/notice decryption

[gree0276]

A little off topic from TV's but I am wondering if someone can help me. I currently have a Samsung RF4289HARS refrigerator that samsung is refusing to update and because of google api changes is making some features unusable. I would like to get access to the firmware to see what I can do there. It currently uses OTN to download it. I think I have all the information I need to decrypt the /notice response for the download URL but I am trying to figure out what ${SecKey} is in the password. Is it the app key? or the seed key? or something completely different Any help would be appreciated. You guys have done great things here, I have been able to apply some of it to something else!

[mad_ady]

If you can get the same data in exactly the same format (e.g. json with the same fields), but you only need to pass a different url, you can use a proxy to rewrite your query.
However, isually when apis break you need to do more changes than that... You could build your own application proxy on a different system in your network:
1. Poison your dns to redirect queries to your server
2. Your proxy needs to take the input in the same format as your deprecated api
3. Your proxy needs to output data the same way the api did - this might be harder if you don't know the reply format
4. Your proxy needs to make new api queries to the real google services and parse the output.

All this should work without touching the firmware - assuming it doesn't use https.

Otherwise, you should look for a firmware update and try to unpack it with binwalk.