Really TRUE odd factoids

Chris S · Thursday at 21:58

markemark said:
Yes you can. Pretty much any mobile device can read a qr code without it doing anything with it. You can read the data, you can view the url. There’s no encryption. Anyone can view what it contains.

If you've got the correct software on your mobile device, otherwise scammers wouldn't be able to get away with putting fake QR codes over genuine ones.

markemark · Thursday at 22:06

Chris S said:
If you've got the correct software on your mobile device, otherwise scammers wouldn't be able to get away with putting fake QR codes over genuine ones.

No correct software needed. The same software that you use to follow the qr code is the software you can use to view what it contains. When you use the phone camera and it recognises a qr it shows you the url before you click on it.

If people ignore that and blindly follow it then that’s the user being daft and not the problem how it is given.
But let’s take the car park example. Let’s say it’s a full url and not a qr written on the machine: it might be payforparking.com. Then a scammer sticks a label and changes it to paysforparking.com. No qr code. People get scammed. The qr delivery is irrelevant.

DaveReading · Thursday at 22:28

markemark said:
When you use the phone camera and it recognises a qr it shows you the url before you click on it.

If people ignore that and blindly follow it then that’s the user being daft and not the problem how it is given.

Naive or unaware, perhaps.

"Daft" is a bit unkind.

Alex321 · Friday at 09:11

classic33 said:
Used to be able to read barcodes, without anything required. Can't do the same with QR codes.

Only if they also printed the numbers under or over the code itself.

Alex321 · Friday at 09:12

Chris S said:
If you've got the correct software on your mobile device, otherwise scammers wouldn't be able to get away with putting fake QR codes over genuine ones.

They get away with that because most people don't actually look at the URL before just clicking on it.

The default software on most mobiles will show the URL rather than just automatically taking you there.

markemark · Friday at 09:15

Alex321 said:
Only if they also printed the numbers under or over the code itself.

Interestingly it is the blank spaces that contains the number. The black bars are the spaces.

matticus · Friday at 09:42

markemark said:
...
If people ignore that and blindly follow it then that’s the user being daft and not the problem how it is given.
But let’s take the car park example. Let’s say it’s a full url and not a qr written on the machine: it might be payforparking.com. Then a scammer sticks a label and changes it to paysforparking.com. No qr code. People get scammed. The qr delivery is irrelevant.

If this scam didn't work, scammers wouldn't use it.
The scam works because this technology makes it easier to scam people.

Calling people stupid doesn't change that.

markemark · Friday at 09:47

matticus said:
If this scam didn't work, scammers wouldn't use it.
The scam works because this technology makes it easier to scam people.

Calling people stupid doesn't change that.

That's not my point. The scam works by redirecting people to a fake website. This could be a sticker over a QR code. Or it could be a sticker over a URL. Or a sticker over the app name you need to download. The scam is the same. The delivery of the direction is irrelevant. The security failure is not the QR code but a sticker and a fake website. To say that QR codes are a security risk is nonsense. The failure here is printed material directing people to give their banking details which can easily be manipulated.

matticus · Friday at 09:57

markemark said:
That's not my point. The scam works by redirecting people to a fake website. This could be a sticker over a QR code. Or it could be a sticker over a URL. Or a sticker over the app name you need to download. The scam is the same. The delivery of the direction is irrelevant. The security failure is not the QR code but a sticker and a fake website.

The success of a scam is all down to the details.

markemark · Friday at 10:00

matticus said:
The success of a scam is all down to the details.

I am sure. But what does that mean to the security risks of a QR code as opposed to a url or app and a sticker?

Alex321 · Friday at 10:51

markemark said:
I am sure. But what does that mean to the security risks of a QR code as opposed to a url or app and a sticker?

It is probably slightly easier to scam people into clicking on a link that is generated automatically from the QR code than it is to csam them into manually typing in a URL.

But things like the parking ones just wouldn't work if people had to type in the URL, because most people would find that more hassle than just paying with cash or card at the machine.

QR Codes give much greater convenience, but the more convenient it is, the easier it is to scam people.

Chris S · Friday at 11:12

There are more civil servants in the Ministry of Defence than there are RAF and Royal Navy personnel combined.
https://www.thetimes.com/uk/defence...od-outnumber-navy-and-raf-personnel-nngtrnfq0

Chris S · 2025-01-05T18:10:48+0000

The soles for the first Nike prototypes were made using a kitchen waffle maker.

Really TRUE odd factoids

Chris S

Legendary Member

markemark

Über Member

DaveReading

Don't suffer fools gladly (must try harder!)

Alex321

Guru

Alex321

Guru

markemark

Über Member

matticus

Guru

markemark

Über Member

matticus

Guru

markemark

Über Member

Alex321

Guru

Chris S

Legendary Member

Chris S

Legendary Member

Similar threads