I originally wrote this in 2011, but am copying it here for posterity:
Yesterday [in 2011], I rebooted my Android smartphone (i.e., removed and reinserted the battery) in a location with absolutely no cell phone coverage but with great WiFi. I then could access the Internet at large, but Google services (including GMail, Reader, and Plus), did not work (this is to say, locally stored data was still available, but I could not interact with the cloud). When I then moved to an area with cell phone service, Google services started working again. Who can explain why?
I doubt it makes a difference, but I have [had] a Nexus One on T-Mobile.
Try to think it through. What might cause this to happen?
Ready? Here’s what’s going on.
Desktop computers are able to keep track of the current time, even when they get unplugged, because they have a watch battery in them that does nothing but keep a low-power clock running when the machine is unplugged. This is how your computer has (roughly) the right date and time even when you unplug it (and it then corrects this rough guess to be more accurate using something like NTP when it gets Internet connectivity).
Similar to NTP, cell phones get their clocks updated by the cell network itself. This is how your phone has the right time even when you change time zones. and because the phone is expected rarely to be out of network and rarely to have its power source removed, it doesn’t bother having a secondary battery to keep the clock warm.
So when I removed and reinserted the battery, my phone’s clock started at some default value (for reasons I don’t understand, this was 5 January 1980, at 7:01 PM). Since it couldn’t connect to the cell phone network, it couldn’t update the clock to the correct time, and thus continued to believe it was 1980.
The rest of the phone works normally even with an incorrect clock, which was why WiFi had no trouble connecting, and why I could surf the (unencrypted) Internet with no problems.
but when I needed to make a secure connection (for instance, when signing into Google services), my phone would receive the public key certificate, examine the “not valid before” field, compare it against its clock, and decide that this certificate wouldn’t be valid until 30 years into the future. It would then reject the SSL handshake.
This meant that all the parts of the internet that I normally visit on my phone worked fine, except for Google services, which were all unavailable (and if I did other things on my phone over HTTPS, I’d expect them to be unavailable, too). When I moved to an area with cell service, my phone’s clock updated to the correct time/year, and then the SSL certs were valid again and Google services worked.
I initially found this very surprising, but each step in this chain is perfectly reasonable. I now believe this was the right behavior for the situation. Neat!
Update from 2016: it’s strange to think of all the things I used to do unencrypted on my phone a few years ago. I’m glad more and more stuff is being encrypted, and I hope this trend continues and everything (or at least everything important) will be encrypted in the near future.