Millions of devices, including Android, Windows and iPhone phones can be just days away from losing Internet access completely.
A security expert warned that the upcoming change, which will begin on Thursday, September 30, could have significant repercussions on a wide range of devices produced by the main household names, and the reason for a possible internet ban is due to the protocol of HTTPS security. according to RT.
Even if you are not familiar with technical jargon, you have probably heard of or are familiar with HTTPS (also known as Secure Hypertext Transfer Protocol).
When you visit a website in browsers like Chrome, you may have noticed a lock icon in the address bar.
This indicates that the website uses HTTPS, which means that the site is secure and any information you enter is protected, so why is this important to Android, iPhone, and Windows users?
On Thursday, September 30, the root certificate, which is used to encrypt communications between devices and the web, and is required for HTTPS, will expire.
After this date, devices and web browsers will no longer trust certain certificates called IdentTrust DST Root CA X3.
For the vast majority of devices, this will not cause problems, but for older devices that have not been updated in years (and will not have the right to use the new certificate), it can cause them to lose Internet access.
That’s according to a blog post by Scott Helm, where the security researcher is betting that “some things will probably go wrong” next Thursday.
In an online article, Helm said: “This would not be the first time that a root CA certificate has expired and I imagine it will follow the same expiration trend above, where things get broken and if the root certificate underlying your certificate the chain has expired, there’s a good chance it will cause things to fail. “
The affected root certificates were issued by the nonprofit Let’s Encrypt, which in total has issued more than two billion certificates, which is a large part of the web.
For iPhone users, you need to make sure you are not running a lower update to iOS 10 and for Android smartphone users make sure you are not running version 7.1.1 of Google software.
Windows users should make sure that you are not running anything less than Windows XP SP3, and if you have a Mac, you should make sure that you are not running anything less than 10.12.1.
Helm said there are some other platforms that need “more research to see if they will fail after IdenTrust DST Root CA X3 expires.”
This includes Amazon Kindle e-readers with a patch lower than 3.4.1 and a PS4 game console with firmware lower than 5.00.
Here is a complete list of affected software versions:
– OpenSSL <= 1.0.2.
– Windows
– macOS <10.12.1.
– iOS <10 (iPhone 5 is the lowest model that can access iOS 10).
– “Android” <7.1.1.
– Mozilla Firefox <50.
– Ubuntu <16.04.
– دبيان <8.
– Java 8 <8u141.
Java 7 <7u151.
– NSS <3.26.
Amazon FireOS (Silk browser).