A security expert warned that the upcoming change, which will begin on Thursday, September 30, could have major repercussions on a wide range of devices produced by leading household names. The reason for the possible internet blocking is the HTTPS security protocol.
Even if you’re not familiar with the technical jargon, you’ve probably heard of – or are familiar with – HTTPS (also known as Hypertext Transfer Protocol Secure).
When you visit a website in browsers like Chrome, you may have noticed a lock icon in the address bar.
This indicates that the website is using HTTPS, which means that the site is secure and any information you enter is protected. Why is this important for Android, iPhone and Windows users?
On Thursday, September 30th, the root certificate – which is used to encrypt communications between devices and the web, and is necessary for HTTPS – will expire.
After this date, devices and web browsers will no longer trust certain certificates called IdentTrust DST Root CA X3.
For the vast majority of devices, this will not cause problems. However, for older devices that have not been updated in years (and will not be entitled to use the new certificate), this may cause them to lose access to the Internet.
That’s according to a blog post by Scott Helm, where the security researcher is betting “it’s likely that some things will break” next Thursday.
The affected root certificates were issued by the non-profit Let’s Encrypt, which in total has issued more than two billion certificates – which is a large part of the web.
For iPhone users, you need to make sure that you are not running an update lower than iOS 10. For Android smartphone users, make sure that you are not running Google version 7.1.1.
Windows users need to ensure that they are not running anything lower than Windows XP SP3. And if you have a Mac, you need to make sure you’re not running a version lower than 10.12.1.
Helm said there are a few other platforms that need “further investigation to see if they will fail after IdenTrust DST Root CA X3 expires”.
This includes Amazon Kindle e-readers running a patch lower than 3.4.1 and a PS4 game console running firmware less than 5.00.
Here is a complete list of affected software versions:
– OpenSSL <= 1.0.2
– Windows < XP SP3
– macOS < 10.12.1
– iOS < 10 (آيفون 5 هو أقل طراز يمكنه الوصول إلى iOS 10)
– “Android” <7.1.1
– Mozilla Firefox <50
– Ubuntu <16.04
– دبيان <8
– Java 8 <8u141
Java 7 <7u151
– NSS <3.26
– Amazon FireOS (Silk Browser)