8 dilemmas to start with 🙂


#1

Ok, so first I’m a 31 year old construction engineer with family and stable life, all questions are for learning and not criminal intentions. I have lots of hobbies and when I find something I like I’m a black hole for informations. :slightly_smiling_face: I read the Faq and also keep reading post after post and trying to learn from each one. Discovered about implants 2 days ago so bare with me please :slightly_smiling_face:

1.First basic questions: After my gathered information so far am I right to assume that an xEM and an xM1+ would cover both frequencies, both can be cloned on and both can be used in the most general purposes/access points ? If I do this I want the best chips, both frequencies, with the most possibilities of use on the table. Or is something around the corner I should wait for?

2.If I can crack/clone my buildings door key that I scanned, am I right to think I could do it on the xM1+? Attached screenshot with key information.

3.What phones do not require root to emulate nfc cards - just curious if they are any. (and type if…)

4.What’s the difference between an an 100$ “human” ntag216 implant and 30$ for 10x animal ntag216 from China popular site is…?

  1. From almost all the posts I see Proxmark is the way to go, should it be Easy, RDV2 or the upcoming Rdv 4.0? Is Proxmark like universal best thing for Nfc and Lf Rfid? Does the Rdv 4.0 fixes the reading antena issues of implants? And honestly is there that big difference in performance between a genuine one and a clone? I’m thinking they should have the same electronic components…maybe not same brand but same function…

  2. Some posts and videos mention using the tags in different “modes”.:thinking: Any educational explaining on that and maybe some links for starting to understand that and some 101 programing commands for tags?

  3. You can write on an xM1+ url links, personal details, etc…?

  4. How many normally used tags would fit into an xM1+ (guess on xEM just one)?


#2

Also if I go with the xM1+, how do I choose the 3mm option? (thinking of better reading).
Didn’t really get the “warranty/testing” difference between the 3mm and 2mm, or it’s voided for both of them?
And what does it mean by “No new xM1+ chips will be produced after this inventory is sold.”? Will it be something else, better, where you can clone on also the UID or…?


#3

1: yes on both frequencies, yes can be cloned. It would give you a good chance that it would cover a particular access point. But remember there are tons of systems out there with different requirements, and only one card each can be cloned.

2: I believe so. But wait for confirmation from someone else.

3: no idea. My Galaxy S7 will emulate an NFC card, but the UID is random on each read. Other phones have fixed UIDs.

4: Typically the animal tag has anti-migration coating that would make tag removal in a human very difficult. Aside from that, when you buy from china you have no idea what their quality control is.

5: I’ll let someone else answer this

6: The only modes I know of are for the xEM… See the first paragraph: Quirks of the T5577 & cloning tags to the xEM The chip can be put in different modes to be compatible with different card types.

7: yes.

8: not sure what you are asking… every tag currently offered by DT can only have one UID.

9: Where did you see there is a 2mm xM1? The xM1+ is 3mm. There is no 2mm option. The image is shown for comparison.


#4

@turbo2ltr thank you mate for some clarification, appreciate the time :+1:

Got it :slightly_smiling_face::+1:

@amal Anything to add? When you got some time of course :slightly_smiling_face:


#5

Hi Dan,

Most modern phones running 4.4 or later can perform host card emulation, though not many app developers even know how to leverage the feature. There are GitHub repos with some samples, like this one, if you have the skill and want to play around with it.

In short, safety. When first launching Dangerous Things, we looked to source 125khz tags from various factories. Nobody made a “human” tag, but there were plenty of “animal” tags out there. We found a horrifying cross section of terribly made tags. Issues ranged from lead or aluminum contaminated “industrial grade” glass to toxic epoxy resins inside, to chips not being sterile inside, and finally glass that was structurally unsound (weak). Contaminated glass is bad enough, but combine weak glass with toxic epoxy and non-sterile internal surface area and you get a serious health risk.

The bottom line for anyone considering buying a cheap animal tag is this - those manufacturers will use any materials available to them to construct the product… bad glass but cheaper? Use it. Toxic epoxy is cheaper than the biosafe version? Use it. Thin walled glass is cheaper? Use it. Because of the “substitution” problem, it is impossible to even know if a manufactured batch is safe from spot testing a few units from it, because these manufacturers will switch up materials mid-batch… so half the batch may use safe glass while the other half doesn’t, and one-third of the batch uses safe epoxy while the remaining two-thirds does not. We source our materials and supply them to our contract factory for assembly. In this way we control the quality of materials going in. Spot checking the batch during manufacture confirms assembly quality. Anything short of this and you’re taking unnecessary risks with your health to save a few bucks. Not a great idea.

