All of Oculus’s Rift headsets have stopped working due to an expired certificate

Our VR surgical training startup has been working for the last few months towards a big medical conference this week where we&#x27;re showing multiple training procedures for multiple customers on Oculus Rift, as well as having our own booth. The headsets all stopped working the morning of the conference.<p>Fortunately one of our engineers figured out we could get our demo rigs working by setting the clock back a few days. This could have been a huge disaster for our company if we hadn&#x27;t found that workaround though. Pretty annoyed with Oculus about this

This is not how Windows code signing is supposed to work. Normally you&#x27;d get a countersignature from a timestamp server so that the verification process can prove that the certificate was valid at the time of signing. It would appear that Oculus signed their binaries without using a timestamp server, so without a way to verify when signing happened they become invalid as soon as the cert expires.

One wonders if we&#x27;ve made technology unnecessarily complicated. In order to build something like the Oculus Rift, they obviously needed expertise in hardware design, optics, display technology, manufacturing, user interface design, etc etc. Also, they apparently needed expertise in managing the ins-and-outs of the Windows driver security system. Adding one more subject to their already crowded curriculum wasn&#x27;t very nice of Microsoft.<p>A lot of applications and environments seem to be built with the assumption that they can add arbitrary complexity to their interface, since they&#x27;re only going to be used by &quot;experts&quot; who can be expected to know everything of relevance and work through a thick documentation to understand the system. In truth, the &quot;experts&quot; who use your programs are going to also be using a dozen other applications, each with their own piles of documentation (or equal amounts of lack-of-documentation,) and have little brain-space left for the intricacies of your framework. So, they&#x27;re going to use your system while knowing the <i>minimum possible amount</i> about it; if that system contains traps that cause problems for this kind of user, that&#x27;s <i>bad design.</i>

This one will hopefully be solved quick by the company, but think of what would have happened if this was a piece of technology sold in hundreds thousands pieces by a company now out of business: instant tons of electronic junk that would be instead perfectly useable if there was a law mandating all software&#x2F;hardware details to be released if either of these conditions are met: IP owner going out of business, company declaring the product obsolete and stopping any technical support or upgrade, product sales plummeting due to competing or new models. The first two are obvious while the third one would allow some of the devices to be repurposed instead of thrown away. I&#x27;ve saved a good number of old access points &#x2F; routers from the landfill by installing OpenWRT&#x2F;Lede where possible o their latest available firmware,pairing them together, adding homemade external antennas (small Wifi antenna enclosed in white PVC pipe plus self bonding tape, silicone sealant and heatshrink, RF240 cable and RP&#x2F;SMA or N connector: =&gt; years exposed to sun, rain and snow with zero problems). I install them at really low prices to customers who need a cheap wifi bridge from point A to B. I would love to do a similar &quot;afterlife&quot; service to old cellphones, but none of them could host a true native Linux install because of how tightly closed the underlying hardware is, and all of them sooner than later are doomed to be thrown away.<p>The problem lays in the IP. It&#x27;s considered to be a vital asset so that when a company goes belly up it will survive kept years or decades in a safe by law firms in the hope someone will buy it, or just to make profits through litigation against infringers. Unfortunately this has a deleterious effect on products derived from that IP, the people who bought them and the people living where the unusable products will be trashed.

They let their certificate expire, essentially bricking all of their devices. And now the app running it won&#x27;t start, so they can&#x27;t push an update.<p>Just recently picked up a Rift. I love the hardware and their exclusives are top notch, but this confirms my suspicions that their backend is super goofy.<p>They sell Rifts at Best Buy and want to pretend that it&#x27;s a consumer-ready product, but here&#x27;s why I am recommending people stay away for now:<p>- Non-existant repair or service out of Warranty.<p>- Basic things in the platform like changing your name or photo don&#x27;t exist.<p>- Lots of non-response over other basic features requested by the community.<p>- Questionable future investment in the platform or hardware. It sounds like they are moving their efforts towards &quot;lighter&quot; experiences.<p>In short, it feels like being a legacy customer for a new product.

