I got an xM1+ installed from C00p3r at the DEFCON bio-hacking village on Saturday night (this is my second x-series tag). Swelling is pretty much gone now, no bruising, and I can clearly feel where my tag is. Unfortunately I cannot get a read from it using my phone, ACR122 w/GoToTags, nor my new Proxmark 3 RDV4 (“hf search” and “hf 14a info” commands). Same thing for one of the other guys who was working in the biohacking village. All three methods read my xNT really quickly. I’ve tried orienting my ACR and Proxmark antennas both parallel and perpendicular to the tag, and both right near the antenna wire as well as in the middle of the wire.
Is there anything else I can do at this point, or is my only option to get this removed?
Hey,
I got mine on Saturday night as well! Here’s some things I’ve noticed.
The angle of the read REALLY matters. With my phone, it’s best to read it with the phone angled the same direction that the chip is in.
The new proxmark3 RDV4 does NOT work with the glass implants. The new one sends higher voltage and the glasschip antenna shuts down in order to protect it. https://www.kickstarter.com/projects/1408815241/proxmark3-rdv-40/faqs#project_faq_239516 I’m annoyed by this one because I just spent $340 on the RDv4 at DEFCON. The RDv2 works beautifully and is only $192.
I’ve only started getting reads with my phone today. I tested mine, as I got the card I wanted cloned done right there, and I’m able to use it as a transit pass. Freaking sweet, but again, it’s kinda hard to get scanned as the angle is important.
I’m fairly certain yours is working, but I hope someone more knowledgeable chimes in. What app are you using on your phone, which phone is it?
I’ve got an xNT as well, so I’m familiar with the fact that the angle and contact matters. I too have to angle my phone just right. I’ve tried lots of angles on this so far with no read. I’ve even had my protective case off too just to make sure there’s no signal degradation.
OK - I’m super-pissed right now about this RDV4. I specifically bought it at DEFCON with the intent to use it with my xEM+ implant! That said, in the biohacking village, one of the guys that was attempting to help me out was using a Proxmark that was an earlier version - not the RDV4 - and he couldn’t get a read. Of course I’m wondering - if voltage is the issue, why couldn’t you just hold the antenna further away to reduce the voltage the chip gets?
As for the phone, I’m on a Pixel2. I’ve also tried my old Nexus 5 and Nexus 4 and am not getting any reads yet.
The Rdv4 doesn’t support glass chips…holy cow and I was getting ready to pull the trigger on that one just to have latest toy for writing my future chips.
Damn that’s annoying…but yeah, maybe a stupid question…if distance is bigger doesn’t the voltage drops…or maybe hard to keep at that exact level for optimal signal.
They said they welcome the idea of an antena for glass chips…I’m sure will come so don’t have buyer regret yet…
I also own the RDV40 because it was the only one Hacker Warehouse had at DEFCON and used it to read my xEM and xNT using the RRG repo/firmware. (https://github.com/RfidResearchGroup/proxmark3) Its not super reliable but it can work.
The way I read the FAQ is that the RDV40 itself is usable for glass chip work but the antennas are the problem and the developers are open to a new antenna being developed. So I wonder if the antenna from the DT xEM Access Controller can be adapted to work with the RDV40 (https://dangerousthings.com/shop/xem-access-controller/) as the antennas on the RDV40 are removable with 6 easily accessable hex screws and it appears they have gotten it at least partially working with an older Proxmark3.
I got my xM1+ implanted today and something is wrong! Tried to read it with my cloner that read all MiFare Classic tags/cards and chip but nothing on my new chip! Then I tried the Phone and no response either! Then I tried it on my NFC reader connected to the computer and there it showed up but as you se on the picture there is only 716 bytes free! But that is the only reader that show anything, tried to hold it against a door with a MiFare Classic reader and no response at all, not even that is the wrong card or any light showing up!
@killerkickan
Heard at the beginning some people had issues reading it because the area was swollen. Let’s hope it’s that…
Regarding the memory, I dont know how much an xM1 would have for writing but linked a Pic about that and phones that don’t really work with S50, might give you an idea…
Ps: you also need to see exact angle and place of your implant for your cloner to read it, different when you read a card that has an antena the size of a toilet seat or a idy-bidy one in a glass capsule under your skin…
@unregistered436 Hey man… so a few things… the first thing is that the chip inside the xM1+ definitely has a way shittier RF performance than the NTAG216 inside the xNT… so it’s going to be worse right out of the gate. Also, we definitely tested all xM1+ tags before re-releasing them… like 5 times each. Now, the silicon chip inside these things is a shitty knock-off from a shady operator trying to avoid lawsuits from NXP and the like… so it’s kind of an inefficient power hungry bitch… on top of that, chip capacitance has a pretty wide delta which makes getting optimal tuning somewhat hit-and-miss with the antennas we attached those chips to inside the xM1+… however all finished xM1+ tags did pass our tests so if it is slightly out of tune it should not be very far off.
That said, it is possible that the tuning might be just bad enough that, coupled with your salty blood and flesh, the cumulative de-tuning that’s happening is just bad enough to cause serous readability problems for you.
There is one other possibility, which is that the second round of sterilization created thermal cycling that damaged the chip, affected it’s tuning, or otherwise created unforseen issues that caused it to stop working… and there is no way for us to test for this because it’s a 13.56mhz chip inside a big steel needle. It is possible, with the right equipment, to get a read on a 125khz tag inside a needle, but not a 13.56mhz… the skin effect is just too great at that high frequency to overcome.
So, at this point, the best I can ask of you is to take an ACR122U PCB out of the plastic shell housing, mark your hand where the xM1+ is, and place the PCB antenna loop over your xM1+ and submit a picture… and we can go from there. If the thing is truly dead, we will replace or refund it.
