惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

C
Cisco Blogs
D
Docker
The GitHub Blog
The GitHub Blog
H
Hackread – Cybersecurity News, Data Breaches, AI and More
A
About on SuperTechFans
WordPress大学
WordPress大学
Recent Announcements
Recent Announcements
Engineering at Meta
Engineering at Meta
H
Help Net Security
Vercel News
Vercel News
S
SegmentFault 最新的问题
罗磊的独立博客
F
Full Disclosure
Microsoft Azure Blog
Microsoft Azure Blog
V
Visual Studio Blog
Last Week in AI
Last Week in AI
V
V2EX
腾讯CDC
IT之家
IT之家
爱范儿
爱范儿
博客园 - Franky
MyScale Blog
MyScale Blog
aimingoo的专栏
aimingoo的专栏
The Register - Security
The Register - Security
Help Net Security
Help Net Security
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
www.infosecurity-magazine.com
www.infosecurity-magazine.com
C
Cyber Attacks, Cyber Crime and Cyber Security
P
Proofpoint News Feed
D
Darknet – Hacking Tools, Hacker News & Cyber Security
B
Blog RSS Feed
雷峰网
雷峰网
Microsoft Security Blog
Microsoft Security Blog
博客园 - 【当耐特】
Recorded Future
Recorded Future
A
Arctic Wolf
Cyberwarzone
Cyberwarzone
Simon Willison's Weblog
Simon Willison's Weblog
AWS News Blog
AWS News Blog
S
Schneier on Security
GbyAI
GbyAI
Schneier on Security
Schneier on Security
O
OpenAI News
F
Fortinet All Blogs
Y
Y Combinator Blog
Forbes - Security
Forbes - Security
NISL@THU
NISL@THU
M
MIT News - Artificial intelligence
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
MongoDB | Blog
MongoDB | Blog

