Now may be a good time to upgrade that old phone.
Bad news for users of older Androids — you may lose access to a large swath of the Internet soon.
One of the world’s largest certificate authorities, Let’s Encrypt, which is responsible for providing secure connections to the web and other services, is ending a long-time partnership with IdenTrust. IdenTrust and Let’s Encrypt have long used a certificate called DST Root X3, but Let’s Encrypt has announced that they will begin using their own proprietary certificate beginning Jan 11, 2021.
Digital certificate: A file that’s used to prove the identity of a website to any device accessing that website as verified by an independent third party called a certificate authority. These authorities–of which IdenTrust is an example–verify the authenticity of the site and your web browser cross references that against a list of trusted authorities.
A digital certificate basically acts like a key/lock combo: the website or server is the lock, and the user’s browser is the key. If they match up, you’ve got yourself a secure connection, and if they don’t, modern browsers may prevent you from accessing a website, or otherwise throw a fit. This is what makes a site HTTPS instead of HTTP.
Being cut off from the Internet is not guaranteed just yet and only Androids running versions older than 7.1.1 (Nougat) will be affected. As a workaround, Let’s Encrypt notes, users can install Mozilla Firefox onto their device for web browsing, as their latest certificate is already integrated into the browser. Let’s Encrypt is owned by Mozilla. Other web services, however, may not function.
Not sure what version of Android you’re running? Luckily, it’s pretty easy, per Google’s documentation:
- Open your phone’s Settings app.
- Near the bottom, tap System Advanced System update.
- See your “Android version” and “Security patch level.”
Liftoff!’s digital certificate is provided by Let’s Encrypt.