Meh, if I'm buying new hardware, (and I'm not that price sensitive,) I'd rather go with the best CPU the model has available when I get it. And no, just a whole bunch of Rust projects, so no compiling of Chromiums, just compilation of other Rust browsers.
I completely agree with you. In my opinion, using GPS as Stratum 0 feels like a cheat. I do hope to some day (definitely not any time soon) own an atomic clock of some kind though.
Regarding PPS, the L76B does this cheaty thing where it actually sends the PPS signal over UART. They provide a calculation to go from “Time of first byte” to a regular PPS signal on the receiving side.
Regarding the Cloudflare part of this, I’d recommend taking a look at “Authenticated Origin Pulls”. It lets you perform your validation at the TLS layer instead of doing it with IP ACLs if that interests you.
You should probably be looking at the Cargo.toml file(s) (for direct dependencies at least) instead of the lock file as the lock file will include dependencies used for dev/testing.
In a simple sense, NTAG cards can do NFC things, but MIFARE can do lots more (access control for example)..and also NFC things..somewhat.
Magic mifare refers to special cards that let you bypass the write-lock of genuine mifare cards. These are mostly used for cloning keys (either for red-team pentesting or for people who want a copy of an office key for whatever reason)
MIFARE Classic uses a proprietary and mandatory encryption/authentication algorithm and is therefore not ISO 14443-4 compliant. As a result, NFC-compliant readers don't need to support it, and in fact non-NXP ones (including many popular Android phones) usually don't.
On the other hand, as you say, MIFARE Classic supports capabilities beyond NFC/NDEF, but there are fully NFC-compliant tags that do so as well (e.g. MIFARE DESfire, which properly stacks encryption in an ISO 14443-4 compliant way).
This is one of those cases where I know I really should investigate further, but I'm taking this one step at a time. Perhaps digging in to the "why" will become a follow-up post
I didn't intend for what I wrote to be a criticism; that's on me. I just found it funny the most interesting step was akin to "... and now you've drawn the animal", if you understand the reference.
My quick eye-skim didn't see much, but I'll do a byte-for-byte diff. I imagine its a difference in the NDEF headers? (but even that doesn't make sense, since I wrote the headers again from the pm3)
Something's clearly up there. You can see that even IOS and Android disagree with each other on what NDEF should look like by a few bytes. Very interesting.
Yep, 89 EC A9 7F 8C 2A 00 00 on iOS versus FF FF FF FF FF FF on Android. Interesting how the number of bytes is different, I should play with them a bit.
If a URL is written using NFCTools on iPhone, iOS will open it in the default browser without using NFCTools, or in the related app (eg Instagram) if there is one.
I find this only to be true when used on the same iPhone where NFCTools was used.
If you try to have another iPhone detect the badge, it appears not to work - unless you use NFCTools on that iPhone, too. I don't have conclusive proof but that's what the evidence seems to indicate.
Proxmark's "auto" command should get you most of the way to knowing.
Then check if any of the "hf mf c*" commands work on it (in which case, you have a gen1a magic card)
Nice, I didn't know about auto, thanks! It turns out I have some Gen 1a "magic" cards (as in, actually in a card form factor), and some tags that seem to be Gen 3, but not magic?
Gen 1, 1a, 3 and 4 all use special commands to unlock and edit block 0.
Gen 2 treats block 0 as always being r/w. This allows Android phones to directly write to it (but also makes it possible to lock the card).
In terms of pm3 commands, "auto" tries everything. You might also want to use "lf search" or "hf search" to only try one of your antennas and not the other.
The actual Magic part isn't really important here, since my phone doesn't even care about block 0. It just makes it easier to read and wipe the card when you have the extra command set at your disposal.
Ah, we did the under-the-table thing with NFC stickers in school! Love rickrolling a well-placed phone on a classroom desk lol.
I'm personally not a huge fan of needing to use NFC tags in the real world (parking meters use them for payment around here), but I do like creating tags.
Many of my cards are just repurposed from other things. Lots of hotel keycards can be rewritten to open URLs on phones for example.
I actually have a hotel keycard taped to my washing machine to do some laundry-based automation with my phone. Maybe I should write about that sometime..
If you're getting an implant already, why not make it an actual smartcard that you can use for WebAuthN, GPG, SSH etc.? :)
On the other hand, the fear of permanently bricking it or messing up the GlobalPlatform card management key has so far prevented me from doing it myself...
Because those cost $350 as opposed to $89, and the install only costs $60, and there is no stopping you from implanting more than one in different locations.
Many people get the small xEM or xM1 first to play with.
reply