@killerkickan … since you were able to get a read with the GoToTags software, we know the chip is functional. The 716 byte value you are seeing is the result of NDEF formatting and sector trailer blocks in each sector “eating up” your 1k space. You can find out more about the Mifare “Classic” 1k memory structure from this spec doc; https://www.nxp.com/docs/en/application-note/AN1304.pdf
As for not getting reads from your other readers and devices, chances are that the chip is not coupling well with those readers. You can attempt to improve coupling by trying different positions and orientations. If you have an xLED-HF you can use that as a tool to find the best location and orientation for each reader and then present your xM1+ in the same location and orientation.
Amal,
Awesome. We’ve got a crew at @801labs who all were implanted with the the x-series tags. Two of us have the rdv4. We’d love to help you test out your antennas. If you come up with a design, let me know. We’ll try our best to replicate it and let you know how it works for us.
The mystery thickens ,
The strange thing is that I have tried it on 5 different door readers to University, two different office entrance, the buss system here in my town and the entrance to my own office! Neither of these MiFare system didn’t even react to the chip! Not any signals that I have wrong code or wrong card!
Then I tried to read it on my iPhone with the App “NFC Tools” and then I showed up on my iPhone!!!
A iPhone should not react to a MiFare Classic chip/card,
I seem like my chip more perform as an NFC chip then a MiFare Classic! Yes, I know they have the same frequency but not the same protocol. The really strange thing is the signal from the chip is not bad, I can hold my hand 1 cm from the GoToTag reader and it find it!
When I don’t have any info on the chip the iPhone doesn’t react on it when I scan, but if I use the GOToTag software and just put in simple text or a phone number, then the iPhone can find the chip with 4 different apps!
I wanted to post parts of our conversation publicly so others can benefit from the progress of our troubleshooting.
Amal and I have been discussing your case this weekend.
To help get closer to a resolution,
please download the "Tag Info’ app by NXP for the iPhone.
Scan your xM1+ tag info. Within the app there should be a share icon, that you can tap to share via email the report directly to me and I’ll review the report with Amal.
Unfortunately, unlike the large body of NFC tag specifications, the Mifare Classic does not have broad specifications. NXP did eventually create a sudo specification for the Mifare Classic that does work with some phones that have the NXP reader chips.
Just to ensure you are aware, we have authorized, and Patrick from Digiwell has confirmed, he has sent the xLED field tester to you.
I’ve read your private message sent to Michelle (@mdanger) and what is clear is that the xM1+ is functional and working properly. The problem you are having is likely one of two things;
1) Bad coupling. This problem has to do with the reader’s field strength and antenna shape. The antenna shape inside the reader determines the shape of the magnetic field generated by the reader, and the field strength determines the ability for that magnetic field to provide enough power for the xM1+ to operate. However, the position and orientation of the xM1+ will determine the effectiveness of the magnetic coupling between the xM1+ and the reader, and since the chip inside the xM1+ is not very power efficient (it requires much more power to operate than the NTAG216 chip inside the xNT), ideal placement and maximum coupling effectiveness is critical. I have found most readers have a rectangular antenna shape, and the best way to present the implant to the reader is perpendicular to the long vertical length of the antenna loop inside the reader. For example;
This means attempting to present the chip to one side of the reader in such a way that the length of the chip is parallel to the floor or ground. If this does not work, keep moving the chip outward to the edge of the reader, and maybe even begin wrapping around the side of the reader if you reach that far to the edge. Some readers I have to place my hand to the actual side of the reader to get a good read. If you cannot get a good read from the reader following these instructions, then the reader may not be able to create a field adequate enough for the xM1+ to properly operate.
Bad format. The xM1+ may not be properly formatted for use with the reader. Many readers, when presented a badly formatted tag, will not respond at all. Some readers will respond with a negative beep tone, or some may only respond to properly formatted tags that have been revoked or explicitly denied, but not respond at all to improperly formatted tags. The behavior of the readers you are presenting your xM1+ to is not possible for us to know.
Those of you that have just got yourself an rdv4. A few notes that may help you guys out a bit and put your mind at ease as there are people thinking about you!
#1
Make sure you have flashed the latest firmware. NOT the official proxmark3 fork but rather the Rfid Research group fork that has been adapted specifically for the rdv4.
Link:
A lot of issues are caused by people having mismatched firmware / client versions as they get the proxmark which comes with old firmware by the time it arrives and then use the latest Git Pull for the client. This almost always causes issues.
#2
The RF output on the rdv4 is seriously CRAZY powerful. It’s not going to brick your chips but if you have them too close the chip shuts down to protect itself.
I.E. Look at this xLED when placed right on the coil. it lights up like a freaking Christmas tree - brighter than I have ever seen!
So this is a pretty good distance to get nice clean reads without making the chip freak out. Mind you I don’ have a HF device implanted myself yet so this is all external testing.
The stock coils really don’t couple well with the glass implants so I am unsure about writing HF. LF you can get ID reads, but due to the lack of good coupling there is no clean writes or really even clean block data dmps - which means there is no way it’s coupling well enough ti write… hang in there - no one has forgotten you! There is a solution coming, have faith in that. That is all that can really be said for now.
Several year later follow up… I FINALLY got this implant replaced in the DEFCON 31 Physical Security Village by Augmentation Unlimited. These peeps were efficient and did a GREAT job. “A++++ would do business with again” EXCEPT, this time I went with the xMagic, my absolute dream implant! Mifare and EM4100 in one package, both with magic capabilities?! Yes please! So far both reading just fine.
seat or a idy-bidy one in a glass capsule under your skin…
I FINALLY got this implant replaced in the DEFCON 31 Physical Security Village by Augmentation Unlimited. These peeps were efficient and did a GREAT job. “A++++ would do business with again” 