Google has told The Register it’s beginning to roll out a fix for Chromecast devices that were bricked due to an expired security certificate authority. We’re assured this deployment will take place over the next few days.
On Sunday, March 9, users of the Chocolate’s Factory’s second-generation Chromecast and Chromecast Audio devices found their kit was not functioning with official Google apps at least. Unofficial apps including VLC should keep working regardless. The problem was traced back to a device authentication certificate authority which had expired that weekend after ten years of validity and left the streaming kit flashing up an “untrusted device” error.
Although there’s no official message on the support page as yet, Google has confirmed to us it will push out a patch over the internet to people’s Chromecasts during the next few days to address the error. The firmware-level update moves the devices to a new Google-owned certificate authority with an expiration date set for 2045, meaning users should get another 20 years use out of the devices. Chromecast as a product family was discontinued last year.
“We’ve started rolling out a fix for the problem with Chromecast (2nd gen) and Chromecast Audio devices, which will be completed over the next few days. Users must ensure their device is connected to Wi-Fi to receive the update,” a Google spokesperson confirmed on Thursday.
“We are still working to resolve the issue that occurred for users who performed a factory reset during initial troubleshooting. Please continue to check the Community page here for updates and next steps.”
- Google begs owners of crippled Chromecasts not to hit factory reset
- Googlers asked if they’d like to bury themselves next to Stadia, Chromecast, DropCam
- All y’all love AI, right? Get ready for Gemini in Nest cameras, Google Assistant
It’s not all plain sailing. Users who tried doing a factory reset to restore their gear – which wouldn’t have worked as the certificate issue is baked into the firmware – won’t be able to get the over-the-air fix immediately, as the expired certificate authority the affected Chromecasts rely on prevents them from being trusted enough to be re-initialized by Google’s apps – which means some extra steps are likely needed, such as an update to Google’s client software to push past the certificate issue and get the fixed firmware onto a stricken ‘cast. Deep breath. The web giant did advise people to avoid factory resetting their gadgets.
“The reset clears the user data,” Tom Hebb, who’s something of a Chromecast hacker and a former Meta software engineer, who earlier diagnosed the cert issue for users, told The Register.
“That reset means the device won’t have any Wi-Fi or internet connectivity. The Google home app does still appear to be enforcing the expired certificate, so won’t be able to push an update. Fixing this will require a Home update to stop it enforcing the certificate, but that should be a simple fix.”
“Google’s gonna have trouble getting this to everyone, since devices need to be online to receive it,” Hebb added on Reddit.
“Also, this means they’ll need to build updates for the other devices that are expiring soon (Chromecast Ultra, Google Home, Google Home Mini, and possibly some Chromecast-enabled smart TVs from other vendors). I’m surprised they were able to build a new image for a 10-year-old device in just over two days (according to the new OTA’s build date). Nice work, Google.”
The aforementioned devices also facing certificate expiry problems aren’t currently set to run into that quagmire until 2026 and 2027. ®