Feeds

Garage door DMCA case dismissed

Remote uncontrol

  • alert
  • submit to reddit

Boost IT visibility and business value

A federal judge in Illinois this week ruled that the maker of a universal garage door remote didn't violate the anti-circumvention provisions of the DMCA, in a closely watched case that offers hope to critics of the controversial copyright law.

Judge Rebecca Pallmeyer dismissed part of a civil suite brought by the Chamberlain Group, a leading maker of automatic garage door openers, against Skylink Technologies, Inc., a competitor that markets a universal replacement for lost garage door remotes.

"I think this is another classic case of the DMCA being used in an anti-competitive fashion," says Gwen Hinze, a staff attorney with the Electronic Frontier Foundation, which closely tracked the case. "Clearly, Congress didn't intend on the DMCA being used to prevent interoperable consumer products."

At issue was a clever technique the Skylink remote employed to bypass Chamberlain's implementation of "rolling code" technology, which is detailed in court transcripts from the case.

Older garage door openers relied on a unique I.D. number programmed into each remote and the receiver sold with it. If the remote sends the right I.D. to the receiver, the receiver opens the garage door.

Rolling code technology, introduced in the early 1990's, added another layer of security by ensuring that a garage door opener never transmits the same sequence twice. As implemented by Chamberlain in its Liftmaster Security+ line of garage door openers, the remote and the receiver keep internal counters that begin in synch, and are incremented by a constant value (three) each time the door is opened. When the user presses the button on the remote, the remote transmits the current value of the counter, along with the static I.D. number. The receiver will only open the garage door if both numbers are correct.

Except, of course, that the user might press the remote outside the presence of the garage door receiver, perhaps more than once, putting the counters out of synch. Chamberlain's solution to this quandary is to allow the receiver to accept incorrect counter values, as long as they're no more than 4,096 above the expected value -- allowing for over 1,300 stray button-pushes in the lifetime of the remote.

But even if the user surpasses that number, the system has a reset mechanism that keeps the remote from turning into a paperweight. If the receiver gets a counter value outside of the "forward window," it waits for a second button push. If it sees that the counter was incremented by the correct amount (still three), and the I.D. number is right, it assumes the remote was subject to good deal of jostling, but is nevertheless the right remote. The receiver simply synchronizes its counter to the value transmitted by the remote, and opens the garage door.

"Code Grabbing" Fears
Skylink figured out that this last feature makes the whole rolling code song and dance unnecessary. With each button press, Skylink's Model 39 universal garage door opener sends the same sequence of three counter values: the first transmission sends an arbitrary value; the second sends a value that falls outside the forward window (and a similar "rear window") established by the first; the third just adds three to that. And the door opens.

The I.D. number must still match, which makes the Model 39 something less than a burglar tool. But that didn't deter Chamberlain from claiming that the Model 39 is an illegal circumvention device under the DMCA. In a hearing last June, Chamberlain attorney Karl Fink argued that the device compromises the security of the Chamberlain garage door openers by transmitting the same sequence each time. Now a tech-equipped garage burglar can sniff the sequence out of the airwaves and replay them later, "and that will be the same thing as if the Model 39 itself transmitted the codes," said Fink.

"The very feature of the rolling code was to defeat the code grabber," the lawyer argued. "That's exactly what's being defeated by the Model 39 because now the code grabber situation is back in play again. You might as well not have a rolling code system because you have now defeated it."

The argument that it was Skylink's remote and not Chamberlain's reset mechanism that made the rolling code implementation useless is exactly the sort of logic that judges have often accepted in interpreting the DMCA. But in her ruling on Thursday, Pallmeyer dodged the question, and found that consumers have a right to replace a lost remote with a competing product without violating federal law. "In addition, a homeowner has a legitimate expectation that he or she will be able to access the garage even if the original transmitter is misplaced or malfunctions."

The ruling hinged on the fact that Chamberlain's product packaging and website didn't prohibit consumers from using other manufacturer's remotes. If it had, the court's reasoning could have produced a different decision. That troubles EFF's Hinze, who worries that vendors will begin imposing explicit restrictions on what compatible products a consumer can use with something they've bought. "Whether that would be enforceable is a good question," says Hinze.

Copyright ©

Secure remote control for conventional and virtual desktops

More from The Register

next story
UK fuzz want PINCODES on ALL mobile phones
Met Police calls for mandatory passwords on all new mobes
Don't call it throttling: Ericsson 'priority' tech gives users their own slice of spectrum
Actually it's a nifty trick - at least you'll pay for what you get
Three floats Jolla in Hong Kong: Says Sailfish is '3rd option'
Network throws hat into ring with Linux-powered handsets
Netflix swallows yet another bitter pill, inks peering deal with TWC
Net neutrality crusader once again pays up for priority access
Fifteen zero days found in hacker router comp romp
Four routers rooted in SOHOpelessly Broken challenge
New Sprint CEO says he will lower axe on staff – but prices come first
'Very disruptive' new rates to be revealed next week
US TV stations bowl sueball directly at FCC's spectrum mega-sale
Broadcasters upset about coverage and cost as they shift up and down the dials
Tech city types developing 'Google Glass for the blind' app
An app and service where other people 'see' for you
Canadian ISP Shaw falls over with 'routing' sickness
How sure are you of cloud computing now?
UK mobile coverage is BETTER than EVER, networks tell Ofcom
Regulator swallows this line and parrots it back out at us. What are they playing at?
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Top 10 endpoint backup mistakes
Avoid the ten endpoint backup mistakes to ensure that your critical corporate data is protected and end user productivity is improved.
Top 8 considerations to enable and simplify mobility
In this whitepaper learn how to successfully add mobile capabilities simply and cost effectively.
Rethinking backup and recovery in the modern data center
Combining intelligence, operational analytics, and automation to enable efficient, data-driven IT organizations using the HP ABR approach.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.