611

Samsung has decided to proceed with the Bootloader blocking also in Europe, a move that has caused a lot of discussion. Behind this choice is a European regulation that will come into force in August 2025 and which risks changing smartphone usage in Europe forever. This is why other manufacturers may soon follow suit.

From 1 August 2025, new provisions will come into force RED Directive (Radio Equipment Directive), which redefines the compliance requirements for all radio devices sold in Europe. This is a significant change, not so much for the amount of regulations introduced, but for the effect they will have on the entire Android ecosystem. The issue revolves around three articles that impose specific protections: against network interference, personal data compromise, and digital fraud. These are, in themselves, sacrosanct rules.

But the crux comes with the interpretation prevailingEach device must ensure full compliance not only with the hardware, but also with the software that controls the radio modules. This is where the bootloader comes in. Unlocking it essentially allows you to replace the original operating system with an alternative one, such as LineageOS or GrapheneOS.

But these systems, if they modify the radio drivers even minimally, invalidate the CE certification. An uncertified device can no longer be legally marketed or used, at least according to the most stringent reading of the law.

This scenario has therefore led Samsung to protect its devices. Not on a whim, but to avoid any software modifications falling under your legal liability. If a user installs a ROM that interferes with radio frequencies or compromises communications security, the manufacturer (and in some cases the importer) may be held directly liable.

RED does not explicitly talk about unlocking the Bootloader or custom ROM, but it opens one regulatory space in which the margins for maneuver are they narrow. And in doing so, it provides a solid argument for those who have been trying for years to close the loop between hardware, software, and services. After all, customizing the operating system also means breaking away from proprietary services and, therefore, from the model that ties the user to the brand.

Samsung is just the first to move, but it's hard to imagine it will be the only one. Starting in August 2025, it's very likely that other manufacturers will follow suit, at least for the European market.

top 50 comments
sorted by: hot top controversial new old
[-] j4k3@lemmy.world 202 points 3 weeks ago

Fuck smart phones and neo feudalism. This is theft of ownership with a criminal complicit government. I applaud all Luigi's these people deserve it. These are the killers of democracy. If your device only runs factory filtered stalkerware garbage, all democracy is dead. All information is easily filtered by this proprietary shit. Freedom of the press is a bullshit tiny niche of the broader requirement for a fully informed public. The fucking "press" is bullshit to highlight. You must have fully informed citizens and you may not choose how that information is shared or disseminated between citizens. This is not democracy. People are so fucking stupid.

[-] WhatAmLemmy@lemmy.world 87 points 3 weeks ago* (last edited 3 weeks ago)

Notice how the article implies Samsung and other corporations don't want to do this, even though it's something they've wanted to do for a long time? They almost certainly lobbied and ghost wrote most of this legislation to begin with; now they play the victim, even though they're a perpetrator.

[-] antonim@lemmy.dbzer0.com 25 points 3 weeks ago

Notice how the article implies Samsung and other corporations don’t want to do this, even though it’s something they’ve wanted to do for a long time?

It's already disproportionately difficult to just root a Samsung phone, so this change perfectly fits the pattern. (Posting this from a new Samsung phone that I'm desperately trying to root.)

load more comments (1 replies)
[-] scrion@lemmy.world 12 points 3 weeks ago* (last edited 3 weeks ago)

Jesus, how do you people always come up with the most inane conspiracies. I have a company that manufactures devices that communicate wirelessly. The new RED is a huge pain in the ass, along with the CRA.

Absolutely no company pushed for this. The new legislations and directives cause a ton of additional work and obligations for companies, e. g. software has to be certified as part of the compliance check, things that were previously approved via self-reports now involve trusted 3rd parties, and reports of violations to government bodies are now mandatory.

And you know what, even though this costs a bunch of money that could go elsewhere and the whole thing is so new that even the certification bodies have no idea what is going on, even though we have to setup completely new processes, spend endless hours documenting things, I still appreciate both initiatives.

As an end customer, I would love if e. g. the software that runs on the mobile payment terminal taking my card info is certified. I would love if the developer of the software running on the PLC on my shop floor has to check CVEs, inform me about security issues and has to deliver 5 to 10 years of updates.

