Skip to main content

Now we know what was killing Mac Pros running Avid: Google Chrome

A potentially deadly problem for your Mac -- but there is a fix

Google’s Chrome updater has been sending Macs into an endless reboot loop, rendering them all but useless until the issue is fixed. Though the problem was at first thought to be caused by Avid’s Media Composer video-editing app running on older Mac Pro computers, further investigation has shown that not to be the case.

An investigation by the Mac enterprise and IT blog Mr. Macintosh has suggested that the latest version of Google Keystone (Google Chrome’s updater) comes with a bug that deletes a symlink at the /var path on the Mac it runs on. What this means in plain English is Google Keystone essentially deletes a key MacOS system file.

Recommended Videos

It was found that this issue only affects Macs where System Integrity Protection (SIP) has been disabled. In general, you should never disable SIP as it is designed to protect against precisely this sort of problem, but some users may need to turn it off for their work. It is thought that this is why the problem was initially linked to Media Composer, as some video editors may want to work with third-party graphics cards that SIP might otherwise block.

SIP was introduced with OS X El Capitan in 2015. That means if you’re running an older version of MacOS you could be affected if you use Chrome on your machine. If you think you might be affected, you can launch Terminal and run the “ls -ldO /var” command (without the speech marks). If you have not been affected, you’ll get the following output:

lrwxr-xr-x@ 1 root wheel restricted,hidden 11 Apr 1 2018 /var -> private/var

If, however, your system has been affected, you’ll see this:

drwxr-xr-x 5 503 wheel - 170 Sep 24 14:37 /var

If you see that, you must not shut down or reboot your Mac or log out of your account, as this will prompt the Mac to get stuck in the repeating boot cycle.

For now, Google has disabled Keystone while it attempts to solve the issue. It has also said that if you have been affected, you should boot your Mac into recovery mode, launch Terminal and enter the following commands:

chroot /Volumes/Macintosh HD
rm -rf /Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle
mv var var_back
ln -sh private/var
chflags -h restricted /var
chflags -h hidden /var
xattr -sw com.apple.rootless "" /var

Note: “Macintosh HD” is the default name for a Mac’s boot drive. If yours is different, replace “Macintosh” in the first command with the name of your drive.

You should then reboot your Mac. This will remove the affected version of Chrome’s updater, then restore it from the damage it caused in the first place.

Reinstalling MacOS is also said to work, although you should make sure not to reformat your drives as this will delete any files on your computer; just a simple reinstall will do. And if you’ve been having other problems with Google Chrome, we’ve got a raft of fixes for some of its most common issues.

Alex Blake
Alex Blake has been working with Digital Trends since 2019, where he spends most of his time writing about Mac computers…
Mac users are now in danger of a well-known Windows phishing attack
Apple MacBook Air 13 M4 rear view showing lid and logo.

If you're using a Mac, such as the new MacBook Air, you might have to be careful. A phishing attack that previously plagued Windows users has now made its way to macOS, and it's easy to fall for it.

This was spotted by 9to5Mac. Researchers from LayerX have been tracking a well-known phishing attack that caused a lot of grief to those who were tricked by it. Previously, the main target of these hackers was Windows, but Microsoft was able to largely eliminate it -- up to 90% of all attacks on Windows PCs are said to have been fixed thanks to new updates to Edge, Chrome, and Firefox that block scareware.

Read more
Google reacts to questionable shopping Chrome extensions
chrome web store logo on computer

Google has updated its policies for Chrome extensions following a controversy over the Honey extension. The extension, from PayPal, has been accused by creators of misappropriating affiliate links without its users' knowledge, and Google now specifies that similar extensions are not permitted on its Chrome Web Store.

The issue regarding Honey came to light in December 2024, when YouTubers accused the extension of being a scam. The extension claimed to search through discount codes and automatically apply them to user's shopping baskets across many different websites. However, it has been accused of injecting its own affiliate links into users' purchases without their knowledge, taking revenue from content creators who also use affiliate links. In an ironic twist, this likely negatively affected the same tech influencers that Honey paid to promote its extension.

Read more
A new report slams MacBooks’ repairability. Here’s what you can do if you need to fix yours
A person repairing a MacBook on a blue table.

Apple’s best MacBooks have earned a reputation for generous software support and top-tier build quality, two factors that mean they often last far longer than their rivals. But the flipside of the coin is the fact that MacBooks are incredibly difficult to repair, requiring specialized tools, complex disassembly and the enduring patience of a saint.

That idea has been reinforced by a recent report (PDF download) from the US Public Interest Research Group (PIRG) Education Fund, which found that Apple’s MacBooks are the second-worst laptops in terms of repairability, with only Lenovo scoring lower. Worst of all, most of Apple’s poor score came from an extremely low disassembly rating, which will be ominous reading for anyone about to undertake the challenge of tearing down their pricey laptop.

Read more