Millions of devices, including Android, Windows and iPhone phones, may be just days away from losing internet access entirely.
A security expert warned that the upcoming change, which will start on Thursday, September 30, could have major repercussions on a wide range of devices produced by leading household names, and the reason for a possible Internet ban is due to the HTTPS security protocol, according to RT.
Even if you’re not familiar with the technical jargon, you’ve probably heard of – or are familiar with – HTTPS (also known as Hypertext Transfer Protocol Secure).
When you visit a website in browsers like Chrome, you may have noticed a lock icon in the address bar.
This indicates that the website uses HTTPS, which means that the site is secure and any information you enter is protected, so why is this important for Android, iPhone and Windows users?
On Thursday, September 30th, the root certificate – which is used to encrypt communications between devices and the web, and is necessary for HTTPS – will expire.
After this date, devices and web browsers will no longer trust certain certificates called IdentTrust DST Root CA X3.
For the vast majority of devices, this won’t cause problems, but for older devices that haven’t updated in years (and won’t be entitled to use the new certificate), it may cause them to lose Internet access.
That’s according to a blog post by Scott Helm, where the security researcher is betting “it’s probably going to be some things going wrong” next Thursday.
In an online article, Helm said, “This wouldn’t be the first time that a root CA certificate has expired and I imagine it will follow the same previous expiration trend, where things break down, and if the root certificate that underlies your certificate chain has expired, there’s It’s a good chance you can cause things to fail.”
The affected root certificates were issued by the non-profit Let’s Encrypt, which in total has issued more than two billion certificates – which is a large part of the web.
For iPhone users, you need to make sure that you are not running an update lower than iOS 10 and for Android smartphone users, make sure that you are not running the 7.1.1 version of Google software.
Windows users need to make sure you’re not running anything lower than Windows XP SP3, and if you have a Mac, you need to make sure you’re not running anything lower than 10.12.1.
Helm said there are a few other platforms that need “further investigation to see if they will fail after IdenTrust DST Root CA X3 expires”.
This includes Amazon Kindle e-readers running a patch lower than 3.4.1 and a PS4 game console running firmware less than 5.00.
Here is a complete list of affected software versions:
– OpenSSL <= 1.0.2.
– macOS < 10.12.1.
– iOS < 10 (iPhone 5 is the lowest model that can access iOS 10).
– “Android” < 7.1.1.
– Mozilla Firefox <50.
– Ubuntu < 16.04.
– Debian <8.
– Java 8 < 8u141.
Java 7 < 7u151.
– NSS < 3.26.
Amazon FireOS (Silk Browser).
“Proud explorer. Freelance social media expert. Problem solver. Gamer. Extreme travel aficionado.”