Why is it possible for a device that is basically a display to stop working because a certificate expired? This future worries me.

Remember folks, if code signing, countersign with a timestamping service[1] so when your code signing cert expires, your older signed code will still work. [1]<a href="https:&#x2F;&#x2F;search.thawte.com&#x2F;support&#x2F;ssl-digital-certificates&#x2F;index?page=content&amp;id=INFO1119&amp;actp=LIST" rel="nofollow">https:&#x2F;&#x2F;search.thawte.com&#x2F;support&#x2F;ssl-digital-certificates&#x2F;i...</a>

Saw this, opened Oculus Home, there&#x27;s a message in the Updates tab saying &quot;An update may not have installed correctly&quot;, and indeed, VR apps didn&#x27;t work.<p>Nate Mitchell of Oculus posted on Reddit saying &quot;We&#x27;re working on resolving this issue right now. We&#x27;ll keep everyone posted on progress here.&quot; <a href="https:&#x2F;&#x2F;www.reddit.com&#x2F;r&#x2F;oculus&#x2F;comments&#x2F;82nuzi&#x2F;cant_reach_oculus_runtime_service&#x2F;dvbsnup&#x2F;" rel="nofollow">https:&#x2F;&#x2F;www.reddit.com&#x2F;r&#x2F;oculus&#x2F;comments&#x2F;82nuzi&#x2F;cant_reach_o...</a> . Top-level of that thread has a workaround involving setting the clock back or using a utility called RunAsDate to fake the clock for a single application.

<i>A driver signed with any certificate that expires after July 29th, 2015, without time stamping, will work on Windows 10 until the certificate expires.</i><p><a href="https:&#x2F;&#x2F;docs.microsoft.com&#x2F;en-us&#x2F;windows-hardware&#x2F;drivers&#x2F;dashboard&#x2F;get-a-code-signing-certificate#code-signing-faq" rel="nofollow">https:&#x2F;&#x2F;docs.microsoft.com&#x2F;en-us&#x2F;windows-hardware&#x2F;drivers&#x2F;da...</a>

This, and many incidents like it, makes me think that running tests 1&#x2F;10&#x2F;100 years in the future should be a standard feature of test runners and CI systems. (on by default)

I borrow the office Rift every couple of months to play around for a weekend and see how the field is progressing. Unfortunately what I&#x27;ve mostly seen is a bunch of regressions, technical and ux, as they update their platform.

Wow, thanks to reading HN headlines in the morning I realized my own cert expired at midnight and I was able to fix it without any damage.

It sounds like the same expired certificate is also used to sign their autoupdater&#x27;s exe, so they can&#x27;t just roll out an update using a new certificate.

I&#x27;m -constantly- seeing &#x27;certificate expired&#x27; in my browser. This certificate stuff is so hard that they can&#x27;t pay some Chief Certificate Officer $15&#x2F;hr. to -do nothing else- but assure that stuff is renewed in a timely fashion?<p>We furry &#x27;self-reproducing&#x27; (YMMV) mammals are simply not ready for all of this.

This seems to be a somewhat common type of problem. I wonder if companies should routinely test on machines with the clock set one year into the future to catch them before they hit customers.

For those affected, Oculus now has a patch to fix the issue: <a href="https:&#x2F;&#x2F;support.oculus.com&#x2F;217157135500529&#x2F;" rel="nofollow">https:&#x2F;&#x2F;support.oculus.com&#x2F;217157135500529&#x2F;</a>

Note for company communication guys.<p>Please, please don&#x27;t say: &quot;Our teams apologize for any inconvenience this may be causing you&quot;<p>instead opt for &quot;Our teams apologize for any inconvenience this caused you&quot;

Has anyone got a good way of managing certificates in the wild? With no real management and staff turnover I&#x27;ve seen a bunch of expired certificate problems.<p>EDIT: presumably you need your client apps&#x2F;libraries in the field write back when they use a cert that is &lt;X months away from expiry.

