A third of Android devices will lose support for many secure websites next year
Expect problems if you're still running Android 7.1 or olderBy Rob Thubron
In brief: Next year will see around 33 percent of Android devices worldwide face compatibility issues with many websites following changes by Let's Encrypt---a security authority that serves more than 192 million sites.
Google has spent years trying to get more of the web to adopt the HTTPS protocol, which allows information to be securely transmitted as it travels between browser and website. Let's Encrypt is one of the world's leading authorities to issue these certificates---it has handed out more than one billion, and now serves about 30 percent of all web domains.
When it formed in 2015, Let's Encrypt entered into a cross-signing agreement with another certificate authority, IdenTrust. That partnership ends on September 1, 2021, and Let's Encrypt doesn't plan on renewing the deal. The company will stop cross-signing by default starting on January 11, 2021, with sites and services able to continue generating cross-signed certificates until September.
The change will introduce problems for older platforms that still don't trust Let's Encrypt's ISRG Root X1 certificate, the most notable of these being versions of Android before 7.1.1. It's estimated that 33.8 percent of Android devices are still on these older versions---mostly budget phones bought before December 2016 that have offered few if any upgrades from the OS they shipped with originally.
"What can we do about this? Well, while we'd love to improve the Android update situation, there's not much we can do there," the company writes. "We also can't afford to buy the world a new phone."
Android Police notes that there is a workaround for this problem: Firefox. Mozilla's browser uses its own certificate store that includes the ISRG root, though that won't stop problems outside of the browser.
"Firefox is currently unique among browsers --- it ships with its own list of trusted root certificates. So anyone who installs the latest Firefox version gets the benefit of an up-to-date list of trusted certificate authorities, even if their operating system is out of date," Let's Encrypt explains.
Image credit: digidreamgrafix