Not a fan of Samsung and their shitty software, but they're simply preemptively covering their ass, nothing more.

I'd also still want to unlock my bootloader. I'm sure the whole legal situation will become less muddled, enabling just that.

[-] OutlierBlue@lemmy.ca 107 points 3 weeks ago

If you don't control the device, you don't own the device.

[-] Lembot_0004@discuss.online 98 points 3 weeks ago

An uncertified device can no longer be ... used

Oh, fuck. Call the French, they have the most active civil society that actually can burn a thing or two during a week or two. That is the craziest law ever, denying the most basic human rights! That is literally a prohibition of DIY of any kind.

[-] DawnOfTime 24 points 3 weeks ago

Haha i'm glad we're known for that in the eu

load more comments (1 replies)
[-] thann@lemmy.dbzer0.com 9 points 3 weeks ago

You connect a wire to a battery and you just created an illegal transmitter!

load more comments (1 replies)
load more comments (2 replies)
[-] cley_faye@lemmy.world 76 points 3 weeks ago

WTF just happened in Europe in the last few months. We used to be some sort of (dimmly lit) beacon of user freedom and privacy considerations. Now, I know there's been a push for new legislations that basically fuck individual privacy over, but last I checked it was just a proposal. And now we're doing a fucking 1260° turn toward full stanglehold on everything.

[-] gandalf_der_12te@discuss.tchncs.de 33 points 3 weeks ago

There's also this article from yesterday: Austria legalises state spyware amidst strong opposition

i wonder what changed. these regulations are certainly a threat. they justified it with the "threat of (islamistic) terrorism", though i don't know what's really going on there.

[-] plyth@feddit.org 8 points 3 weeks ago
[-] gandalf_der_12te@discuss.tchncs.de 15 points 3 weeks ago

What's really worrying me is this:

i.e. wars are waged because somebody is bored

load more comments (2 replies)
load more comments (1 replies)
[-] MonkderVierte@lemmy.zip 61 points 3 weeks ago* (last edited 3 weeks ago)

So what? Linux computers are not compliant, can not use wifi, or what? I don't see how that prevents unlockable bootloaders, other than being used as an excuse by the manufacturers.

[-] rmuk@feddit.uk 20 points 3 weeks ago

It's a bullshit argument and this article is a classic example of a shitty journalist pretending that a new law overrules every other law in existence.

[-] LeTak@feddit.org 61 points 3 weeks ago

This was the only reason I liked Android over iOS: the CFW community. I’ve been running some sort of CFW since Android 4.0. Now, the charm has gone. GrapheneOS, SailfishOS, e/OS, LineageOS, iode OS, and even CyanogenMod – I’ve used them all. Each one has its own target group and use case. I hope it turns into the better one again. It’s like forcing a PC to only run the OS it’s delivered with.

[-] OutlierBlue@lemmy.ca 69 points 3 weeks ago

It’s like forcing a PC to only run the OS it’s delivered with.

That's coming. Everything else has been locked down.

[-] r00ty@kbin.life 30 points 3 weeks ago

I'm also convinced that we'll be herded ever more toward cloud computing. That is, we'll all have our "desktop" on the cloud and thin clients to access it.

Don't get me started on the dystopia I see coming from that.

[-] OutlierBlue@lemmy.ca 19 points 3 weeks ago

Yup. It's another product they'll try to turn into a service so you're locked in forever. Allowing people to pay once for their products is bad business.

load more comments (5 replies)
load more comments (1 replies)
[-] r00ty@kbin.life 50 points 3 weeks ago

In terms of the radio rules. The radio has always had its own firmware on android phones. The rules could be implemented using hardware fuses and restrictions on signed firmware updates for those specific systems.

That is they make the "single model for the world" as is generally economically the best option in many cases. And before shipping to distributors it's stamped with the region and the fuses for that region are blown. Now it doesn't mean it cannot be used elsewhere. But it means that it will follow all rules for the certification stamped on the device.

That would mean that any firmware for the main operating system cannot command it to do anything outside of the limits defined by those rules. So it's not really a technical reason not to allow custom bootloaders.

