Samsung has decided to proceed with the Bootloader blocking also in Europe, a move that has caused a lot of discussion. Behind this choice is a European regulation that will come into force in August 2025 and which risks changing smartphone usage in Europe forever. This is why other manufacturers may soon follow suit.
From 1 August 2025, new provisions will come into force RED Directive (Radio Equipment Directive), which redefines the compliance requirements for all radio devices sold in Europe. This is a significant change, not so much for the amount of regulations introduced, but for the effect they will have on the entire Android ecosystem. The issue revolves around three articles that impose specific protections: against network interference, personal data compromise, and digital fraud. These are, in themselves, sacrosanct rules.
But the crux comes with the interpretation prevailingEach device must ensure full compliance not only with the hardware, but also with the software that controls the radio modules. This is where the bootloader comes in. Unlocking it essentially allows you to replace the original operating system with an alternative one, such as LineageOS or GrapheneOS.
But these systems, if they modify the radio drivers even minimally, invalidate the CE certification. An uncertified device can no longer be legally marketed or used, at least according to the most stringent reading of the law.
This scenario has therefore led Samsung to protect its devices. Not on a whim, but to avoid any software modifications falling under your legal liability. If a user installs a ROM that interferes with radio frequencies or compromises communications security, the manufacturer (and in some cases the importer) may be held directly liable.
RED does not explicitly talk about unlocking the Bootloader or custom ROM, but it opens one regulatory space in which the margins for maneuver are they narrow. And in doing so, it provides a solid argument for those who have been trying for years to close the loop between hardware, software, and services. After all, customizing the operating system also means breaking away from proprietary services and, therefore, from the model that ties the user to the brand.
Samsung is just the first to move, but it’s hard to imagine it will be the only one. Starting in August 2025, it’s very likely that other manufacturers will follow suit, at least for the European market.
I hate the fact that the more technologically literate you are, the more you run away from it.
A smartphone with latest android, Gemini, google pay, a smartwatch, ChatGPT and a smart home?
Nope, I would rather have a Linux phone that is mostly incompatible with what is expected of modern smartphones, no AI please! Google pay? Only cash or monero! My watch is very smart, it can telle the time for a few years without a recharge, and nothing else!
If a user installs a ROM that interferes with radio frequencies or compromises communications security, the manufacturer (and in some cases the importer) may be held directly liable.
Has anyone verified what this article says?
Here’s the law in question: https://eur-lex.europa.eu/eli/dir/2014/53/oj/eng It doesn’t seem to imply what the article implies.
Also, here are some things from the discussion on HN
As is usual, there seems to be a massive misunderstanding what the directive is and means. The TLDR is that the directive contains no clauses that compels phone makers to keep the Android bootloader locked or that forbids EU users from unlocking it.
Samsung’s public reasoning might be that disabling unlocking the bootloader because of the directive, but there is nothing in the directive that forces them to lock the bootloader. It does sound like a convenient scapegoat if they don’t want to talk about the real reasons though.
The phone makes who end up disabling the unlocking of bootloaders are all doing so on their own accord, not because some regulation is forcing them to.
Finally, the EU’s broader right-to-repair policies makes it kind of impossible that an outright prohibition of unlocking the bootloader could happen. But of course, nuance doesn’t make people click article titles on the web…
I think it’s Samsung that interpreted the rule at their advantage in a way that sends more devices to the landfill
I don’t understand why the user doing what they want to their own possessions has any impact on the original manufacturer.
Samsung isn’t selling flashed devices as far as I know…
Some of you need to become Politicians
Lately I’m more and more disappointed in EU legislations. Especially having to live with them…
I mean, this is corporations using decent regulations as an excuse to do something they’ve probably already wanted to do.
EU went from frontrunner of internet privacy to asking for a gooner license.
There’s so many lobby groups and national interests pulling in various directions that it’s not really surprising to have both simultaneously.
TBH I’m still surprised GDPR ever made it through against the cries of every corporation on earth.
It’s up to us to keep it free. It is one of the last lights in this world, and it must NOT go out!
Do these stupid legislators not understand when they are being played for fools? Who gets to such a position without knowing what protectionism is? Unless it’s simple corruption?
This is really badly written, and that particularly annoys me because the subject matter is actually important.
what an utter bullshit! will the manufacturer be also directly held liable if someone uses a phone of their brand to make a picture about me without authorization! of fucking course not!
fuck samsung, and all the manufacturers that follow suit, because this is just not needed.
but also fuck the red directive’s decision makers for their unsatiable creep of wanting ever more power over our devices! this is exactly like saying, that there is this illegal thing, and if you are not doing it, but just have the slightest ability to do it, that is also illegal. what the actual fuck! get off my fucking phone you scumbags!!
