Comment by Jerry2

Comment by Jerry2 5 days ago

11 replies

View on Hacker News

I'm kinda relieved that it doesn't work on an iPhone. I often scan codes posted around to save the time typing URLs and running arbitrary code by just scanning a QR code freaks me out.

kuberwastaken 5 days ago

Ironically, I actually wrote a blog about how casually we do this and how dangerous it's become lol https://kuberwastaken.github.io/blog/Technology/QR-Codes-and...

Reply View 4 replies
  • Valodim 5 days ago

    The content is good, but fyi the last third or so had a distinct ai padding vibe

    Reply View 2 replies
    • kuberwastaken 5 days ago

      AI padding vibe?

      Reply View 1 reply
      • poilcn 5 days ago

        I kinda see that too. Basically, the way some authors use to increase content size with redundant words is the default behavior for Ai chats plus all the disclaimers to avoid possible litigations or negative public image.

        Reply View 0 replies
  • [removed] 5 days ago
    [deleted]
    Reply View 0 replies
Blikkentrekker 5 days ago

It runs inside a web browser though. This is no different from visiting an arbitrary link and running whatever arbitrary code in the Javascript sandbox of that link and one already knows a q.r. code an take one to an arbitrary link.

Reply View 3 replies
  • Blikkentrekker 5 days ago

    That said, I wouldn't mind an upgrade to the standard of say say if the link be printed above the code in human readable form in some way, the reader would refuse to open it, or at least be configurable to refuse to open it if they not match.

    Reply View 0 replies
  • dylan604 5 days ago

    This QR code does. But what about a QR using similar designed by someone less honorable? With QR codes, you have no idea what will happen until you scan it. At that point, it could be too late

    Reply View 1 reply
    • Blikkentrekker 5 days ago

      As far as I know the only form of code execution they support is by the URL datatype which carries the same risks as wel already mentioned anyway.

      Reply View 0 replies
berkes 5 days ago

How is this different from opening any website through a QR code, that will then run "arbitrary code"?

Reply View 0 replies