A cell phone puzzle

I originally wrote this in 2011, but am copying it here for posterity:

Yesterday [in 2011], I rebooted my Android smartphone (i.e., removed and reinserted the battery) in a location with absolutely no cell phone coverage but with great WiFi. I then could access the Internet at large, but Google services (including GMail, Reader, and Plus), did not work (this is to say, locally stored data was still available, but I could not interact with the cloud). When I then moved to an area with cell phone service, Google services started working again. Who can explain why?

I doubt it makes a difference, but I have [had] a Nexus One on T-Mobile.

Try to think it through. What might cause this to happen?

Ready? Here’s what’s going on.

Desktop computers are able to keep track of the current time, even when they get unplugged, because they have a watch battery in them that does nothing but keep a low-power clock running when the machine is unplugged. This is how your computer has (roughly) the right date and time even when you unplug it (and it then corrects this rough guess to be more accurate using something like NTP when it gets Internet connectivity).

Similar to NTP, cell phones get their clocks updated by the cell network itself. This is how your phone has the right time even when you change time zones. and because the phone is expected rarely to be out of network and rarely to have its power source removed, it doesn’t bother having a secondary battery to keep the clock warm.

So when I removed and reinserted the battery, my phone’s clock started at some default value (for reasons I don’t understand, this was 5 January 1980, at 7:01 PM). Since it couldn’t connect to the cell phone network, it couldn’t update the clock to the correct time, and thus continued to believe it was 1980.

The rest of the phone works normally even with an incorrect clock, which was why WiFi had no trouble connecting, and why I could surf the (unencrypted) Internet with no problems.

but when I needed to make a secure connection (for instance, when signing into Google services), my phone would receive the public key certificate, examine the “not valid before” field, compare it against its clock, and decide that this certificate wouldn’t be valid until 30 years into the future. It would then reject the SSL handshake.

This meant that all the parts of the internet that I normally visit on my phone worked fine, except for Google services, which were all unavailable (and if I did other things on my phone over HTTPS, I’d expect them to be unavailable, too). When I moved to an area with cell service, my phone’s clock updated to the correct time/year, and then the SSL certs were valid again and Google services worked.

I initially found this very surprising, but each step in this chain is perfectly reasonable. I now believe this was the right behavior for the situation. Neat!

Update from 2016: it’s strange to think of all the things I used to do unencrypted on my phone a few years ago. I’m glad more and more stuff is being encrypted, and I hope this trend continues and everything (or at least everything important) will be encrypted in the near future.

Leave a Reply

3 Comments

  1. Interesting story! I’d say that the right behavior when booted into a internet-connected cell-unconnected situation is to get the datetime with NTP. I understand them not anticipating the importance of not having a very inaccurate date, though!

    • Alan says:

      I imagine they even said that the chances of a phone booting up for the first time in an Internet-connected cell-unconnected situation is so rare that it’s not worth the hassle to get NTP working. Keep in mind that even without a SIM card, cell phones can connect to the network (for instance, to dial 911), and I expect the phone could still have gotten the proper time in such a situation. This is only a problem when you remove the battery from your phone when you’re, say, 3 stories underground.

Enable Javascript to Leave a Reply

Your browser has Javascript disabled right now. You must enable Javascript in order to leave a comment. This is done to prevent spam (most comment spam comes from bots that do not render Javascript correctly). If you need instructions for enabling Javascript, look here.

Leave a Reply

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

 

You must wait 5 seconds after loading this page before you can submit a comment. This is done to reduce comment spam.