The EU is pretty disappointing.
Did you read the directive? https://eur-lex.europa.eu/eli/dir/2014/53/oj/eng
Is this also the end of Software-Defined Radio in Europe?
and by extension possibly secure router firmware like OpenWRT too?
And meshnets that don’t go through corporate infrastructure?
PC Computers are next
This is why the big deal with TPM
Why TPM is never a removable security device
Why you can’t save your old PC with a usb TPM device,
even though they are low power serial text devicesAnd TPM itself is just the thin side of the wedge.
It will grow more and more capable as an encrypted instructions processor
Eventually applications will run enough of their code
as encrypted instructions that they will become impossible to pirate.This means application on your offline computer will be just as revocable as cloud application
and they will no longer be transferable, cryptographically tied to the processor coreThey probably want that, but also at the same time, that would kill software development.
They would like it if only their employees were the only priesthood of all software development
Only approved AIs and humans carrying a corporately issued developer license will be allowed to develop software.
But if it doesn’t run Linux I am not going to buy it
Microsoft is fine if you don’t buy computers anymore
It won’t miss you in particularThis is what’s going to happen with PCs
https://lemmy.ml/post/33992840/20208076And the Linux foundation will just sit by letting it happen? Or Valve for that matter, they appear to have anticipated this risk over a decade ago.
Yes, Valve saw this possibility back in the days of Windows 8
But look at phones, the supply chains mostly delivery bootloader locked and unlockable devices.
And now the latest windows require TPM 2.0
It requires TPM 2.0 to be married to the CPU, non user removable
Microsoft Pluton is an early version of a crypto processor.
They are putting the pieces in place slowly
and they have all kinds of good reasons
“why this isn’t something you should worry about”RISC-V’s time to shine! (IIRC it is open source instruction set).
It is an open source architecture but it doesn’t prevent the OEM from adding anything to it to prevent user from doing anything on it. They can add TPM, locked bootloader with fixed signing key stored on board. They can add microprocessor inaccessible to anyone but OEM. They can add spyware, malware. All this without any need for declaring it or need to make it open source.
The only change RISC V brings is there is no need to pay for a hardware architecture, benefitting the manufacturer. Rather than bringing freedom to the user.
And time to hold on to old devices. They’ll become like old cars: the only ones the owner can fully control.
Storage and processors don’t last forever. As parts break down, you won’t be able to replace them. Need a new hard drive? Sorry, it’ll only talk to motherboards that shake its hand.
RISC-V you are our only hope,
only use open source BIOS
Never factory bootloader-lock !
Here is a taste of the future
You Can’t Jailbreak Your PC
The days of “it’s my hardware, I’ll run what I want” are over.
TPM 2.0, Secure Boot, and Microsoft Pluton are forming a closed execution environment.You can’t replace the bootloader. You can’t flash unsigned firmware. You can’t disable the vendor-approved certificate store.Try to run an unsigned OS, and it will simply refuse to boot.
Your motherboard no longer listens to you.
It listens to Microsoft and OEMs.
You Will Own Nothing, and Even That Nothing Is Tied to Your Old PC
TPM stores your encryption keys in a non-exportable way.
Your files, apps, and even your OS activation are now bound to your specific machine.Want to move them to another system?
Too bad. The TPM won’t let you.
Even if you own both devices.The machine is yours. The data, software, and identity within it are not.
Installing Linux Will Be Illegal (Functionally, If Not Yet Legally)
Secure Boot + Remote Attestation is the death knell for freedom-focused OSes.Your distro doesn’t carry the "right" signature? Blocked. You modify the kernel for performance or privacy? No longer attested. You write your own OS? You don’t get to boot. It’s not banned in law. It’s banned by cryptographic gatekeeping.
Digital preservation will be technically impossible.
Encrypted execution + hardware-tied software =
No way to archive.
No way to emulate.
No way to restore.Games, apps, creative tools, all gone when the keys expire or the vendor shuts down.
We won’t just lose software. We’ll lose entire cultural eras.
It’s like that Apple ad crushing musical instruments but for your entire digital life
You Have No Mouth and Can’t Say NO
Vendor lock-in is no longer a commercial strategy.
It’s cryptographic reality.You can’t deny updates. You can’t run unsigned code. You can’t refuse attestation.Because your software won’t run without it.
The PC has become a compliance terminal. Saying "no" is no longer supported behavior.
A hardware-enforced, cryptographically sealed cage.
Your freedom to compute is being revoked—quietly, efficiently, irreversibly. The illusion of ownership is maintained only until enforcement becomes total. This isn’t theory. It’s shipping now.If we don’t fight back, there will be no root access left to reclaim.
