Security

Oculus scrambles to fix expired certificate after all VR headsets stop working

Oculus was forced to release a new software patch after their $400 VR headsets were unusable for almost a full day.

Building a slide deck, pitch, or presentation? Here are the big takeaways:
  • Oculus did not send out an update for its expired Windows security certificate, rendering its VR headsets useless for almost a full day.
  • After a storm of comments from users on a variety of forums, the company released a patch to fix the problem and offered a $15 Oculus Store credit.

Oculus Rift users were struggling Wednesday after receiving error messages on their VR headsets and discovering that the company, backed by Facebook, had either failed or forgotten to update a Windows security patch for the devices, rendering them useless.

Message boards were flooded with complaints as users struggled to figure out the root cause of the problem, and possible solutions. Before long, it became clear that one of the security certificates for the $400 headset had expired.

Nate Mitchell, co-founder of Oculus, released a statement on Twitter apologizing for the mixup.

"Rift is back online as of ~12am. This was a mistake on our end, and we apologize. Folks impacted by today's downtime will be provided with an Oculus store credit. More details to follow soon. Thanks again for everyone's patience as we worked through this one," Mitchell wrote.

The company has since remedied the issue, sending out a patch to solve the security certificate problem and offering affected users a $15 Oculus store credit for their trouble.

SEE: Virtual and augmented reality policy (Tech Pro Research)

But that did not stop users and analysts from questioning how a company as large as Oculus could let a situation like this occur, much less persist for hours. Some acknowledged that the certificate had been created in 2015, before the company was fully restructured under Facebook's mantle.

Oculus is far from the only major company to suffer a security lapse like this. In 2015, Apple struggled with an expired certificate that forced Mac users to re-download apps they had already purchased.

This is a widespread problem that many businesses are currently struggling with, Craig Stewart, a spokesman for certification company Venafi, told the BBC on Thursday.

"The average business has around 17,000 undiscovered or forgotten certificates in their environment and occasionally one will be as important as this one," Stewart told the BBC, adding that most companies handled each security certificate separately and manually, slowing down the process and leaving them open to situations akin to what Oculus went through.

The mishap certainly won't slow down VR usage or sales. Interest in the augmented reality (AR) and virtual reality (VR) markets are increasing rapidly, with experts from the International Data Corporation estimating a 100% worldwide revenue increase over the next four years. They expect spending on AR and VR devices to reach $215 billion in sales by 2021.

Also see

oculus.jpg
Image: Sarah Tew/CNET

About Jonathan Greig

Jonathan Greig is a freelance journalist based in New York City. He recently returned to the United States after reporting from South Africa, Jordan, and Cambodia since 2013.

Editor's Picks

Free Newsletters, In your Inbox