You must log in or register to comment.
Does anybody configure their phone to automatically scan photos for QR codes and visit the links?
Not sure but I think QR codes that hold wi-fi creds would more likely be automatically processed by phones. Seems like an adequate attack surface. Maybe dodgy creds could overflow or do some kind of DB attack. Or even legit creds could lead someone to connect to a malicious hot-spot captive portal that the attacker carries.
When my phone’s barcode reader app sees a web link, it fetches the page’s title to display next to the actual link. So it is going to that web server and fetching resources by itself. Even though it isn’t actually rendering the page and running javascript, it might be exploitable.
But that’s the barcode app - is it always running, looking for barcodes in all the photos you take? Because there are already shirt with giant barcodes on them - presumably just artistic with no meaning, but who knows?
Except if they were halfway intelligent they wouldn’t have it go automatically to the site.
And when you do this and something goes really wrong criminal charges get laid.
Except that people are not halfway intelligent.
Can we just get a website that plays a soundbite at full volume screaming about how they person is bad at privacy practices, maybe with Korn in the background for maximum embarrassment?
Criminal charges? It’s called the 1st amendment bro.
Not if it incites violence, causes harm or any of the other carve outs in the first amendment of the USA.
I am aware that the post is supposed to be funny, and you are most likely making a joke, but this is the internet and these sort of disclaimers tend to be necessary.
A smart attack would be coupled with a clear message. Have the malware clobber them with anti-evil messages and just like that you have a sound free speech defense.
I’m not sure if you could actually get criminal charges for this unless you were hosting the malware in which case that’s another issue. It would essentially be the same as walking around with a website URL on your shirt. The observer is responsible for typing in the URL or scanning the code and what they decide to do on the website that follows.
There’s the argument that you distrubuted it.
got it from a thrift shop, I don’t even know what that square thing is
I don’t know about the states, but here in Canada the government takes the position “ignorance of the law is not a defence”.
You’re not being ignorant of the law - you’re being ignorant of the weird computer square printed on the shirt you thrifted
Claiming you didn’t know it could cause harm isn’t a defense in court in Canada.
Anymore bullshit?
“Malice” implies intent. Accidents are not malicious. Neglect in the worst case. So certainly any charges could not be based on malice.
Christ you’re a cordial fellow
I was, I thought quite clearly, having a joking poke. Obviously “didn’t know lol” isn’t a defense.
