Read more.Cybercrooks put their QR stickers over genuine ones.
Read more.Cybercrooks put their QR stickers over genuine ones.
Not a lot of point using them on a website where you could just use a link (and presumably that's where they are vulnerable to this clickjacking anyway*). But they are good for posters and presentations.
*or I could read the article Hmm OK so this is physical sticking a new QR code sticker ontop of a poster on a busy location. Fair enough, that's a legit threat. Luckily QR codes are quite easy to customise, which won't eradicate the problem, but will make it more hassle.
Last edited by kalniel; 11-12-2012 at 12:23 PM.
surely you're vulnerable anywhere, android especially is more vulnerable to clickjacking than iOS at present
Old puter - still good enuff till I save some pennies!
I think you overestimate the typing a word thing. Sometimes its a lot more than that, and also my phone will take about 1.5 seconds from opening the search app, to capturing the QR code. I don't see how anyone could type faster than using the QR code on WP 7.5 onwards.
They are handy!
But at the end of the day, is it a problem that someone might have clickjacked something, no. Because its not as if I ever follow a QR code to enter my credit card details and copy of birth certificate is it.
throw new ArgumentException (String, String, Exception)
If you set up your phone to zip straight into the right app like Goggles then it works fairly quick but I agree the benefits are minimal - the idea of short phrases you can enter into search engines is better...
For advertisers its ideal - ad says "search frisbee" and you Google/Bing will always show the first result as that frisbee ad site. You know what you're getting with that.
Last edited by kingpotnoodle; 11-12-2012 at 02:09 PM.
I think you misunderstand the useage, you could put a unique URL into a QR code to give somebody an offer etc. that is what they really should be used for...but I know many people don't use them as they should, from both sides!
Old puter - still good enuff till I save some pennies!
True, but its probably only a matter of time. And there are other mobile OS, some of which are a bigger (and maybe easier, *cough* Android *cough*) target...
When we as a societal whole need to teach people "internet safety" then technologies like QR are not really helpful - you can't pay attention to what links you follow if it's non human readable. Same reason I'm not a fan of URL shortening using the random alphanumeric codes - anyone who clicks on one of them is asking for trouble.
Actually thanks to fragmentation Andriod is quite hard to make malware for in a way. You have to find a vector that has been constant across all the differen't incantations.
The only in the wild drive by exploit that achived many users I've heard of was for iOS....
throw new ArgumentException (String, String, Exception)
Interestedly it just made me realise how easy it is to make one, I will be adding one to things with my business website.
There are currently 1 users browsing this thread. (0 members and 1 guests)