January 10, 2025

Posts Comments

Archives for 2003

Ruling in Garage-Door-Opener Case

September 4, 2003 by

An important ruling was issued yesterday in the Chamberlain v. Skylink lawsuit. (See this previous post for a summary of the case.)

The court denied Chamberlain’s motion for summary judgment. Although this is only a ruling on a preliminary motion, the judge used it to offer her analysis of how the DMCA applies to the apparent facts in the case. In short, she ruled that it is not a violation of the DMCA for Skylink to make a replacement remote control that can open Chamberlain-brand garage door openers.

Chamberlain uses a simple cryptographic protocol to authenticate the remote (the small push-button device you keep in your car) to the opener (the big unit attached to the garage ceiling). The purported purpose of this is to prevent bad guys from recording the signals sent by the remote, and replaying them later to open the door when the homeowner is gone. The protocol includes a resynchronization mode that is used when the remote and the opener somehow get out of sync. Skylink’s replacement remote uses the resynchronization mode every time. Chamberlain argued that by doing this Skylink was circumventing Chamberlain’s authentication protocol, and that the protocol controls access to the copyrighted software running in the opener. Chamberlain concluded that Skylink’s actions ran afoul of the DMCA’s ban on devices that circumvent (without permission) measures that control access to copyrighted works.

The judge ruled that Skylink was not violating the DMCA, essentially because consumers have permission to open their own garages. You might think this sensible conclusion was easy to reach, but it was not. The judge’s problem was that in a previous DMCA case (Universal v. Remeirdes) a court had ruled that consumers do not have permission to view their own DVDs, except on devices “authorized” by the copyright owner. (To be more precise, the Remeirdes court ruled that whatever permission consumers had did not create an exception to the DMCA.)

The toughest part of the Chamberlain judge’s opinion is the part that tries to reconcile her ruling with the previous Remeirdes ruling. (This is on pages 25 and 26 of the ruling, if you’re reading along at home.) I have to admit I don’t fully understand this part of the judge’s ruling. Ernest Miller at LawMeme is scornful, saying that the judge used tortured reasoning, based on artificial distinctions between the cases. Derek Slater says that the judge should have simply admitted that her ruling is inconsistent with Remeirdes. (She is allowed to be inconsistent, because Remeirdes was decided in a different circuit and so is not binding precedent for her.)

I’m not sure what to think about this. I hope the issue will become clearer after more discussion.

Filed Under: Uncategorized Tagged With:

Hacking, by Subpoena

September 3, 2003 by

James Grimmelmann at LawMeme explains a recent opinion by the Ninth Circuit Court of Appeals, holding that a party that used an obviously improper subpoena to get information from a computer can be sued for breaking into that computer. If you think about this, it makes some sense, if the subpoena was used to defeat ordinary security mechanisms.

Filed Under: Uncategorized Tagged With:

The Scopes Trial, Revisited

September 1, 2003 by

This week, the Economist ran an odd piece comparing the SCO/IBM dispute to the Scopes “Monkey Trial.”

SCO, for anyone who has never heard of the company, is pronounced “skoh”, as in Scopes. Indeed “the SCO case” of 2003 sounds increasingly like the famous Scopes Monkey Trial of 1925, which pitted religious fundamentalists against progressives wanting to teach Darwin alongside the Bible in American classrooms. The SCO case plays the same role in a culture war now consuming the software industry. On one side are the equivalents of the fundamentalists—buttoned-down types clinging to proprietary and closed computer systems. Facing them are today’s evolutionists—the pony-tailed set championing collaboration and openness in the form of Linux, an operating system that anybody can download and customise for nothing. The 1925 trial had a monkey as its symbol; the 2003 case has the Linux trademark, a cute penguin.

It’s interesting that the open source crowd are cast as the evolutionists and the proprietary vendors as creationists. This would seem to imply that open source is the way of the future, and proprietary software is the way of the past. Surprising, coming from an outfit as traditionally pro-business as the Economist.

Apparently the Economist fell into the popular trap of reading too much into the SCO/IBM case. In the Scopes case, the facts were clear (Scopes had taught evolution) and the law was clear (it was illegal to teach evolution). Only the constitutional and public-policy issues were really on the table for discussion. The trial was a debate disguised as a legal proceeding.

In SCO/IBM, by contrast, the facts are very much in dispute. IBM stands accused of simple copyright infringement and breach of contract. The policy issues surrounding open source are not on the table; and it seems to me that enough is at stake for both parties that neither one will try to turn the trial into a public spectacle. Outside the courtroom we’ll hear lots of noise, but inside the courtroom I predict a straight-ahead trial on SCO’s allegations.

In any case, both sides are uniquely resistant to the obvious typecasting. The open-source side would typically be painted as anti-capitalist ponytail-and-Birkenstock hippie leftists – but that image just doesn’t fit IBM. And the proprietary-software side would typically be painted as plutocratic Goliaths bullying a poor, idealistic David – but the Goliath role just doesn’t fit SCO.

There are important economic and policy issues involving open source, but the SCO/IBM lawsuit is a singularly poor vehicle for exploring them.

Filed Under: Uncategorized Tagged With:

Software Customer Bill of Rights

August 28, 2003 by

Cem Kaner has written a Software Customer Bill of Rights. His general approach is to require that customers have roughly the same rights when they buy software as when they buy other products.

Much of what Kaner says makes sense. But at least one of his principles seems awfully hard to implement in practice:

2. Disclose known defects. The software company or service provider must disclose the defects that it knows about to potential customers, in a way that is likely to be understood by a typical member of the market for that product or service.

This is hard to implement because software products have so many defects – big mass-market software products typically have thousands of known defects. And this is not just the practice of one or two companies; it’s standard in the industry. If a vendors waited until all the defects were removed from a product, that product would never be finished and would never ship.

Some of the defects in software products are serious, but most are relatively minor. There is simply no way to explain them all to consumers. And sometimes it can be hard to tell in advance which defects will prove to be critical to customers.

Still, Kaner seems to be on the right track. It would be helpful if vendors disclosed the most serious known defects to their customers, so that customers could weight their impact in deciding which product to buy.

[Link credit: Dan Gillmor.]

Filed Under: Uncategorized Tagged With:

Business Week Interview

August 27, 2003 by

Business Week Online is running an interview with me, done by reporter Heather Green.

Filed Under: Uncategorized