Apex Flex + iOS app problems

Support
62

I get that screen for some of the apps as well.

63

sorry guys, but saying something ā€œdoesnā€™t workā€ is like pulling your car into the shop and saying ā€œdoesnā€™t workā€. more information is needed.

ah okā€¦ so the ndef application has a bunch of different install options because you can install different sizes of containerā€¦ so the service ID can be one of the following;

  • ndef1k
  • ndef2k
  • ndef4k
  • ndef8k
  • ndef16k
1 Like
64

yes the reason for this is that we forked the yubico otp applet and made improvements and changesā€¦ with more to comeā€¦ so we had to drop support for the ā€œstandardā€ AID that the yubico authenticator smartphone app uses to interact with the otp applet

2 Likes
65

Interestingly enough with the OTP and then also the HMAC applet installed it was identified by the Yubikey app as two different Yubikey models so it must still look something like a Yubikey to the software.

Is the NDEF the only one with several install service names?

EDIT: Also, any chance to publish the old Yubikey compatible OTP applet? For my use case wide compatibility with all OSā€™s would be more desirable than extra features.

66

Unrelated but just curious about the vivokey authenticator app, but if someone else installs it on a phone and scans my apex will it still generate codes? I donā€™t have a second phone to test this question out myself

67

That makes sense, and also brilliant that you can partition like that. Thank you @amal

68

One more quick Q. Is there a way to either check what is on the apex and/or delete some of the installed applets?

The reason is, that I tried to install the 1k with the NDEF and I couldnā€™t do it due to space, which Iā€™m guessing I accidentally installed the NAK a few times.

69

I think the Android app shows whatā€™s installed, just a bug with the iOS app at the moment.

70

fido / u2f have two different namesā€¦

  • install_u2f
  • install_fido2

thatā€™s why you can protect code generation with a passphrase :slight_smile: set that in your app and then only apps that send the passphrase first can generate codes.

fidesmo appā€¦ even if you canā€™t deploy applets with it on iOS you can at least scan and should be able to see whatā€™s on it.

or use the windows command line app fdsm.exe or fdsm.jar (java) if youā€™re nasty.

send the command;

fdsm.exe --card-apps

and you will get back a list of apps deployed

1 Like
71

this should not matterā€¦ it only goes on once even if you try multiple times. it all deploys under the AID so deploy once or 100 times it will deploy to the same ā€œfileā€ every time.

72

Got it. How big is the NAK applet? Iā€™m running a mac, and Parallelā€™s isnā€™t working right for me right now. The Fidesmo app on my iOS only lets me scan to connect or to install an applet, and wonā€™t tell me how much memory is used/left or what is on the apex. Am I wrong to assume you can have multiple applets on the Apex at the same time?

When I try to install the * ndef1k applet, it tells me ā€œInstallation Failed, You may not have enough free space for both the NDEF applet and the NDEF data container.ā€

73

I have NDEF, NAK, and OTP all installed

1 Like
74

Okay,

So with the Fidesmo app on an Android device I have successfully installed the U2F and SmartPGP applet.

U2F seems to be working as expected and have enrolled several websites feeling super cyber as I go even though the the Mega is not implanted yet.

SmartPGP is recognised by Kleopatra on Windows and allows me to change PIN/Admin PIN, set basic details well enough and seems to allow generation of RSA2048 bit keys (as is the default based on my reading of the GitHub repo) but this failed partway through and seemed to disconnect from the reader and then reconnect with no key having been generated, not sure what happened there and will try using the smartpgp-cli tool to change some defaults and test more later. Has anyone else used the SmartPGP applet successfully?

NAK seems to work fine as always.

2 Likes
75

Scanned again this am and great success!!!

2 Likes
76

200 (11)

1 Like
77

Since I started this topic I figured what better place than to say thanks to Amal and everyone here. Since Iā€™ve had the install, Iā€™ve had 3 or 4 real world uses of the NAK applet. Mainly when I get to the car and realize (err mutter shit) :upside_down_face: the phone is in the house. Or do I have to dig for the key card? Nope just pop the old hand up there and success Iā€™m in. Hell yeah! Works so nicely. Thanks so much for everything.

I will say the damn Tesla door scanner is :thermometer: as hell in the summer sun. Gotta be quick on the draw err put away. Haha

2 Likes
78

I have this issue with outdoor readers on buildings sometimes. Black plastic baking in the sun all day makes for an unpleasant experience with implants.

1 Like
79

I have had the same experience. I always forget my phone when Iā€™m in the house or at the office and need to run to my car. I also have my momā€™s Telsa programmed, it came in handy (no pun intended) last weekend when I needed to grab my momā€™s car.

And yeah be careful in the sun that get hotā€¦

3 Likes
80

Just curious, what orientation people are holding their iphones in when trying to scan Apex Flex? I tried scanning my NDEF record with my GFā€™s 12 pro and no matter how I held it against the Apex I couldnā€™t get it to scan.

Iā€™m able to get it to scan on my Android, and Iā€™m able to get a scan with her iPhone on my xSIID just not the Apex.

How are you guys holding your iphones to get Apex scans? Top edge parallel or perpendicular to chip? Something else?

81

@Dondula , on my Pixel 6, the Apex Flex reads perfectly in my outer forearm, just above my wrist, in any orientation.