DEV Community

Authentication Security Deep Dive: From Brute Force to Salted Hashing (With Java Examples) Why AI Systems Don’t Fail — They Drift Spilling beans for how i learn for exam😁"Reinforcement Learning Cheat Sheet" I Replaced Chrome with Safari for AI Browser Automation. Here's What Broke (and What Finally Worked) How Python Borrows Other People's Work The $40 Architecture: Processing 1 Billion API Requests with 99.99% Uptime Vibe Coding: A Workflow Guide (From Zero to SaaS) Most webhook security guides protect the wrong side. The scary part is delivery. Headless CMS for TanStack Start: Build a Blog with Cosmic EU Age Verification App "Hacked in 2 Minutes" — What Actually Happened Comfy Cloud’s delete function does not actually remove files Running AI Models on GPU Cloud Servers: A Beginner Guide Event-driven media intelligence with AWS Step Functions and Bedrock I scored 500 AI prompts across 8 quality dimensions — here's what broke How to Call Google Gemini API from Next.js (Free Tier, No Backend Needed) The Portal Protocol: Reclaiming Human Connection in the Age of AI How to Fix Your Team's Scattered Knowledge Problem With a Self-Hosted Forum Intro to tc Cloud Functors: A Graph-First Mental Model for the Modern Cloud Designing Multi-Tenant Backends With Both Ownership and Team Access I Built a Neumorphic CSS Library with 77+ Components — Here's What I Learned PostgreSQL Performance Optimization: Why Connection Pooling Is Critical at Scale Cómo construí un SaaS multi-rubro para gestionar expensas en Argentina con FastAPI + Vue 3 🚀 I Built an Ethical Hacking Scanner Tool – Open Source Project I Replaced /usage and /context in Claude Code With a Single Statusline A Pythonic Way to Handle Emails (IMAP/SMTP) with Auto-Discovery and AI-Ready Design I Collected 8.9 Million Polymarket Price Points — Here's What I Found About How Markets Really Move EcoTrack AI — Carbon Footprint Tracker & Dashboard Everyone's Using AI. No One Agrees How. 5 self-hosted ebook managers worth trying in 2026 Building Your First AI Agent with LangChain: From Chatbot to Autonomous Assistant Common SOC 2 Failures (Real World) Stop Vibe-Checking Your AI App: A Practical Guide to Evals How to Use SonarQube and SonarScanner Locally to Level Up Your Code Quality Your Next To-Do App Is Dead — I Replaced Mine with an OpenClaw AI Sign a Nostr event in 60 lines of Python using coincurve — no nostr-sdk, no nbxplorer, no rust toolchain ITGC Audit Explained Like You’re in Big 4 Patch Tuesday abril 2026: Microsoft parcha 163 vulnerabilidades y un zero-day en SharePoint Stop scraping everything: a better way to track competitor price changes Listing on MCPize + the Official MCP Registry while routing payments OUTSIDE the marketplace — how I kept 100% of my x402 revenue Building an AI-Powered Risk Intelligence System Using Serverless Architecture Why We Ripped Function Overloading Out of Our AI Toolchain Testing AI-Generated Code: How to Actually Know If It Works SaaS Churn Is Killing Your Business. Here Is What to Do About It (Without a Support Team) The Speed of AI Is No Longer Linear - And Self-Improving Models Are Why How to Implement RBAC for MCP Tools: A Practical Guide for Engineering Teams From Standard Quote to Persuasive Proposal: AI Automation for Arborists I built a CLI that scaffolds complete multi-tenant SaaS apps Axios CVE-2025–62718: The Silent SSRF Bug That Could Be Hiding in Your Node.js App Right Now The dashboard that ended our friendship Data Pipelines Explained Simply (and How to Build Them with Python) The Hidden Cost of AI Systems Nobody Talks About. undefined vs undeclared, and how typeof behaves Switching from file-based jobs to NATS/Kafka in Rust without changing code io_uring Adventures: Rust Servers That Love Syscalls Why Agentic AI is Killing the Traditional Database The POUR principles of web accessibility for developers and designers Quantum Neural Network 3D — A Deep Dive into Interactive WebGL Visualization How To Install Caveman In Codex On macOS And Windows Automation Pipeline Reliability: Why Your Workflow Breaks When Nobody Is Watching I Built an 'Open World' AI Coding Agent — It Works From ANY Folder From Freelancing to Product: A Tech Service Company's SaaS Transformation China's AI Giants: Adding Tencent Hunyuan & ByteDance Doubao to AI University (74 Providers) On the Vibe Coders and Their Lies clerk: Auto-Summarize Your Claude Code Sessions AI Weekly — 2026/04/10–04/17 | The Model Lockdown Is Here, but the Toolchain Is the Real Battleground AI 週報 — 2026/04/10–2026/04/17 模型封鎖潮來了,但工具鏈才是真戰場 Maybe this is how Open-Source apps are born... 🚀 Fine-Tune LLMs with LoRA and QLoRA: 2026 Guide tRPC v11 + Next.js App Router: End-to-End Type Safety Without the Boilerplate ShadCN UI in 2026: Why I Stopped Installing Component Libraries and Started Owning My Components SaaS Billing in React Server Components: Stripe + Supabase Without a Single `useEffect` Join our DEV Weekend Challenge — $1,000 in Prizes Across TEN winners! Submissions Due April 20 at 6:59 AM UTC. Implementing FSRS Spaced Repetition in Flutter + Supabase — Adding Memory Science to an AI Learning App "I Texted My Localhost From the Train — Claude Code Fixed the Bug Before I Got Home" I Built a Sales Prep AI and It Went Deeper Than Expected Design to Code #2: One JSON, Eleven Outputs Solving the 100M-Row Problem: A Summary Table Pattern for High-Volume Push Notification Logs Flutter Web With Wasm: What Actually Changes For Developers I Built 50 Royalty-Free Soundtracks for My Side Project in a Weekend Using AI Music Generation The Vibe Coding Security Checklist: 7 Things to Check Before You Ship Stop Letting Googlebot Guess Fix Your React App's SEO Right Desconstruindo o Streaming do LinkedIn: Como Criar um Engine de Extração de Vídeo de Alta Performance com HLS e FFmpeg (EDA Part-1) EDA (Exploratory Data Analysis) Explained With Real Life — Why Looking at Your Data Is the Most Important Step in Machine Learning Brand Relationship Management at Scale: Our 4-Touch Outreach System for 200+ Brands Why String.fromEnvironment() Might Return an Empty String in Dart JGuardrails 1.0.0 — Hardening Java LLM Apps Against Jailbreaks, Toxicity, and Prompt Injection Plan and Schedule a Full Week of Threads Content From One Claude Conversation Coding Cat Oran Ep3, Five Tables Changed Everything Updated: BFF Pattern I'm done watching freelancers get buried by 200 proposals. So I'm building the alternative. This is my first post BFS Algorithm in Java Step by Step Tutorial with Examples Tracking LLM Pricing Monthly: An Open Dataset for 22 AI Models How We Measure Content ROI on a Comparison Site: Revenue Attribution Without Perfect Data Introducing Nova AI Ops: The AI-Native Operating System for SRE Teams I built a free desktop video downloader for Windows — Grabbit How Talkie OCR Helps Vision-Impaired & Dyslexic Users Read the World Around Them VRCFaceTracking安装和iPhone面捕配置教程,有bug Even CrowdStrike Can't See Your Agents The Automation Gold Rush: What n8n Workflows and Claude Are Opening Up for Developers Right Now
I have NFC implants in both hands. I only installed one of them myself.
Nic Lydon · 2026-05-04 · via DEV Community

I have two NFC chip implants. One in each hand. I put the one in my left hand in myself, on a Saturday afternoon in January 2024, after spending two or three minutes holding the needle against my skin and slowly working out the exact spot. The one in my right hand I drove an hour out to Worcester for, paid a guy $150, and held still while he did the install in a tattoo and piercing studio.