I suggest the rdv4 since power output should be much better and we are tinkering with the idea of making special antennas for the rdv4 that work better with our x-series implants.

yes, however the mifare classic s50 1k chip it is emulating is not NFC compliant so assuming you want to read/write with a phone, then the phone must have an NXP reader chip inside for it to work. This is because NXP wrote a proprietary extension to the NFC Forum tag type specification called “NFC Mifare” which nobody else supports but NXP. Also, since the “mifare” protocols are proprietary, they are licensed, and nobody cares enough to pay NXP to license it, so again, the only phones that will work with it to do anything but read the NUID are phones with NXP reader chips inside since those chips come with an inherent license to work with Mifare chips and the “NFC Mifare” spec NXP wrote.

the xM1+ emulates a mifare classic s50 1k chip, thus it can only pretend to be one chip at a time… so 1 is the answer.

That photo was a mistake, there is only a 3mm option. We are removing it now to avoid confusion.

We will no longer make these once the current inventory is sold out. The problem is that because this chip is not made by any reputable RFID chip manufacturer (unlike the T5577 from Atmel), the only suppliers I can get these from are shady suppliers. Those suppliers offer zero QA, no warranties, screwed me over on a huge batch order by dumping complete crap silicon dies on me, most of which didn’t even work or were just junk from dead wafer slicings… these chips are nothing but shady back alley products and 1) it’s not worth the money or effort to try to get a good well tested supply, and 2) if i cannot warranty them for my customers, i don’t really want to offer them.


#6

Once again thanks to @amal and @turbo2ltr for the time…

You know…my learning progress in this subject is directly proportional with the realization of how little I actually know :slightly_smiling_face: Gonna take some months to grasp some real know-how. But where’s a will, there’s a way :grin:

You guys clarified a lot of points, some I didn’t understood but I need to “chew” more on them and educate myself before asking you to “draw me a picture” :joy:

Thinking to wait for the new Proxmark 4.0 before I spend the bucks on one, plus it’s nice to get some user input especially with the release of a new version (maybe it’s something crappy with it).

The noob in me would like besides the xEM (which I noticed it’s like the Holy Grail here for the 125khz), the xM1+ because even though the xNT sounds like a more “mature choice” (from my documentation so far…) especially for my sub-level of knowledge…I don’t know which tags are more used in Europe (where I live) comparing to the States. Besides that the first thing popped when scanning my building key tag - Mifare… (“maybe this is the most common here in EU”:thinking:). And the final noob argument… “hey, I can change the UID making it’s a perfect clone” -how cool is that… :slightly_smiling_face: Plus I can maybe get a ring from you guys with the Ntag216 instead of the xNT to play with for starters…hmmm… xEM left, xM1+ right, Ntag216 ring pinkie :thinking: Now that’s a combo :grin:

Btw, you guys should get some rings with 2 chips with both frequencies… actually that would be great for beginners to play with… :+1:

Found this post that I copied, maybe someone is interested in the phone info with NXP…
Phones that have an NXP NFC chip:
1.Nexus S, Galaxy Nexus and 2012 Nexus 7.
2.All previous Samsung devices before the S4 (so Galaxy S2, S3, Note 1 & 2)
3.Almost all HTC phones (One, One X, One X+, EVO 4G, Droid Incredible 4G)
4.Motorola Droid Razr
5.Sony Xperia models (“my favorite :stuck_out_tongue_closed_eyes:”)
6.Acer Liquid E1 (although this doesn’t have a secure element)
I’ve used the CyanogenMod NFC emulation on the Nexus S and it worked brilliantly.
Although you didn’t ask for reference some ones that don’t use NXP and use Broadcom chips instead are the Nexus 4, Galaxy S4, Nexus 10 & 2013 Nexus 7 Tablet.

Attached another scanning of my tag (no need for security precautions). Safe to assume would work on an xNT…? :thinking:


#7

hah I know that tool… but I’m not sure what you’re asking… if you’re asking if the data presented could be written to the xNT, then yes and no… the data can yes, but the way in which the data will be arranged is totally different. The MIFARE Classic S50 1K ship has 16 sectors, each of which are divided into four blocks, and each block has 16 bytes… though the last block in each sector is used for access keys A and B and access bit settings for the sector. The NTAG216 chip in the xNT has user memory that is structured into pages of 4 bytes each, with chip config settings stored in the last few pages. So technically yes you could take the data on a Mifare chip and write it into an xNT, but it would be like pouring an amount of water sitting in a wide saucepan into a tall glass. Same water, different shape.