But of course, probably the manufacturers generally don't want you to be able to remove their firmware that is often filled with sponsored required app installs. So this is a convenient way to pretend their hands are tied.

[-] ExLisper@lemmy.curiana.net 46 points 3 weeks ago* (last edited 3 weeks ago)

This sounds like bullshit.

An uncertified device can no longer be legally marketed or used

Ok, but I'm not marketing my LineageOS phone and I don't believe Samsung can be responsible for me using it. It sounds like phones with custom ROM will simply lose CE certification (unless the custom ROM is itself certified). Samsung obtains the CE certification and sells certified phone. Making them responsible for anything that happens after that (besides regular updates) is something completely different than what this article talks about. It would basically mean that Samsung has to make sure that their devices cannot be hacked/rooted but ensuring security of hardware and software is something completely different and is covered by different laws. Even the RAD website clearly says this:

"In 2021, the Commission decided to pause the initiative following the announcement of the Cyber Resilience Act (CRA), due to potential overlaps. In 2023, it was agreed that cybersecurity requirements would transfer from the Radio Equipment Directive (RED) to the CRA."

[-] cookie019@lemmy.dbzer0.com 40 points 3 weeks ago

As far as I know our contractual law prevent being liable for damage caused by users own usage of a hardware or software. This is why tor browser developers arent in trial as liable for some scams that some users do using their software - because of their contract policy. So this excuse is jot valid - they locked bootloader jot because they are obligated or fear trial just because they do not luke private os which prevent them from harvesesting users data

[-] BananaIsABerry@lemmy.zip 12 points 3 weeks ago

Potentially overreaching law is great excuse for an organization to make an unpopular change. Now it's not their fault, they had to do it.

load more comments (2 replies)
[-] Cricket@lemmy.zip 30 points 3 weeks ago
[-] WhyJiffie@sh.itjust.works 14 points 3 weeks ago* (last edited 3 weeks ago)

and by extension possibly secure router firmware like OpenWRT too?

load more comments (2 replies)
[-] plyth@feddit.org 28 points 3 weeks ago

Chat message scanning can come in October, age verification is also introduced in various countries. Things are getting serious.

[-] WhyJiffie@sh.itjust.works 26 points 3 weeks ago

what an utter bullshit! will the manufacturer be also directly held liable if someone uses a phone of their brand to make a picture about me without authorization! of fucking course not!

fuck samsung, and all the manufacturers that follow suit, because this is just not needed.

but also fuck the red directive's decision makers for their unsatiable creep of wanting ever more power over our devices! this is exactly like saying, that there is this illegal thing, and if you are not doing it, but just have the slightest ability to do it, that is also illegal. what the actual fuck! get off my fucking phone you scumbags!!

[-] mr_satan@lemmy.zip 18 points 3 weeks ago

Lately I'm more and more disappointed in EU legislations. Especially having to live with them…

[-] IndustryStandard@lemmy.world 23 points 3 weeks ago

EU went from frontrunner of internet privacy to asking for a gooner license.

[-] WorldsDumbestMan@lemmy.today 8 points 3 weeks ago

It's up to us to keep it free. It is one of the last lights in this world, and it must NOT go out!

load more comments (1 replies)
[-] ssfckdt 11 points 3 weeks ago

I mean, this is corporations using decent regulations as an excuse to do something they've probably already wanted to do.

[-] qaz@lemmy.world 17 points 3 weeks ago* (last edited 3 weeks ago)

Has anyone verified what this article says?

Here's the directive in question: https://eur-lex.europa.eu/eli/dir/2014/53/oj/eng It doesn't seem to imply what the article implies.

Also, here are some things from the discussion on HN

As is usual, there seems to be a massive misunderstanding what the directive is and means. The TLDR is that the directive contains no clauses that compels phone makers to keep the Android bootloader locked or that forbids EU users from unlocking it.

Samsung's public reasoning might be that disabling unlocking the bootloader because of the directive, but there is nothing in the directive that forces them to lock the bootloader. It does sound like a convenient scapegoat if they don't want to talk about the real reasons though.