What a fucking bleak run down. But it is the direction things are barreling towards.
Writing this the warning of Cory Doctorow about an upcoming “War on General Computing” was ringing in my head !
And also this video
https://www.youtube.com/watch?v=4EmstuO0Em8
But he doesn’t talk about the TPM and cryptoprocessor threat or the “war on general computing”, it was in another video that I can’t find right now
I also can’t find the Apple Ad where they crush a piano and other instruments of creation under a giant press to make an ipad
I remember seeing that ad. It was super depressing. I hate what the tech world is coming to, why my next phone will be a dumb phone, I’m trying to buy dvds and keeping my circa 2017 vehicle running for as long as possible
The future is here but it’s not evenly distributed.
Hopefully we can stay alive in the future’s shadow.
If a user installs a ROM that interferes with radio frequencies
Do any “ROMs” or linuxes do this? Seems like you could get an “illegal USB bluetooth/wifi dongle” for shenanigans purposes instead. This all seems like such a pointless distraction that can only be to ensure that manufacturer backdoors are ensured as unescapable.
I have never installed a ROM that touched the radio.
In fact most ROMs I’ve used warned against touching the radio because of the risk of damaging the device.
sorry for Gemini link to prompt below, but google itself doesn’t provide any top page links to answering the question, or questions about “software wifi to radio conversion”. GrapheneOS does not provide the functionality. Seems like only process to transmit/receive at a different band is to use hardware that bridges from wifi signal to radio signal.
modify phone wifi frequency to arbitrary frequency
It is generally not possible to directly modify the WiFi frequency on a smartphone to an arbitrary frequency. Smartphones are designed to operate within the standard WiFi frequency bands (2.4 GHz and 5 GHz) and their corresponding channels. While you can influence which band your phone connects to (e.g., prioritizing 5 GHz for faster speeds), you can’t arbitrarily set the frequency. Why you can’t set an arbitrary frequency: Hardware limitations: Smartphones are built with hardware that supports specific frequency ranges (2.4 GHz and 5 GHz in most cases). Protocol compliance: WiFi communication relies on specific protocols (like 802.11 a/b/g/n/ac/ax) that are tied to these standard frequency bands. Router configuration: While you can configure your router to broadcast different SSIDs for each band (e.g., “MyWiFi_2.4GHz” and “MyWiFi_5GHz”), the phone’s connection is still limited to the supported frequencies. What you CAN do: Prioritize a band: You can influence which band your phone connects to by adjusting settings on the phone (if available) or by configuring your router to have separate SSIDs for each band. Choose the right band: For faster speeds, prioritize the 5 GHz band when it’s available. For better range and wall penetration, the 2.4 GHz band is better. Optimize router settings: Ensure your router is set up to broadcast on the desired bands and consider channel selection for optimal performance. In short, while you can influence the band your phone connects to, you cannot arbitrarily set the WiFi frequency on your smartphone.
After RTFAing, this seems to be Samsung just using an excuse to lock down their phone, rather than any specific order from EU telling them to.
Good luck applying this sorta lockdown to PCs.
I seem to recall owning a microsoft tablet that could not have secure boot disabled. Why do you suppose it would be hard when (much like phones) there are already products (like chromebooks) that have done this?
Forcing SecureBoot platform-wide would kill the loose PC parts market.
Loose mainboards don’t ship with an OS by default and typically ship with SecureBoot disabled by default as well, it would be pretty hard to force an OS on something that has no OS installed by default unless it’s forced in ROM.
Secure boot force enabled with preset certificates would essentially do that.
Some systems can bypass secure boot
Only if the motherboard vendor allows you to. Imagine buying a Dell or Asus laptop and being forced to only run Windows.
So on most motherboards secure boot is just fake secure boot to satisfy windows?
No. Thankfully (at the moment) vendors are allowing us to install other OSes, but if a vendor really wanted to lock you down to Windows all they’d need to do is hide one option in the bios. I’m uncomfortable with the idea that there’s no technical reason preventing the PC industry from getting as locked down as Android phones did over time.
Except that would require a rewrite of the PC spec which I’m not sure would work out too well given the existence of loose mainboards for custom builds which ship with no OS by default and expect you to supply the OS yourself, ditto for niche manufacturers like Framework who also offer the option of letting you supply your own OS.
Wait - is this about all radio devices or only mobile connectivity ones?
I.e., is WiFi affected as well? Or does it only affect internet that you access through your carrier?
The article says:
From 1 August 2025, new provisions will come into force RED Directive (Radio Equipment Directive), which redefines the compliance requirements for all radio devices sold in Europe.
Which technically would also affect WiFi.
