feature. It's undeniably secure.
Just wait until Ford or Toyota or VW inadvertently lets a certificate expire and a few hundred million vehicles glide silently to a stop ... wherever they may happen to be,
Re: (Score:1)
Can't access it? Security feature. It's undeniably secure.
Just wait until Ford or Toyota or VW inadvertently lets a certificate expire and a few hundred million vehicles glide silently to a stop ... wherever they may happen to be,
Wish I had mod points...
Re: (Score:2)
Fun part: those that didn't get updates are reporting that they didn't get fucked by this feature in rift. Their runtime just ignores said certificate.
Re: (Score:1)
Will the manufacturer give you a note telling your boss that you couldn't make it to work because of a buggy software update?
You won't need a note.
You'll be dead in the car crash.
If it will make you feel better . . . the rescue workers will pin a note on your corpse.
Re: (Score:2)
I'm just surprised that enough people are still using VR to even notice.
Re: gridlock (Score:1)
are still using VR
Let's see, which is more likely: A) we're already past "peak VR"
...or B) you're a moron.
Re: (Score:2)
In his defence, A.
Very few people have bought a VR headset, and even fewer continue to use it as a regular thing.
Must be Italian (Score:1)
FRA-GEEEEEE_LAY
What an utterly amateurish thing to do (Score:5, Interesting)
Pathetic. First, a single-point-of-failure like that is not acceptable in anything except things that need a high security level. And second, if you put in something like that, then you make damn sure something like this does not happen. Obviously, these people are either completely incompetent or do not care at all about their customers once they have the money.
Re: (Score:2)
This is what happens when a company believes that "move fast and break things" is a reasonable development model. Unsurprisingly, things tend to break fairly often.
Re: (Score:2)
Actually, "move fast and break things" is find if you are smart, experienced and understand what not to break. Average people cannot make that model work though and these are average people with delusions of greatness.
Re: (Score:2)
It was just a code-signing certificate that they used on all their executables that expired and Windows won't run an exe with an expired cert. It's good security practice to sign all your executables to prevent them from being altered or hacked.
Their only problem is that they should have renewed the certificate in one of their updates prior to today but I'm guessing the one person that knew probably was let go at some point.
Re: (Score:2)
No, an expired certificate does not mean your code no longer runs as long as the certificate contains a signed timestamp from a third party that shows that the certificate was valid at the time of the signing of the code. For some reason, the current runtime does not have such a signed timestamp.
This has been happening a lot lately... (Score:2)
...and, IMHO, it ought to get you written up by management. I've lost count of the sites I've pointed a browser at in recent weeks/months that were unavailable--for all intents and purposes, they may as well have been powered down if users can't access them--because someone screwed up and allowed certs to expire.
What do I do now? (Score:5, Funny)
My Oclulus Rift is broken.
What the hell do I do now?
I guess I'll have to go play with my kids or talk to my wife.
If things get any worse I might end up going outside.
Re: (Score:2)
I guess I'll have to go play with my kids or talk to my wife.
Now, now, calm down - let's not do anything TOO drastic.
Problems everywhere (Score:3)
If things get any worse I might end up going outside.
Man, I went outside last August and it turned out even the SUN was broken [nasa.gov]!
Although they claimed it was a regularly scheduled patch. Even so!
I hear thier next software update (Score:3)
Is the inclusion of the exciting new software: .Blipverts
Phones must be ringing off hook (Score:2)
Oh right... never mind.
More proof that Oculus was definitely not the way (Score:4, Insightful)
A certificate expiry takes your entire fucking VR gaming rig down?
That's what you get for using a Facebook company.
Re: (Score:2)
But how about the root of the problem - the software that needn't be online should not require the user to be online. Somehow this has become a new normal for everything from single player games (or Steam, whose outages have left me unable to play more than once), to apparently hardware drivers?
This isn't true. If Oculus didn't work "offline" I would never have purchased one given who the parent company is.
Re: (Score:2)
It works offline but apparently does need to "phone home" during every boot.
