dz0ny/leapcast

Current state of leapcast

an0t8 opened this issue · 12 comments

an0t8 commented

It seems that only youtube is working after the change of API. But there has not been alot of activity on this project in some time. Are there still plans to update leapcast for the new API? I would really love google play music support. I have done some reading and it is confusing, some say that there is now encryption that cannot be worked around without a hardware key. Is this the case?

This is a great application, and I love being able to use my hardware the way that I want. Regardless of the state of the project, thank you and all the contributors for their hard work.

seems all but abandoned. I have been considering forking this repo and continuing the project, although it might be worthwhile to just start from scratch on it.

an0t8 commented

Thats really too bad. I'm not much with python, but I am a software engineer, maybe I could help out as well. Though time is limited at the moment. Even if the original contributors don't want to work on it anymore it would be great if they could at least log their findings, or make any documents on API changes and stuff public. The stuff on the wiki looks like it was all the previous version.

I would be happy to do work on the development (I do most of my personal projects in python, and am very familiar with the landscape)
But, I don not have time to reverse engineer the protocols (documentation on the server is slim to none because they don't expect you to implement one)

If you or someone else can do work on documenting the protocol, then I'd be happy to continue dev. (lets hope that google doesn't change the protocol again any time soon)

https://github.com/HomerSp/CastTest
https://github.com/thibauts/node-castv2
relevant?

Also it appears from cursory research that there is a hardware drm chip in the chromecast responsible for provisioning keys that are recreated every 24 hrs. We may have to give up hope for good.

reference:
thibauts/node-castv2#2

dz0ny commented

Only the clients can be created, as soon you want to create server you need to create your own authority for entire chromecast stack and even then you won't be able to use all apps (just those that use same drm) also the casting device would need to be rooted. They only way currently is to start from scratch and create new open source / open implementation of casting protocol. But that would not be compatible with current v5/6 of casting protocol.

an0t8 commented

How far the "do no evil" google has fallen... Ah well. would have been nice to have an EASY way to cast content wherever you want. They really missed the mark on this one...

At this point it's sounding easier to just make an app that has the same functionality but doesn't rely on chromecasting, it's all about what you're trying to accomplish, do you just want your mobile device to be a remote, do you want your pc to be a media server, the biggest thing is being able to push apps to your system : (

I think the point was that the cryptography makes it impossible to
replicate functionality. no matter what platform you're doing it on.

On Sat, Sep 26, 2015 at 7:21 PM Cody Swartz notifications@github.com
wrote:

At this point it's sounding easier to just make an app that has the same
functionality : (


Reply to this email directly or view it on GitHub
#130 (comment).

I think the point of leapcast was to use the current chromecast infrastructure to use mobile devices as remotes to control the content on your system. So it seems that people just want remote mobile apps that control the media on their system?

Note: Cryptography does not make anything impossible. Think DVD/Blu-Ray/AirPlay.
People already got access to the file system of the chromecast and android phones, so all that is needed is to reverse engineer the crypto.

@GRMrGecko my understanding is that the chromecast uses a a hardware device like a TPM.
you don't just Reverse engineer that device.
Google would be able to pretty easily track if we just cloned a single certificate of a TPM (given that you're able to do that, which its job is to literally make sure that can't happen)
The other alternative is to break the certificate that was used to sign the certs, which is non-trivial as it likely has sufficient key length to be difficult.
and even if we did that, google would just issue a new cert and use that for all future devices until it can eventually phase out the old one.

dz0ny commented

Officially dead :)