which phones and computers it can affect

You shouldn’t be worried about running out of internet on your phone or computer this September 30th… unless you have an old, out-of-date device.

This Thursday will expire a key element for the connection to the network of cell phones, Mac or Windows computers, Internet browsers and even video game consoles; what from some sectors has been denominated like “blackout of Internet”.

It is a “root certificate” that has a very technical name, IdentTrust DST Root CA X3, which has like date and hour expiration date on September 30 at 14:01 GMT.

Root certificates serve as a link key between a device, be it cell phone or computer, and the internet. They are an element that ensures that connections are secure and be encrypted.

Keeping the system of a device updated (iOS, Android, Windows, among others) allows such certificates to be kept up to date, since those that are close to expiring are replaced by new ones.

But not doing so has consequences.

“At least something, somewhere, is going to go bad”, warns computer security expert Scott Helme on his blog.

Who can be affected?

Nothing will happen to the vast majority of devices.

But those with outdated operating systems may be unable to connect to the network.

Among them, factory computer systems that are never connected to the internet, or smartphones that never connect to a Wi-Fi network or that have not been updated in about 5 years or more.

Getty Images
IPhone phones with iOS lower than version 10, which can be installed starting with iPhone 5, could be affected.

This because there are a number of teams that they only trust the IdenTrust DST Root CA X3 certificate from the Let’s Encrypt signature, launched in 2000 and expiring this September 30.

See also  187-meter-long asteroid approaches Earth

These are some of the affected devices and systems:

  • phones iPhone have a system anterior al iOS 10 (iPhone 5 is the oldest version you can install).
  • Computers with Windows XP SP3
  • MacBooks with the system prior to macOS 2016
  • Computers with an operating system prior to Ubuntu 16.04
  • Consoles PlayStation 3 that use firmware and Nintendo 3DS
  • phones Android with version anterior in the Nougat 7.1.1 (but they could still use the internet through the Firefox browser).
  • The Navigator Firefox with a version less than 50.
  • Computers they use OpenSSL, NNS, Java 8 and 7, the Debian system

Other devices that it is unclear if they could be affected, according to Helme, are phones Blackberry (versions prior to 10.3.3) and book readers Kindle, of the version lower than 3.4.1.

Why do the certificates expire?

There are public and private certification authorities (known as CAs) that are in charge of validating the security of device connections with the internet.

As a protection measure, certificates come with an expiration date and it is those authorities who are in charge of renewing or revoking them.

As Helme explains, “Once this root CA has expired, clients, such as web browsers, will no longer trust the certificates issued by this CA”.

Illustration of a smartphone and a number of floating app icons.

Getty Images
Updating systems and applications prevents security flaws.

Certificate renewal is distributed with device system updates.

In the past has already caused problems for computers with older operating systems.

On May 30, 2020, the specialist indicates, a certificate from the AddTrust firm expired, causing problems for online television system services Year, or the online payment platforms Stripe and Spreedly.

See also  A new brand of computers is heading to the market, Smarty.cz is starting to offer its own Tigo sets

The best way to avoid these types of problems is install updates system as usual.


Remember that you can receive notifications from BBC Mundo. Downloada our app and activate them so you don’t miss our best content.

https://www.youtube.com/watch?v=wklGlo9dST0

.

Leave a Comment