Samsung has decided to proceed with the Bootloader blocking also in Europe, a move that has caused a lot of discussion. Behind this choice is a European regulation that will come into force in August 2025 and which risks changing smartphone usage in Europe forever. This is why other manufacturers may soon follow suit.
From 1 August 2025, new provisions will come into force RED Directive (Radio Equipment Directive), which redefines the compliance requirements for all radio devices sold in Europe. This is a significant change, not so much for the amount of regulations introduced, but for the effect they will have on the entire Android ecosystem. The issue revolves around three articles that impose specific protections: against network interference, personal data compromise, and digital fraud. These are, in themselves, sacrosanct rules.
But the crux comes with the interpretation prevailingEach device must ensure full compliance not only with the hardware, but also with the software that controls the radio modules. This is where the bootloader comes in. Unlocking it essentially allows you to replace the original operating system with an alternative one, such as LineageOS or GrapheneOS.
But these systems, if they modify the radio drivers even minimally, invalidate the CE certification. An uncertified device can no longer be legally marketed or used, at least according to the most stringent reading of the law.
This scenario has therefore led Samsung to protect its devices. Not on a whim, but to avoid any software modifications falling under your legal liability. If a user installs a ROM that interferes with radio frequencies or compromises communications security, the manufacturer (and in some cases the importer) may be held directly liable.
RED does not explicitly talk about unlocking the Bootloader or custom ROM, but it opens one regulatory space in which the margins for maneuver are they narrow. And in doing so, it provides a solid argument for those who have been trying for years to close the loop between hardware, software, and services. After all, customizing the operating system also means breaking away from proprietary services and, therefore, from the model that ties the user to the brand.
Samsung is just the first to move, but it’s hard to imagine it will be the only one. Starting in August 2025, it’s very likely that other manufacturers will follow suit, at least for the European market.
Notice how the article implies Samsung and other corporations don’t want to do this, even though it’s something they’ve wanted to do for a long time? They almost certainly lobbied and ghost wrote most of this legislation to begin with; now they play the victim, even though they’re a perpetrator.
It’s already disproportionately difficult to just root a Samsung phone, so this change perfectly fits the pattern. (Posting this from a new Samsung phone that I’m desperately trying to root.)
I just don’t buy android anymore. It sucks. Apple you always sucked too. Annoyingly society kinda requires me to have a phone so I will just get what ever someone else is throwing away or is very cheap second hand.
Reject their devices is the only real choice you can make. Don’t give them money.
Jesus, how do you people always come up with the most inane conspiracies. I have a company that manufactures devices that communicate wirelessly. The new RED is a huge pain in the ass, along with the CRA.
Absolutely no company pushed for this. The new legislations and directives cause a ton of additional work and obligations for companies, e. g. software has to be certified as part of the compliance check, things that were previously approved via self-reports now involve trusted 3rd parties, and reports of violations to government bodies are now mandatory.
And you know what, even though this costs a bunch of money that could go elsewhere and the whole thing is so new that even the certification bodies have no idea what is going on, even though we have to setup completely new processes, spend endless hours documenting things, I still appreciate both initiatives.
As an end customer, I would love if e. g. the software that runs on the mobile payment terminal taking my card info is certified. I would love if the developer of the software running on the PLC on my shop floor has to check CVEs, inform me about security issues and has to deliver 5 to 10 years of updates.
Not a fan of Samsung and their shitty software, but they’re simply preemptively covering their ass, nothing more.
I’d also still want to unlock my bootloader. I’m sure the whole legal situation will become less muddled, enabling just that.