Re: (Score:2)
It works offline but apparently does need to "phone home" during every boot.
It doesn't. I preordered CV1 in the first hour and have had it firewalled for years. It does not need to call home to work even though it most certainly will establish 24x7 connections to Facebook whether it is being used or not if you let it.
You can boot your computer without any network connection and it will still work. If this were not true I would have never had purchased it.
Re: (Score:1)
oh, that makes me feel great /s.
That's all I want is Facebook to be getting data from a virtual reality system 24x7... and people thought the Xbox was invasive...sheesh
Re: (Score:2)
oh, that makes me feel great /s.
That's all I want is Facebook to be getting data from a virtual reality system 24x7... and people thought the Xbox was invasive...sheesh
Yea it's pretty gross. Facebook is creepy as shit.
Re: (Score:2)
Does that mean your device hasn't gotten software/firmware updates? If it hasn't, then maybe it's not running the version that relies on a valid certificate to run.
Re: (Score:2)
Does that mean your device hasn't gotten software/firmware updates?
Yes it's many versions behind.
If it hasn't, then maybe it's not running the version that relies on a valid certificate to run.
It's possible I just don't know. What I do know is that my software is signed with the very same cert that expired this morning.
Everything I know about code signing is that this should continue to work based on the signature. This is because Oculus signature is also countersigned by a third party timestamp server to provide proof the code was signed at the time cert was still valid. On my system it is in fact still considered valid which is why I suspect there may be somethi
BRAIN CRASH (Score:2)
Imagine if this was a brain implant.
Expired certs (Score:2)
A week or so ago I bought a new hue hub to replace my first generation one. Couldn't set it up due to the cert being expired (cert was fine the following morning). Made a brand new item useless until it was updated.
How About (Score:2)
Re: (Score:1)
Breaking News! Fix released (Score:5, Informative)
If you currently have the Oculus app installed:
Go to https://www.oculus.com/rift-pa... [oculus.com].
Click Download Install Patch to download OculusPatchMarch2018.exe.
Open OculusPatchMarch2018.exe.
If Windows asks you if you’re sure you want to open this file, click Yes.
If Windows Defender prompts "Windows protected your PC", click More info and then click Run anyway.
If your antivirus software restricts the file from opening, temporarily disable your AV and continue.
Select Repair and confirm you would like to repair the Oculus software.
Allow the repair process to run, download and install.
Launch the Oculus app.
Shortly after the repair you will be prompted for an update. Please complete the update. The download and update may take up to 10 minutes depending on network connection.
If you uninstalled the Oculus app from your computer:
Go to https://www.oculus.com/setup [oculus.com].
Click Download Oculus Software to download OculusSetup.exe.
Open OculusSetup.exe and follow the onscreen instructions to install the latest version of the Oculus app.
Source - https://support.oculus.com/217... [oculus.com]
Re: (Score:2)
Anyone who has used their Rift since Feb 1st will receive $15 Oculus store credit.
Re: (Score:1)
It's bitztream the autism-hating, custom EpiPen-hating, Musk-hating, Qualcomm-hating, Firefox tabs-hating, Slashdot editors-hating Slashdot troll!
But Why ? (Score:1)
Listen, with software or games I can see the point. Its very easy to view and understand. You don't want your software to be copied on other computers without authorization and you want those people to pay their due or share.
But were talking about the Oculus Rift. Its a hardware. I shouldn't have to be connected all the time. If its aboutt he updates, then that could be circumvented but I don't even see the point of always be connected with the oculus rift...don't start with me about security... Its not th
It's funny (Score:1)
It's funny. I've had my Vive for 3 months and heard that you could play Oculus games on it using Revive. So last night, after some reluctance, I went ahead and tried installing the Oculus software and found that it didn't work. i spent two hours downloading/uninstalling/trying again thinking I was doing something stupid when I stumbled across a post about this blunder. Well, Oculus is back off my system. Maybe I'll try again in another 3 months.