[pm]

This is cool, but the most interesting part is the part that requires investigation, i.e., what do the compatibility tools write to the card to make it iOS-compatible? I've done some work with iOS NFC, but not enough to have experienced the undocumented quirks.

[EricBetts]

My read of the proxmark code (https://github.com/RfidResearchGroup/proxmark3/blob/master/c...) is that the `ndefformat` formatted the tag MAD (https://www.nxp.com/docs/en/application-note/AN10787.pdf), which you'd do for NDEF, then had a single TLV TERMINATOR at the block where the NDEF message starts. Then he used NFC Tools to write on an NDEF text record (which iOS background reading would ignore) and maybe something else? After that he then used `ndefwrite` to write on a URL record. I wonder if he could have skipped the NFC Tools and written the URL record and gotten the same result. Proxmark dumps before and after using NFC Tools would be insightful.

[ewpratten]

Ya, I have no clue tbh.

This is one of those cases where I know I really should investigate further, but I'm taking this one step at a time. Perhaps digging in to the "why" will become a follow-up post

[pm]

I didn't intend for what I wrote to be a criticism; that's on me. I just found it funny the most interesting step was akin to "... and now you've drawn the animal", if you understand the reference.

[stavros]

But what happens if you dump the card with the Proxmark? Surely you should be able to see some differences.

Actually, I have all the components, so I'll try this now and report back.

[ewpratten]

My quick eye-skim didn't see much, but I'll do a byte-for-byte diff. I imagine its a difference in the NDEF headers? (but even that doesn't make sense, since I wrote the headers again from the pm3)

[stavros]

Well it turns out I'm much worse at this than I thought, as I can't even figure out what kind of cards I have. I'm learning, though!

[ewpratten]

HN formatting is going to do bad things here..

Here's the first 6 blocks of the card after I ran through the instructions of the post, then a ndefformat-only card (that never touched an iphone).

[=] 0 | 0 | 00 56 78 BB 95 08 04 00 02 B2 1E 24 23 27 1E 1D | .Vx........$#'.. [=] | 1 | 14 01 03 E1 03 E1 03 E1 03 E1 03 E1 03 E1 03 E1 | ...�.�.�.�.�.�.� [=] | 2 | 03 E1 03 E1 03 E1 03 E1 03 E1 03 E1 03 E1 03 E1 | .�.�.�.�.�.�.�.� [=] | 3 | A0 A1 A2 A3 A4 A5 78 77 88 C1 89 EC A9 7F 8C 2A | ......xw.......* [=] 1 | 4 | 00 00 03 12 D1 01 0E 55 04 65 77 70 72 61 74 74 | ....�..U.ewpratt [=] | 5 | 65 6E 2E 63 6F 6D FE 00 00 00 00 00 00 00 00 00 | en.com�.........

[=] 0 | 0 | 00 56 78 BB 95 08 04 00 02 B2 1E 24 23 27 1E 1D | .Vx........$#'.. [=] | 1 | 14 01 03 E1 03 E1 03 E1 03 E1 03 E1 03 E1 03 E1 | ...�.�.�.�.�.�.� [=] | 2 | 03 E1 03 E1 03 E1 03 E1 03 E1 03 E1 03 E1 03 E1 | .�.�.�.�.�.�.�.� [=] | 3 | A0 A1 A2 A3 A4 A5 78 77 88 C1 89 EC A9 7F 8C 2A | ......xw.......* [=] 1 | 4 | 03 00 FE 00 00 00 00 00 00 00 00 00 00 00 00 00 | ..�............. [=] | 5 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................

[stavros]

Here's mine:

https://www.pastery.net/tckuyc+dausye/

[ewpratten]

Proxmark's "auto" command should get you most of the way to knowing. Then check if any of the "hf mf c*" commands work on it (in which case, you have a gen1a magic card)

[stavros]

Nice, I didn't know about auto, thanks! It turns out I have some Gen 1a "magic" cards (as in, actually in a card form factor), and some tags that seem to be Gen 3, but not magic?

[ewpratten]

Hm, its definitely blocks 0-2. All remaining blocks after that are identical.

Going to look further at the actual data in the first 3 blocks momentarily.

[ChrisMarshallNY]

I suspect the comment (above, at the time I wrote this), where they mention that Apple only wants partners to be usable, is the Ockham's Razor answer.

Probably some "magic key" ID.

But this is not my area of expertise. It's a cool story, though, and why I like hanging here. Considering getting a Proxmark and the NFC Tools app, just to play around.