Same technology, more or less. Two completely different installation paths. There's a reason for that, and the reason is also the reason one of them has a blue LED that lights up when I scan it and the other one doesn't.

The first implant: left hand, just in case

I'm right-handed. So when I ordered my first implant in January 2024 (a Dangerous Things NExT, which is a dual-chip module containing both a 125 kHz RFID transponder and a 13.56 MHz NTAG216 NFC chip), I knew it was going in my left hand. If something went wrong, if I hit a tendon, if the chip migrated weird, if I got an infection, I wanted my dominant hand to be the unaffected one.

The original plan was to find someone to install it for me. I called a tattoo and piercing place a friend recommended. They said no, it wasn't legal in Massachusetts for a body piercer to perform implant procedures. I called a guy in Worcester from the Dangerous Things partner list. Same answer. He told me to look at Connecticut or Rhode Island.

I'm not driving to a different state for this. So I watched a YouTube video of someone doing a self-install end to end, grabbed some alcohol wipes, and decided to do it myself. As I told a friend at the time:

I might end up doing it myself.

A few hours later:

I implanted a chip in my hand today. Do you want to see the video?

I filmed the whole thing on my phone. The injector that comes with the NExT kit is essentially a very large gauge hypodermic needle preloaded with the bioglass chip. The needle is wide. It is also, as I noted afterward in real time:

That was a very large gauge needle and not very sharp.

Youtube: Self implanting NExT RFID & NFC chip

The actual install was less dramatic than I expected. I cleaned the area, marked the entry point, pinched the skin between thumb and forefinger of my right hand, and pressed the needle against my left hand at a shallow angle. Then I waited. I held it there for two or three minutes, adjusting my grip, making sure I had the exact angle and depth I wanted, before committing.

That part isn't in any of the videos. The videos cut from "needle approaches skin" to "needle in skin" without showing the slow buildup of confidence. But that buildup is most of what makes the difference between a clean install and a bad one. Once I was certain, the needle pushed right in. Almost no blood. The whole thing took maybe ninety seconds of actual contact, surrounded by an hour of preparation.

A planning constraint most people don't have

One detail in the timing that's specific to me: I take Humira (adalimumab) every other Friday for an autoimmune condition. Humira is an immunosuppressant, which means the days right after each dose are not the days you want to be healing a fresh wound. So I scheduled the self-install for the off weekend, the one when my immune system would be at full strength.

That's the kind of planning constraint that doesn't show up in any biohacking blog because most biohackers aren't on biologics. But if you're reading this and you're on any kind of immunosuppressive therapy, it's worth thinking about. Tiny puncture, but still a puncture, and your healing window matters.

The healing took about ten days. There was some bandage irritation, a tiny scab, and a faint bruise. By the end of the first week I could already read both chips through the bandage. The badge clone for my office front door was working before the wound was fully closed.

The part where the medical system doesn't have a checkbox for this

Before ordering the second implant, I wanted to confirm the first one was sitting where it should be. Seemed responsible. I asked my doctor for an x-ray of my left hand.

She was not thrilled. I don't think she'd encountered this before, and her initial response made it pretty clear she wasn't sure what to do with a patient who'd voluntarily implanted an RFID chip in his own hand and was now asking for imaging to check on it. I get it. There's no protocol for this. There's no ICD code for "patient self-implanted microchip, requests follow-up imaging, reports no symptoms." The conversation had a tone.

My position was simple: I had a foreign object inside of my hand. I'd like to know where it is and whether it's sitting right. That seems like exactly the kind of thing an x-ray is for. I ended up getting the imaging. Everything looked fine. No migration, no issues, nothing unexpected. Good news, because I'd already bought the second chip.

In hindsight, having the conversation with your doctor before the first install is probably the smarter move. I went in after the fact and that made the interaction harder than it needed to be.

The second implant: right hand, professionally installed

By mid-February I'd been living with the NExT for a month. The hand worked fine. The chip worked fine. The healing had been clean. So I started thinking about a second one.

