Oh, fair enough! Yes, that’s just the encrypted payload then!
It should not be. although you’d get surprised about how badly so many places implement them. 
I’ve seen offices with LF fobs where I managed to inject an HF card and make it work! (only on the one door which had a “replacement” dual frequency reader, though)
Not as bad as a bug in my first NFC safe code I wrote…
It handled 7-byte and 4-byte UIDs seperately, to ensure that the entire UID is checked. However, they’re seperate authentications that are checked apart from each other, and then the value of both authentications is checked. Without going into too much boring detail, I missed 2 lines, resetting the value of the other byte authentication. This had the unfortunate side effect of authenticating with literally any card… 
Used the safe for a solid week without noticing. After all, my implants worked 
got very confused when my student ID opened the safe… and then every test card I had opened it…
Thankfully an easy fix for a low stakes issue (the safe has nothing important in it, mainly use it as a demo item), but I just find it an absolutely hilarious mistake.
It’s not a terrible bug. just a Bonus feature!!
You added in a fail safe mechanism to avoid people from locking themselves out! 
Did you post anywhere on how you achieved this? From some of your earlier posts, it sounds like you’re actually using the secure features of the EV2 which is very impressive, since you’d need an NDA to get documentation on it (or you need to trawl through similar chips application notes).
Which I understand the attractiveness / ease of use of UID based auth, it’s far too easy to clone unless lots of checks are made, and even then it’s usually possible (e.g. DESFire with LAB401 DF emulator)
Not yet, because…
Well… I do have an authentication mechanism for work which links to an RSA tag and a server based auth. Which sux.
So I pulled that thing apart and tossed my code in…
So can’t really show since it’s all wrapped up in proprietary stuff which could get me in trouble.
But I do plan on sitting through it and writing a proper mechanism. then I’ll share! 
This damn quarantine situation gave me far more work (the boring platform engineer type of work) to do than I wished for. so I’ve been spending a lot less time on my projects… 
The second-hand flexM1 gen2 from @Ima_Wana_Be has arrived intact! Thanks for the deal + fast shipping!
I was able to write to it using Mifare Classic Tool with 0 issues, successfully cloned several UIDs to it as a test, with ease (and without setting the lock bits 
). The range seems good as well, getting about an inch away from most of my lower power readers.
Now that I have it on-hand, I have a few more questions…
I’m not sure how this came at first, but this one definitely doesn’t have any chlorhexidine remaining. I know amal has said in the past that it evaporates over time, especially with the old process (no clue how old this particular flexM1 is): “I’ve had to revise the “squish pack” sealing process… the older pack sealing method left an “escape route” for alcohol vapor (but not liquid), and that has since been solved.” I’m assuming all it needs is a soak in a bit of chlorhexidine before being implanted, but some more details on how to go about that would be appreciated (how long to leave it, how long to let it evaporate, if my piercer should have access to chlorhexidine vs. if I need to buy it myself and bring it, if needed where to buy it to be bio-safe, etc). Any help here would be appreciated, don’t want to mess things up. I searched, but couldn’t find many small details on the process of cleaning a dry flex (besides people just saying to throw it in some chlorhexidine).
I tried to capture it in that photo the best I could, but is it normal for the chip to appear not quite square from the back side? This is a minor thing, but mine is kind of a parallelogram shape. Not sure how the process works there, but just wanna check. It was kinda freaking me out at first.
Thanks again!
You mean the fact that is it wedge-shaped, right? It’s 7 mm on one edge and 8 on the other.
https://forum.dangerousthings.com/t/8mm-wedge-flex-device-installation-with-custom-4g-needle/6693
Ah I see what you mean, the chip itsself. I have no idea Sorry
Nah, the actual chip itself, not the implant. Let me see if I can post a better picture:
The actual chip isn’t quite square, with an angle on each side, forming a sort of wonky parallelogram shape.
I tried to draw an outline showing the actual shape of the backside of the chip (not sure what material it is):
EDIT: Just saw your edit after posting this, sorry 
we are now exploring going back to the vials for small flex…
…it is being explored.
In the mean time, I think the inside of the poly bag (which should now be puffed up like a pillow due to vaporization pressure) should technically be “clean” even without the liquid… as long as it’s not opened until install day, it should be fine. In short, if there is a hole in the poly bag, and air can get in and out of it, then that is not good, but if the liquid vaporized but the bag is still basically “air tight”… then it should be fine.
ok fine… if you want to send it back to me i can repackage …
That’s a very generous offer, I really appreciate it (for my first flex it would definitely make me feel better).
There was absolutely no expectation of you doing that (given that it’s been sitting around for a bit, not your fault).
How would I go about doing so? I wouldn’t have an order number since I didn’t order it directly.
i’ll dm the address to send it to
ok sent. i’ll probably send it back to you in a vial not a squish pack… you’ll be the first test of our new approach for vials 
I fucken love you Amal 
Totally above and beyond.
Other than Dangerous Things, what company would offer that?
(Maybe Vivokey 
)
A second hand 
[Pun] implant, ( Figurative Not Literal ) There would/ should be ZERO expectation of this level of service, But , WOW 
Yeah, it’s absolutely incredible. I feel the need to reference back to an earlier post of mine:
Out of pure curiosity, how well does it scan through the vial, if at all?
Yay! Vials! 
I could scan my Flex while it was in the vial.
Actually from both sides. With my Nokia 925.
Can’t second that strongly enough!!
Stunning service indeed!
It’s a bit of a pain to line up through the vial and my phone case but if I’ve got everything aligned I can get good reads.