The phone makes who end up disabling the unlocking of bootloaders are all doing so on their own accord, not because some regulation is forcing them to.

Finally, the EU’s broader right-to-repair policies makes it kind of impossible that an outright prohibition of unlocking the bootloader could happen. But of course, nuance doesn't make people click article titles on the web...

load more comments (1 replies)
[-] humanspiral@lemmy.ca 16 points 3 weeks ago

If a user installs a ROM that interferes with radio frequencies

Do any "ROMs" or linuxes do this? Seems like you could get an "illegal USB bluetooth/wifi dongle" for shenanigans purposes instead. This all seems like such a pointless distraction that can only be to ensure that manufacturer backdoors are ensured as unescapable.

[-] bitwolf@sh.itjust.works 7 points 3 weeks ago

I have never installed a ROM that touched the radio.

In fact most ROMs I've used warned against touching the radio because of the risk of damaging the device.

load more comments (1 replies)
[-] tabular@lemmy.world 16 points 3 weeks ago* (last edited 3 weeks ago)

Like how the cellular module is proprietary and locked down, even on something like a Librem phone. Or like how DVD players had to use proprietary software to force comply with DRM.

load more comments (1 replies)
[-] Chill_Dan@lemmy.world 16 points 3 weeks ago

The EU is pretty disappointing.

load more comments (1 replies)
[-] deathbird@mander.xyz 15 points 3 weeks ago

This is really badly written, and that particularly annoys me because the subject matter is actually important.

[-] DFX4509B_2@lemmy.org 11 points 3 weeks ago

Good luck applying this sorta lockdown to PCs.

[-] MangoPenguin 16 points 3 weeks ago

Secure boot force enabled with preset certificates would essentially do that.

load more comments (5 replies)
load more comments (3 replies)
[-] debby@hear-me.social 10 points 3 weeks ago

Thank you for sharing this, @MazonnaCara89.

Personally, I find it very regrettable that Samsung is taking this draconian step. 😠

I have a follow-up question: Does this mean that I will no longer be allowed to use devices with free and open-source modifications when traveling to the EU? Are existing devices grandfathered in?

Does this mean no more visits to the EU for me, or just no buying tech in the EU? @Lembot_0004 @eleitl @ExLisper @LeTak @tabular

[-] eleitl@lemmy.zip 9 points 3 weeks ago

So I will have to import hardware or cease buying smartphones altogether. MiFi router tethering with WiFi tablets and dumbphones are quite enough.

[-] gandalf_der_12te@discuss.tchncs.de 9 points 3 weeks ago* (last edited 3 weeks ago)

Wait, what does that mean for USB LTE devices? Devices that you can attack to a desktop computer to give you mobile internet. Last time i checked, they're widely available.

Would these become illegal as well?

IIRC they're already doing this in China. I got hold of a chinese phone a while ago, and there was no way to install your own OS on it, you just had to use what came pre-installed, and i don't know how much state-sponsored surveillance was on that.

[-] gandalf_der_12te@discuss.tchncs.de 9 points 3 weeks ago* (last edited 3 weeks ago)

Wait - is this about all radio devices or only mobile connectivity ones?

I.e., is WiFi affected as well? Or does it only affect internet that you access through your carrier?

The article says:

From 1 August 2025, new provisions will come into force RED Directive (Radio Equipment Directive), which redefines the compliance requirements for all radio devices sold in Europe.

Which technically would also affect WiFi.

[-] ssfckdt 9 points 3 weeks ago

I don't understand why the user doing what they want to their own possessions has any impact on the original manufacturer.

Samsung isn't selling flashed devices as far as I know...

[-] ayyy@sh.itjust.works 7 points 3 weeks ago

Do these stupid legislators not understand when they are being played for fools? Who gets to such a position without knowing what protectionism is? Unless it’s simple corruption?

[-] kepix@lemmy.world 6 points 3 weeks ago

"This scenario has therefore led Samsung to protect its devices."

oh golly, poor korean mafia.

load more comments
view more: next ›
this post was submitted on 01 Aug 2025
611 points (100.0% liked)

Technology

74438 readers
1982 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots


founded 2 years ago
MODERATORS