I knew I wanted an xSIID. Same NFC functionality as the NTAG side of the NExT, but with one critical addition: a tiny LED that pulls power from the field when you scan it and lights up. Mine is blue. When I tap my hand on a phone or reader, my knuckle glows.

This time I made a different decision about installation. From a text I sent that February:

I'm getting my first LED implant. It arrives on Tuesday. I'm having it put in my right hand, and I'm a righty, so I'm going to go out to Worcester and have that guy do it.

Three things changed between the first install and the second. First, the right hand is my dominant hand, and an LED implant only pays off if it's in a hand you actually wave around. The whole point is the show-and-tell, and you show with your dominant hand. Second, I was past the "can I prove I can do this myself" stage. The first install validated the technique. The second install was about getting the placement perfect, because:

I want the LED in P1 or P2 because it will show up better under the thinner skin.

The "P0/P1/P2" notation is from the Dangerous Things community standard for hand implant locations. P0 is the webbing between thumb and index finger. P1 is the back of the hand near the index knuckle. The thinner the skin over the LED, the more visible the glow. I wasn't going to risk getting that placement wrong on my dominant hand by doing it myself.

Third, the practical issue. I needed a driver. From the same conversation:

I'm getting it in my right hand, so I won't be able to drive afterwards.

Worcester is about an hour from where I live. The installer charged $150. He knew exactly what he was doing. He had implanted magnets in the back of his own hand that he used as tool holders during the procedure, sticking the needles and scalpels to his hand instead of laying them down on the table. He took one look at the small star tattoo on my right index finger knuckle and said, "as soon as I saw the star tattoos, I was hoping you were gonna tell me it was going under that."

NFC Implant Install Illustration

The xSIID went in. It hurt about as much as the first one. The LED took several days to be visible, because there's a lot of trapped blood at the install site that takes time to clear. By the second week, I could see the blue glow when I scanned my hand, and now, two years later, it's a solid clear blue every time.

What I actually do with them

People ask if you can pay for things with these. You can't, not really, not in the US. The implants don't have the secure element that contactless payment cards use. Anyone telling you otherwise is either using a workaround that expires or is in Europe.

Here's what mine actually do, on a normal Tuesday:

The NExT in my left hand is a clone of my office building access badge. I tap my left hand against the reader, the door unlocks. I haven't needed to carry a physical badge in two years.

The xSIID in my right hand is doing the kind of thing the Dangerous Things community calls a "fistbump login." I have a small USB device on my desk, a Dangerous Things KBR1. It's a 13.56 MHz reader that presents itself to the computer as a USB HID keyboard. When I tap my right hand on it, it types out the chip's UID followed by Enter. I've concatenated that UID with a regular memorized password to form my actual laptop password, so the actual login flow is: tap the reader with my hand, then type the rest. To log in to my laptop I have to type something I know, and tap the device with the chip in my hand. Two factors, one motion.

NFC Implanted Chip hand against NFC scanner

Is that proper cryptographic multi-factor authentication? No. The UID is a public identifier. Anyone with a 13.56 MHz reader and physical proximity to my hand could capture it. Anyone with a Flipper Zero could clone it onto a Magic NTAG card. What it actually is is a long random string I never have to remember and never type, that an attacker can't get from a phishing page or a keylogger alone.

I'm comfortable with the tradeoff. The threat model on my personal laptop doesn't include nation-state actors close enough to my hand to scan it. If it did, I'd add a Yubikey. For everyday use, the convenience and the small entropy boost together are a real upgrade over a memorable password.

What I'd do differently

Two things. First, I'd consider doing the install on the LED implant earlier, while I was still in the "I just installed one myself" mindset. The Worcester install was easy in retrospect. Splitting the two installs by six weeks broke a streak that I might have been able to ride.

Second, I'd think harder about the second LED placement. P1 is right at the index knuckle, which is the most expressive part of the hand and the part you naturally point with. Mine looks great, but the chip is large enough that I notice it when I make a fist. P0, in the webbing, would have been less visible day-to-day but maybe more comfortable for fine motor work. If you're considering an LED implant, the visibility-vs-comfort tradeoff is real and you should think about it before, not after.

Where this is going

Two years on, the implants are part of how I interact with the physical world. I forget about them most of the time. Then I tap my hand on a reader, the LED catches, and I remember. Whatever the future of personal identification looks like, I've spent two years living with a version of it.

The next round of projects is about building my own readers. I have a 3D printer and a soldering iron arriving this week, a stack of ESP32 boards, and a PN5180 long-range NFC module on the way. The first build is a bedside reader. The second is a USB-HID desk reader to replace the KBR1 on a second workstation. The one after that is, well, more theatrical.

But that's a different post.