Cloud208 Blog

Android: Your email will appear shortly, or when smart phone gets dumb

It all started this Saturday (24th of November 2012), the gmail app on my T-mobile G1 (also known as HTC Dream: grand father of all Android phones) stopped to sync mails. When I tried to open some label, it told me there was an network error, which sounded funny since at the same time I was able to browse normally.

After waiting a day in hope problem would go away by itself, I have concluded that some action is needed. Web search indicated that there are such cases, and consensus was "yes, it does happen, clear gmail (or some other google application) data, and either the thing will fix itself, or you will enter your account info again, but eventually it should come to senses.

Well, I started deleting various google application data, but the problem was not going away, and I had less and less google services available. Finally I have reached the point where I had to reenter my account info or create a new google account, and to my despair, I was not able to do either. I was politely informed that there is network error, and that phone is unable to reach google servers. Needless to say, at the same time I was able to surf the net without problems.

At that moment I have decided to try something I should have done in the beginning, try to open gmail from the web interface. When I tried, it did open, but only after few warnings about invalid certificate for the google.com domain provided by google servers!

So my theory is that on Saturday google rolled out shiny brand new SSL certificate on its servers, but it forgot that validity of those certs can not be verified on old Android 1.6 devices, probably because root certificate needed for verification is not included on those devices. Which is not such big problem if user browses the web. He gets the warning, and can proceed (at his own risk) if he needs to. But probably the very same web browser component is used inside core google apps for android, and those apps just get exception when they try to get resource protected by new certificate, and proudly claim that google servers are unreachable as consequence. And anyone using those apps is doomed from that point on. Gmail, contacts, calendar, market, to name a few.

At that point I realized that my smart phone is not very smart any more. For a long time I was tempted to install CyanogenMod to my HTC Dream, but I was afraid that I migt loose my data and even brick the phone. Now when most of my data was inaccessible, and phone turned into bulkier equivalent of Nokia 3310 with poor battery life, installing CyanogenMod did not seem such a big risk, and new version of OS should be able to handle new certificates without problems, right?!

So there I was reading (very good) tutorials how to install CyanogenMod on HTC Dream. Procedure basically consisted of downgrading OS on the phone to the initial version which has exploit in it, downloading telnet client from the market and rooting the device through telnet, and then installing Cyanogen. So I have downgraded Android to ROM version 29, rebooted the phone, initial setup started, asked me to use existing account or create a new one, and you have guessed it by now, it was not able to contact the darned google servers! Only now I was not able to do even the simplest things with phone, It refused to do anything until registration process with google is completed.

I had faint hope that maybe it was my SIM card causing the problems now, so I purchased T-Mobile card with data plan for $4 and tried with it. Still not able to reach google servers and register. Then I found tutorial how to activate android without SIM card . It involved connecting phone to pc thorugh USB and adb utilities, triggering Wi-Fi control panel on the phone, where I turned the Wireless on, connected to the net over Wi-Fi, and then proceeded with activation now over the Wi-Fi connection. Which of course did not work either since activation could not reach google servers. So obviously downgraded version of Android was not able to deal with new certificates either (not a big surprise when I think of it now).

So, it seemed to me I was defeated, and I started to get used to idea of using Nokia 3310 for a while. Then occured to me that I might use the same trick that was used to trigger WiFi through ADB, to install Telnet client and start it on the phone - without going through activation and completing it. After some poking around I found a way to do it, telnet got installed, started, I connected to the localhost, rooted the device, and from that point on CyanogenMod installed like charm. Here are details how to root HTC G1 without activating it.

So now my 4 years old "grandpa" phone has newer version of Android OS, and it runs nicely, my emails and contacts sync! Phew!

Posted by rush at 27 November 2012, 11:33 pm with tags android, ssl link

Comments

I noticed same problem with network connection in google play half a year or more ago. I wanted to install barcode scanner on it, but failed miserably.

But since I'm not using my G1 day-to-day I didn't gave it much thought.

I think that most recent problems are related to implementation of SSL certificate chain validation. One of friend who develops for Android had a long rant how he can't implement properly SSL certification chains which works across all old versions of Android.

On related note, I would suggest that you upgrade to Galaxy Nexus (or any Nexus phone for that matter). It's good choice to get back smarts into phone (and having Google provide updates make a lot of sense -- side benefit is that CyanogenMod always work well)

Posted by Dobrica Pavlinušić at 28 November 2012, 10:25 am link

Yes, I agree that it probably has something to do certificate chaining. I would not mind if Google would at least recognize the problem, and state how to deal with it (which could be sorry it will never work again). I know it 1.6 is only 3% of Androids out there, but that still translates to more than 1 million devices out there. I probably have too high expectations though :)

As for upgrade to Nexus, I have been looking at it, but in spirit of my frugal "Full Amortization" policy, I would like to get at least a year of service from my handset if possible ;)

Posted by rush at 3 December 2012, 9:26 am link