If you possess a cell phone older than five years, you’re in for some bad luck. A new plan to upgrade the way sites like Google and Twitter are verified will force users without the newest technology to surf on the non-encrypted web. Basically, users might not have access to verified websites like Facebook starting Jan. 1.
According to BuzzFeed, websites are encrypted through a code from the website you’re visiting which is then translated into your browser—but only if that site is real. The current version, which is called SHA1, has been deemed by researchers as no longer safe so they’re rolling out an upgraded version called SHA2. The issue is that this upgrade won't be compatible with older devices.
Not everyone can afford updated technology so this puts 37 million people at risk. “This is a story about encryption and the conflict between how you support the future and the past at the same time,” Matthew Prince, CEO of Cloudflare which researched how many people would be affected, told BuzzFeed. “It is important to remember that the internet is not just guys with the newest laptops and an iPhone 6."
Facebook Chief Security Officer Alex Stamos seems to agree. In a blog post published last week, he wrote:
We don’t think it’s right to cut tens of millions of people off from the benefits of the encrypted Internet, particularly because of the continued usage of devices that are known to be incompatible with SHA-256. Many of these older devices are being used in developing countries by people who are new to the Internet, as we learned recently when we rolled out TLS encryption to people using our Free Basics Platform. We should be investing in privacy and security solutions for these people, not making it harder for them to use the Internet safely.
They’re going to have to figure out something that works for everyone very soon. The new year is almost here.