thoughts on the LG 370 network transmissions
I'm trying to see if there's a way to trick my blu ray player into playing stuff from my MythTV box... so checking out it's network transmissions:
Here are some thoughts:
*) I'm really confused by the http connection to www.lge.com which connects, but transfers no data (unless it's really secret, but it can't be that secret, since it's www.lge.com is hosted by CDNetworks, which I'm guessing is a CDN)
*) While it's kind of neat that it's using NTP to get the time (which it doesn't seem to show anywhere), it would be cooler if it didn't (apparently) hardcode 1.us.pool.ntp.org and 2.us.pool.ntp.org (but at least they didn't hardcode time.uwisc.edu or whatever). They should have a vendor zone.
*) It's kind of strange that there are two HTTP posts for the apparent firmware check to aswnus.lge.com, right after another, and the name gets looked up twice. Also, it's kind of strange that the player is using a User-Agent of Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1;), when it's clearly not IE 6 on Windows XP, and it's a custom server. Also, I'm too lazy to (attempt to) decode the content of the post and response. Ok I did it, First the player says:
"P001 BD370V Servo A BD.8.16.693.A 00E09199ECBB N "
and the server says:
"710Network update service is not available for Device"
Then, in the next request, the player says:
"P001 BD370V Main A BD.8.16.693.A 00E09199ECBB N "
and the server says:
"00000000000026133409900Current version is the latest00"
Blah blah, it does another request to the same server (nobody seems to want to do connection pipelining), with another dns lookup. I didn't bother decoding this one.
*) Looking at Cinema Now. It's pretty amusing that they mispelled (twice) the User-Agent: "LGE Thumnail downlaoder". Sadly, this looks like a lot of https for the interesting stuff, but box art, and trailers come via http, so might be (slightly) hackable. Also, the trailer I picked wasn't DRMed, but the formatting seems slightly wacky. Trailer seems to be mpeg2 video + aac audio in an mpeg program stream container.
*) YouTube
HTTP only, XML api. Very likely hackable! ;) Format for one video is h.264, with aac audio, in an mp4 container.
*) Netflix
HTTPS from the start; cert is signed by a chain of two Netflix CAs, but the root CA is not signed by a normal CA. Speed test is HTTP though, and consists of downloading a 12.5M file full of nulls. :) Content is downloaded via http, but the WMV movie seems to have some sort of encryption. The player is also simultaneously downloading a 'bif' file (through a different CDN) likely that contains information key to decryption, but maybe other stuff is coming through the https connection.
Here are some thoughts:
*) I'm really confused by the http connection to www.lge.com which connects, but transfers no data (unless it's really secret, but it can't be that secret, since it's www.lge.com is hosted by CDNetworks, which I'm guessing is a CDN)
*) While it's kind of neat that it's using NTP to get the time (which it doesn't seem to show anywhere), it would be cooler if it didn't (apparently) hardcode 1.us.pool.ntp.org and 2.us.pool.ntp.org (but at least they didn't hardcode time.uwisc.edu or whatever). They should have a vendor zone.
*) It's kind of strange that there are two HTTP posts for the apparent firmware check to aswnus.lge.com, right after another, and the name gets looked up twice. Also, it's kind of strange that the player is using a User-Agent of Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1;), when it's clearly not IE 6 on Windows XP, and it's a custom server. Also, I'm too lazy to (attempt to) decode the content of the post and response. Ok I did it, First the player says:
"P001 BD370V Servo A BD.8.16.693.A 00E09199ECBB N "
and the server says:
"710Network update service is not available for Device"
Then, in the next request, the player says:
"P001 BD370V Main A BD.8.16.693.A 00E09199ECBB N "
and the server says:
"00000000000026133409900Current version is the latest00"
Blah blah, it does another request to the same server (nobody seems to want to do connection pipelining), with another dns lookup. I didn't bother decoding this one.
*) Looking at Cinema Now. It's pretty amusing that they mispelled (twice) the User-Agent: "LGE Thumnail downlaoder". Sadly, this looks like a lot of https for the interesting stuff, but box art, and trailers come via http, so might be (slightly) hackable. Also, the trailer I picked wasn't DRMed, but the formatting seems slightly wacky. Trailer seems to be mpeg2 video + aac audio in an mpeg program stream container.
*) YouTube
HTTP only, XML api. Very likely hackable! ;) Format for one video is h.264, with aac audio, in an mp4 container.
*) Netflix
HTTPS from the start; cert is signed by a chain of two Netflix CAs, but the root CA is not signed by a normal CA. Speed test is HTTP though, and consists of downloading a 12.5M file full of nulls. :) Content is downloaded via http, but the WMV movie seems to have some sort of encryption. The player is also simultaneously downloading a 'bif' file (through a different CDN) likely that contains information key to decryption, but maybe other stuff is coming through the https connection.