Seeing your computer, smartphone or console with no internet connection: a nightmare for some. Yet this is what is likely to happen on September 30 to several million users. At issue: the expiration of a digital security certificate, the IdentTrust DST Root CA X3. It was the computer security researcher Scott Helme who warned against the effects of this expiration in an article published on his blog and relayed by Phonandroid.
This certificate is part of a protocol that encrypts a large part of the connections made on the Word Wide Web. It is offered by Let’s Encrypt, a certification authority created in 2015.
Many devices affected
Many older devices still rely on IdentTrust DST Root CA X3. In particular, devices released before 2017 are affected. Sometimes a simple update can fix the problem.
For Android smartphones, version 2.3.6 Gingerbread or an earlier version must be installed to be able to maintain the internet connection. From 2024, users will have to install the Android Nougat 7.1.1 version. According to Scott Helme, as many as a third of Android phones could be affected by the September 30 blackout.
For Apple devices, users of macOS 10.12.0, iOS 9 or earlier are advised to update the firmware. Same for PlayStation 4 running firmware older than 5.00 or PCs running Windows XP with Service Pack 2 or earlier iteration.
Some devices might escape this connection problem because they run on multiple digital security certificates. A tip for those who will be affected by the outage: use the Firefox browser which uses its own digital certificates to encrypt connections.