Deprived of an Internet connection, many everyday devices find themselves devoid of any interest. This is particularly the case with our smartphones which are sometimes permanently connected. However, the expiration of a certificate of great importance could pose a major problem for many users. Explanations.
When you connect to the Internet, you need to secure connections, access, and shared data. This involves certification systems which, most of the time, are completely transparent to users who are unaware of their existence.
This is particularly the case for the digital certificate called IdenTrust DST Root CA X3. This confirms the correct application of another widely used certificate, ISRG Root X1. As Scott Helme explains on his blog, this one is used by Let’s Encrypt.
Founded in 2015, Let’s Encrypt is a certification authority whose protocol is used on countless connections linked to the Internet and which we use every day, again, without realizing it.
Which smartphones are affected?
Finally, without realizing it… until September 30th. Indeed, on this date, Scott Helme warns of a major risk. A change in the certification process will occur on this date and for many devices it will require a simple update.
However, it is still necessary that said update be made, and that it be available. Android smartphones released before 2017, may in particular encounter problems of accessibility to a possible solution.
Scott Helme specifies that the update in question will require at least a relatively old Android 2.3.6 Gingerbread version. Problem, many users do not update, they will be deprived of Internet access on September 30. From 2024, Android 7.1.1 Nougat will be required to maintain the connection.
What solutions to consider?
Without specifying exactly how he achieves this result, Scott Helme points out that a third of the Android phones currently in circulation could be affected by this problem. These are not the only devices affected, however.
Scott Helme also mentions the case of Mac computers running macOS 10.12.0 or earlier and iPhones running iOS 9 or earlier. According to him, devices that are less thought of as the PlayStation 4 if the firmware of the console is older than version 5.00, and connected televisions, may also be affected.
On his blog (the link of which is available at the source of this article), Scott Helme details the list of platforms concerned by the question. He admits to not being sure of the extent of the problem, but specifies that users will necessarily be affected. As far as web browsing is concerned, it would suffice to use certain browsers such as Firefox which use their own security certificates, to overcome this connection problem.
There remain the difficulties of accessing the system in general to the Internet, in particular for smartphone applications or various uses linked to the Internet. Case to be continued, as we say in this kind of case.