Google has started sending an email to users of old Android devices telling them it’s time to say goodbye.
As of September 27, devices running Android 2.3.7 and earlier will no longer be able to sign in to Google services, effectively eliminating a significant portion of the Android experience on rails. As Google puts it in an official community post, “If you sign into your device after September 27, you may get username or password errors when trying to use Google products and services like Gmail, YouTube, and Maps.”
Android is one of the most cloud-based operating systems out there. Especially in older versions, many built-in apps and services were tied to your Google login, and if that stops working, a large part of your phone will be jailbroken. While Android can update many core components without shipping a full system update today, Android 2.3.7 Gingerbread, released about 10 years ago, wasn’t modular.
Individual Google apps started updatable through the Android Market/Play Store, but Google Signing in was still a system-wide service and was frozen in time. Any Google services that want to allow sign-in from these versions must comply with the 2011 security standards, which means turning off two-factor authentication (2FA) and enabling a special “Allow less secure access” setting in your Google Account. Really, these old Android versions should die eventually because they are so insecure.
Google displays active user base ratings for Android versions in Android Studio, and Gingerbread has such a low device count that it’s not on the list. It’s less than 0.2 percent of active devices, behind 14 other versions of Android. Users of these old devices can still load up a third-party app store and find alternatives to all of the Google apps, but if you’re a tech user and can’t get a new device, there’s a good chance you’ll download a whole new OS with Android ROM.
After September 27, the oldest version of Android you can log into is Android 3.0 Honeycomb, which is only for tablets. This operating system is still not modular, but Google realized that login security updates would start to appear as an issue in the future, and Honeycomb added the “Sign in via browser” option to the initial setup. An encrypted Android login can still be cracked, but “Login via browser” will take you to a web page – which can be refreshed with the latest technology – and can then redirect that login to the operating system. Keeping Honeycomb off the “least secure application” label is still not enough and doesn’t work well with 2FA, but it’s enough to keep the trucking OS running for now.
The login procedure is now updatable in Android 5.0 Lollipop, which checks for initial setup updates before You can even log in.
These devices have been outdated for a while so it’s not a big deal for everyday use, but shutting down the Google server is a nightmare for environmentalists. Today, anyone can run an old Apple II or install Windows 1.0 on an old PC and see the full experience, but once Google cuts login support, older versions of Android dead. If you can’t sign in to Google, say goodbye to Android Market, Gmail, Google Maps and Google Talk. The underlying operating system will continue to work, but you won’t be able to do anything people have already done on these phones. You will never………. You’ll be able to see these apps running on phones again, except for some kind of crazy login simulator.
This is not the first time that Google has eliminated older versions of Android due to the high level of login security. Android apps dating back to the 1.0 era have been broken for years. Here at Ars, we’ve seen all of this coming and documented every early version of Android in this giant article. The apps may not work anymore, but we will always get the screenshots.