Rotation due to expired keys should be <i>frequent</i>, enough to pretty much require automated methods to handle the changes. (One of the many great things in LetsEncrypt.)<p>If it’s a much longer time scale, people start to forget that it’s even <i>possible</i> for stuff to expire.<p>If my fridge filter can display a little reminder light on a timer every few months, cryptography-dependent devices might need something similar. That way, your customers could know in advance and be <i>asking you</i> for an update.

In 2091, an overworked developer will accidentally let the certificate expire for the Planetary Shield Defense Matrix, and the Zylorts will finally conquer Earth.

OK. The issue arose because the expired certificate wasn&#x27;t countersigned by a timestamp server.<p>So many comments agree that (a) security is hard, (b) countersigning with a timestamp server is easy to miss, (c) countersigning makes build processes difficult, and (d) they&#x27;ve done or seen similar things in other apps&#x2F;companies.<p>This sounds like a classic UI&#x2F;UX issue for developers around a literally mandated and mission-critical requirement of the OS.<p>At the least, MS should provide a validation tool to surface errors or risks before production. Better, signtool.exe should make omissions (like a timeserver) very difficult and make them an override, not a default. Best, they would do both.<p>I don&#x27;t agree that the OS should reject non-timestamped signatures as faulty per se (and throw an error), as that puts the burden on the user to understand a developer&#x27;s mistake. Sometimes running without a timestamp may be desirable - ultimately that&#x27;s the dev&#x27;s choice.<p>It should just be a choice made explicitly.

This is what happens when a CTO goes for a programming retreat

So it&#x27;s impossible to use Oculus headset locally without runtime calling home and checking something?

I feel more understandable with Oculus in this one... Recently I also left an certificate, expire...<p>However, this affected only one single customer of ours and we had a fix within a couple of hours. -- I certainly learn from this mistake.

I am yet to find any official statement from Oculus on this. Am I missing something?

GoPro Desktop app&#x27;s certificate expired more than a week ago and no update. I wonder if this will give them a nudge <a href="https:&#x2F;&#x2F;community.gopro.com&#x2F;t5&#x2F;GoPro-Apps-for-Desktop&#x2F;Installation-Developer-certificate-expired&#x2F;m-p&#x2F;146532#M11495" rel="nofollow">https:&#x2F;&#x2F;community.gopro.com&#x2F;t5&#x2F;GoPro-Apps-for-Desktop&#x2F;Instal...</a><p>I thinks IT is used to managing HTTPS certificates, domain name auto-renewals but app level certs are more of a new thing.

So you&#x27;re saying Rifts and Windows 10 drivers do not work offline? That basically Windows 10 will be functional only while Microsoft keeps the update servers on?<p>Edit: I don&#x27;t follow Windows, I&#x27;m really curious what the consequences for stuff like this can be generally.

Minor nitpick: “soft-bricked” is like “soft-pregnant”. That’s not what “bricked” means, Techcrunch.

Oculus says you will receive $15 store credit if you used Oculus between Feb 1st and when it went kaput.<p>I don&#x27;t see credit on my Oculus account? Am I supposed to have received it already? Or is this maybe because I don&#x27;t have payment method added to my account?

Why does a device you own have to have an expiring certificate?

Ha! My dad was just telling me how some of our old SANs had this happen. Just had to change the date to 2017 then do a firmware update.

Well, that explains why my Oculus wasn&#x27;t working tonight. I hope this ends up being as easy to fix as downloading a new binary.

Move Fast and Break Things.

The site has aggressive ads

Something similar just happened to me. I have a windows computer I only Use for gaming. After the last update My Samsung display is no longer usable. It has a polarized effect now only when using the windows Computer. However the Computer Works fine Connected to another brand monitor. So much money, yet windows still sucks when it comes to most basic things

I&#x27;ve pointed out this consequence of &quot;put TLS on everything&quot; before, but people shrugged it off.

Beside the fact that you should be concerned about whether the controlling company goes out of business, or sells your data, here stands yet another reason to never trust devices that require an internet connection to activate in the first place, or phone home periodically to remain active.<p>This includes phones, cars, self-driving cars, watches, farm equipment, computing devices and anything marketed as an IoT appliance.<p>One glitch, as minor as an improper system time, and you’re dead in the water.