Q&A

(These talk-related questions were submitted during the conference presentation. Questions submitted later via Twitter may also be added to this page.)

  • Do Nintendo systems check NFC tag type? Can Amiibo data be copied onto any type of NFC tag (or does it have to be NTAG215) and maintain usability?

    My understanding is that only NTAG215 tags are readable by the Nintendo consoles as Amiibos. There are lots of posts on the internet of people trying other tag types and failing to have the console register them. As of this writing, I haven't personally tried any NFC tags on any Nintendo console.

    The Switch, at least, can apparently detect MIFARE tags, since the latest Skylanders game works on the Switch without a portal, but these don't register as Amiibo.

    There's also a Japanese game for 3DS and Switch, Snack World, which uses its own NFC toys with NTAG210 and NTAG213 tags, but again, these don't register as Amiibo.

  • What happened with the Activision case against a researcher who reverse engineered the "portal" USB station? (in relation to the the legal section of this talk)

    Soon after the launch of the original Skylanders: Spyro's Adventure game, researcher Brandon Wilson had reverse engineered the communication between the game and the portal, and Activision had notified them with a cease-and-desist. Here's the notice and their response. As far as I know, there wasn't any further legal action.

    Earlier this year (six and a half years later!), Wilson gave a talk at BSides Knoxville, presenting some of the same research, as well as similar work against the Disney Infinity portal. The talk was recorded, and is available on the "Main Track (Scruffy)" recording, fast-forward to 5:24:11, it runs about 30 minutes.

  • Which libnfc hardware do you recommend?

    I've used the Identive SCL3711, the ITEAD NFC module, and the GO2NFC141U, and I don't have a personal preference. I will, however, echo libnfc's recommendation to not get an ACR122/Touchatag/etc. device. Take a look at libnfc's hardware compatibility matrix for options.

    If you're planning to write your own software, be aware there are hardware or firmware issues with the PN53x series chips which make working with NTAG215 (Amiibo) or Topaz (Pokemon Rumble U) tags require extra effort (e.g. 1, 2).

  • Can you give a brief explanation for how the read/write passwords work when there is so little space to store my information? How are they "smart" enough to have read/write protection?

    I'm not a hardware engineer, but the thing to remember is that just because NFC tags are cheap, and thin, and often flexible, and don't have a lot of storage space, doesn't mean they're not still computer chips. They are! They're whole ICs (integrated circuits) with logic and processing capability. Different tags are capable of different levels of processing and cryptography. The fact that they only have a tiny amount of storage space helps keep them cheap; it's not a reflection of their processing power or the limits of the NFC or RFID systems themselves.

  • Would've been nice for a longer, more in-depth talk with a live demo of read-write

    This wasn't a question, but was representative of much of the feedback for the talk: wishing there had been time for a live demo.

    There wasn't, but on the site are videos showing reading and writing to Activision Skylanders, Disney Infinity, and Nintendo Amiibo toys.

    In addition, for people without experience using the commonplace libnfc workflows for working with NFC tags, there are also examples walking through the standard commands you'd use to read and write to each of the NFC toys discussed, Activision Skylanders, Disney Infinity, and Nintendo Amiibo.