Millions of “Android”, “Windows” and “iPhone” Users May Lose Internet Access



[ad_1]

Millions of devices, including Android phones, Windows phones, and iPhones, could be within days of losing internet access altogether.

A security expert has warned that the upcoming change, which will begin on Thursday, September 30, could have a major impact on a wide range of devices produced by big household names, and the reason for a possible internet ban is due to the HTTPS security protocol, according to RT.

And even if you’re unfamiliar with the technical jargon, you’ve probably heard – or are familiar with – HTTPS (also known as Hypertext Transfer Protocol Secure).

When you visit a website in browsers like Chrome, you may have noticed a lock icon in the address bar.

This indicates that the website is using HTTPS which means the site is secure and all the information you enter is protected, so why is this important for Android, iPhone and Windows users?

On Thursday, September 30, the root certificate – which is used to encrypt communications between devices and the web, and is required for HTTPS – will expire.

After this date, devices and web browsers will no longer trust certain certificates called IdentTrust DST Root CA X3.

For the vast majority of devices this won’t be a problem, but for older devices that haven’t been updated in years (and won’t have the right to use the new certificate), this will can cause them to lose access to the Internet.

That’s according to a blog post by Scott Helm, where the security researcher is betting “it’s probably going to go wrong” next Thursday.

In an online article, Helm said, “This wouldn’t be the first time that a root CA certificate has expired and I imagine it will follow the same pattern of previous expiration, where things go down and if the root certificate that underlies your chain certificate has expired, there’s a good chance you will fail. “

The affected root certificates were issued by the nonprofit Let’s Encrypt, which has issued a total of over two billion certificates, which is a big chunk of the web.

For iPhone users, you need to make sure that you are not running an update lower than iOS 10 and for Android smartphone users, make sure that you are not running Google software version 7.1.1 .

Windows users should make sure that you are running nothing less than Windows XP SP3, and if you have a Mac, you should make sure that you are running nothing less than 10.12.1.

Helm said there are a few other platforms that require “further investigation to see if they will fail after IdenTrust DST Root CA X3 expires.”

This includes Amazon Kindle e-readers running a patch lower than version 3.4.1 and a PS4 game console running a firmware lower than 5.00.

Here is a complete list of affected software versions:

– OpenSSL <= 1.0.2.

-Windows

– macOS <10.12.1.

– iOS <10 (iPhone 5 is the lowest model that can access iOS 10).

– “Android” <7.1.1.

– Mozilla Firefox <50.

– Ubuntu <16.04.

– ان <8.

– Java 8 <8u141.

Java 7 <7u151.

– NSS <3.26.

– Amazon FireOS (Silk browser).

[ad_2]
Source link