Older Android Phones Will No Longer Support Many Secure Websites By 2021

Millions of Android devices running the older versions of Googleโ€™s mobile OS may not be able to access some of the most popular secure websites by 2021. So, if you are using an older Android smartphone, it may be time for you to consider an upgrade. ย 

According to a report fromย Android Police, non-profit certificate authority Let’s Encrypt has issued a warning that phones running Android versions before 7.1.1 Nougat will no longer trust its root certificate starting September 2021, preventing users from visiting many secure websites. In other words, many secure websites will no longer be compatible with older versions of Android.

The partnership of Letโ€™s Encrypt, a partner of Mozilla, with the IdenTrust certification authority is set to expire on September 1, 2021. The company has no plans to renew its default cross-signing for IdenTrustโ€™s root certificate, DST Root X3, that enables this functionality on January 11, 2021. Instead, the organization will be switching over to solely using its own ISRG Root X1 root.ย 

Let’s Encrypt certificates are used byย approximately 30% of all web domains. According to the organization, 33.8 percent of Android devices are running older versions of the operating system. Since older software wonโ€™t trust Letโ€™s Encryptโ€™s root certificate, this could โ€œintroduce some compatibility woes,โ€ lead developer Jacob Hoffman-Andrews said inย a blog postย Friday.

โ€œSome software that hasnโ€™t been updated since 2016 (approximately when our root was accepted to many root programs) still doesnโ€™t trust our root certificate, ISRG Root X1. Most notably, this includes versions of Android prior to 7.1.1. That means those older versions of Android will no longer trust certificates issued by Letโ€™s Encrypt,โ€ he said.ย 

If users do not wish to upgrade their phones, Letโ€™s Encrypt hasย recommendedย such Android device owners to download and install Firefox and use it for their web browsing needs since it relies on its own certificate store that includes Letโ€™s Encryptโ€™s root.ย 

“For an Android phoneโ€™s built-in browser, the list of trusted root certificates comes from the operating system โ€“ which is out of date on these older phones,” explains a post on the organizationโ€™s website.ย 

“However, Firefox is currently unique among browsers โ€“ it ships with its own list of trusted root certificates. So anyone who installs the latest Firefox version gets the benefit of an up-to-date list of trusted certificate authorities, even if their operating system is out of date.”

However, installation of Firefox browser doesnโ€™t guarantee that it would prevent applications and other functions outside the browser from breaking or ensure functionality.

Kavita Iyer
Kavita Iyerhttps://www.techworm.net
An individual, optimist, homemaker, foodie, a die hard cricket fan and most importantly one who believes in Being Human!!!

Read More

Suggested Post