Chrome updates on Android paused after discovery of data-eating bug

Google has hit pause on the rollout of the latest version of Chrome for Android, after reports from third-party developers revealed a bug was deleting user data.

Chrome 79 for Android began rolling out to users last week, but developers quickly spotted a problem. The new version of the browser stores data in a different spot for apps that use the Chrome WebView tool, which opens up a version of the browser inside the app, but the upgrade fails to move data from the old storage spot to the new one.

In particular, this impacts apps that use WebView and hold data in localStorage and WebSQL, as data held in those two locations wasn't migrated to the new destination, leading to that data being lost entirely, or stored in an unreachable location.

A developer from payment system Pocket POS posted on Chromium's bug reporting forum: "It causes such a big problem for our products."

They later added that users are blaming the app itself for the problem, when it was caused by Chrome: "This is a disaster." Another developer added: "If you don't fix it somehow all my users will [lose] all their data in the same moment they open the app."

Other comments suggested it may be difficult to solve the problem without some data loss for app users, with some calling for the update to be rolled back to Version 78. A developer from finance management app Propel said: "We have millions of users on 78 who would all be logged out and have to go through an arduous account creation process plus lose years of their historical financial information."

A Chromium developer posted: "We don't need more reminders about how important this is for you… Please understand that the team is working on a solution that minimises the data loss, and that can be rolled out safely."


Application security fallacies and realities

Web application attacks are the most common vulnerability, so what is the truth about application security?


In response, Google has temporarily halted the rollout of Chrome 79 for Android, but it's already been downloaded to 50% of devices, though most haven't yet installed it, according to a comment on the Chromium bugs list. If you haven't been moved to Chrome 79, there's no cause for concern, as Google won't start downloads and installations again until the bug is fixed. If you do have the update already, some affected apps may lose data — in this case, blame Google, not the app developers.

When Chrome 79 does start rolling out again, it will include features such as a password checkup tool that compares your credentials against those leaked online and phishing protection that looks for malicious sites in Safe Browsing mode.