A number of implementations of SSL and TLS, two groups of cryptographic protocols used to secure online communication, have been ‘retired’ as there are concerns about how secure they are. The Payment Card Industry Security Standards Council publishes Data Security Standards that outline how companies can/should implement data security in a robust manner. On June 30th, 2018, a deadline set set by them for the disabling of TLS1.0 passed, which many companies have used as an opportunity to switch to TLS1.2.
Android versions before version 4.4, which includes the officially released Fariphone 1 operating system based on Android 4.2, do not have support for TLS versions > 1.0 enabled natively (though it appears to be supported it is not enabled - ask the Android developers at Google why). The lack of TLS > 1.0 means secure connections to websites and e-mail servers will fail. Third-party apps can include their own implementation of TLS, or use the non-enabled (but supported) TLS1.2 implementation. In both cases, this needs be done by the app developers, who will often be hesitant to provide support for older versions of Android for various regions.
If you’re running into connection problems on your FP1, there are two main options available:
-
Use third-party apps that use their own TLS implementation in place of the built-in applications or third party apps that fully rely on the cryptographic protocols shipped with Android. This is mainly an option to replace browsers and e-mail clients. A non-exhaustive list of apps that are known to work with TLS1.2 on Android 4.2 is given below.
-
Use the testing version for the unreleased Fairphone OS update (based on Android 4.4). Read the notes carefully first. This version does have relevant TLS versions enabled, meaning that even apps that do not use their own TLS implementations should work properly. The testing version can be found in the following topic:
FP1: Macadamia 1.9.9-pre3 Alpha (Android Kitkat)