Feeds

Garage door DMCA case dismissed

Remote uncontrol

  • alert
  • submit to reddit

Beginner's guide to SSL certificates

A federal judge in Illinois this week ruled that the maker of a universal garage door remote didn't violate the anti-circumvention provisions of the DMCA, in a closely watched case that offers hope to critics of the controversial copyright law.

Judge Rebecca Pallmeyer dismissed part of a civil suite brought by the Chamberlain Group, a leading maker of automatic garage door openers, against Skylink Technologies, Inc., a competitor that markets a universal replacement for lost garage door remotes.

"I think this is another classic case of the DMCA being used in an anti-competitive fashion," says Gwen Hinze, a staff attorney with the Electronic Frontier Foundation, which closely tracked the case. "Clearly, Congress didn't intend on the DMCA being used to prevent interoperable consumer products."

At issue was a clever technique the Skylink remote employed to bypass Chamberlain's implementation of "rolling code" technology, which is detailed in court transcripts from the case.

Older garage door openers relied on a unique I.D. number programmed into each remote and the receiver sold with it. If the remote sends the right I.D. to the receiver, the receiver opens the garage door.

Rolling code technology, introduced in the early 1990's, added another layer of security by ensuring that a garage door opener never transmits the same sequence twice. As implemented by Chamberlain in its Liftmaster Security+ line of garage door openers, the remote and the receiver keep internal counters that begin in synch, and are incremented by a constant value (three) each time the door is opened. When the user presses the button on the remote, the remote transmits the current value of the counter, along with the static I.D. number. The receiver will only open the garage door if both numbers are correct.

Except, of course, that the user might press the remote outside the presence of the garage door receiver, perhaps more than once, putting the counters out of synch. Chamberlain's solution to this quandary is to allow the receiver to accept incorrect counter values, as long as they're no more than 4,096 above the expected value -- allowing for over 1,300 stray button-pushes in the lifetime of the remote.

But even if the user surpasses that number, the system has a reset mechanism that keeps the remote from turning into a paperweight. If the receiver gets a counter value outside of the "forward window," it waits for a second button push. If it sees that the counter was incremented by the correct amount (still three), and the I.D. number is right, it assumes the remote was subject to good deal of jostling, but is nevertheless the right remote. The receiver simply synchronizes its counter to the value transmitted by the remote, and opens the garage door.

"Code Grabbing" Fears
Skylink figured out that this last feature makes the whole rolling code song and dance unnecessary. With each button press, Skylink's Model 39 universal garage door opener sends the same sequence of three counter values: the first transmission sends an arbitrary value; the second sends a value that falls outside the forward window (and a similar "rear window") established by the first; the third just adds three to that. And the door opens.

The I.D. number must still match, which makes the Model 39 something less than a burglar tool. But that didn't deter Chamberlain from claiming that the Model 39 is an illegal circumvention device under the DMCA. In a hearing last June, Chamberlain attorney Karl Fink argued that the device compromises the security of the Chamberlain garage door openers by transmitting the same sequence each time. Now a tech-equipped garage burglar can sniff the sequence out of the airwaves and replay them later, "and that will be the same thing as if the Model 39 itself transmitted the codes," said Fink.

"The very feature of the rolling code was to defeat the code grabber," the lawyer argued. "That's exactly what's being defeated by the Model 39 because now the code grabber situation is back in play again. You might as well not have a rolling code system because you have now defeated it."

The argument that it was Skylink's remote and not Chamberlain's reset mechanism that made the rolling code implementation useless is exactly the sort of logic that judges have often accepted in interpreting the DMCA. But in her ruling on Thursday, Pallmeyer dodged the question, and found that consumers have a right to replace a lost remote with a competing product without violating federal law. "In addition, a homeowner has a legitimate expectation that he or she will be able to access the garage even if the original transmitter is misplaced or malfunctions."

The ruling hinged on the fact that Chamberlain's product packaging and website didn't prohibit consumers from using other manufacturer's remotes. If it had, the court's reasoning could have produced a different decision. That troubles EFF's Hinze, who worries that vendors will begin imposing explicit restrictions on what compatible products a consumer can use with something they've bought. "Whether that would be enforceable is a good question," says Hinze.

Copyright ©

Secure remote control for conventional and virtual desktops

More from The Register

next story
Same old iPad? NO. The new 'soft SIMs' are BIG NEWS
AppleSIM 'ware to allow quick switch of carriers
Brits: Google, can you scrape 60k pages from web, pleeease
Hey, c'mon Choc Factory, it's our 'right to be forgotten'
Of COURSE Stephen Elop's to blame for Nokia woes, says author
'Google did have some unique propositions for Nokia'
FCC, Google cast eye over millimetre wireless
The smaller the wave, the bigger 5G's chances of success
It's even GRIMMER up North after MEGA SKY BROADBAND OUTAGE
By 'eck! Eccles cake production thrown into jeopardy
Mobile coverage on trains really is pants
You thought it was just *insert your provider here*, but now we have numbers
Don't mess with Texas ('cos it's getting Google Fiber and you're not)
A bit late, but company says 1Gbps Austin network almost ready to compete with AT&T
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Cloud and hybrid-cloud data protection for VMware
Learn how quick and easy it is to configure backups and perform restores for VMware environments.
Three 1TB solid state scorchers up for grabs
Big SSDs can be expensive but think big and think free because you could be the lucky winner of one of three 1TB Samsung SSD 840 EVO drives that we’re giving away worth over £300 apiece.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.