this post was submitted on 06 Jan 2025
838 points (98.8% liked)

Memes

48281 readers
2772 users here now

Rules:

  1. Be civil and nice.
  2. Try not to excessively repost, as a rule of thumb, wait at least 2 months to do it if you have to.

founded 5 years ago
MODERATORS
gary_host_laptop@lemmy.ml
sexy_peach@feddit.de
cyclohexane@lemmy.ml
cypherpunks@lemmy.ml
838
The best use of QR codes (slrpnk.net)
submitted 2 months ago by compostgoblin@slrpnk.net to c/memes@lemmy.ml
59 comments fedilink hide all child comments
 
top 50 comments
sorted by: hot top controversial new old
[–] LovableSidekick@lemmy.world 71 points 2 months ago (5 children)

Does anybody configure their phone to automatically scan photos for QR codes and visit the links?

[–] Frog@lemmy.ca 22 points 2 months ago (1 children)

I think as a precaution, barcode scanners stopped automatically going to links.

Even if a link isn't malicious, you can still get someone's IP address or device fingerprint.

[–] spongeborgcubepants@lemmy.world 5 points 2 months ago

IP would not be an issue, your phone is behind cgnat when using a mobile connection

[–] zurohki@aussie.zone 22 points 2 months ago (1 children)

When my phone's barcode reader app sees a web link, it fetches the page's title to display next to the actual link. So it is going to that web server and fetching resources by itself. Even though it isn't actually rendering the page and running javascript, it might be exploitable.

[–] LovableSidekick@lemmy.world 8 points 2 months ago (3 children)

But that's the barcode app - is it always running, looking for barcodes in all the photos you take? Because there are already shirt with giant barcodes on them - presumably just artistic with no meaning, but who knows?

[–] zurohki@aussie.zone 8 points 2 months ago (1 children)

is it always running, looking for barcodes in all the photos you take?

Has Google's camera app added that yet? If not it's only a matter of time.

[–] mp3@lemmy.ca 2 points 2 months ago

It does.

[–] Revan343@lemmy.ca 6 points 2 months ago

My camera brings up the links/data in any QR code that's in the shot, I would have to fatfinger it and click the link (twice, because it asks you to confirm that you want to open the link) though

[–] Malfeasant@lemm.ee 5 points 2 months ago

I have a shirt with a QR code that goes to a Rick roll. It doesn't work nearly as well as I'd hoped. Even people trying to scan it have a hard time, forget about anyone scanning it unknowingly. Mr. Astley did in fact let me down.

[–] jaybone@lemmy.world 6 points 2 months ago

I configure my phone to automatically follow the links from scammer texts.

[–] SturgiesYrFase@lemmy.ml 3 points 2 months ago

My phone's camera app just doesn't scan qr codes. It's actually really frustrating. I refuse to install a specific qr scanner, but I'd still like the ability to scan a menu code at restaurants or to get the WiFi connection at a hotel....

load more comments (1 replies)
[–] HikingVet@lemmy.sdf.org 52 points 2 months ago (5 children)

Except if they were halfway intelligent they wouldn't have it go automatically to the site.

And when you do this and something goes really wrong criminal charges get laid.

[–] tkk13909@sopuli.xyz 53 points 2 months ago (2 children)

I'm not sure if you could actually get criminal charges for this unless you were hosting the malware in which case that's another issue. It would essentially be the same as walking around with a website URL on your shirt. The observer is responsible for typing in the URL or scanning the code and what they decide to do on the website that follows.

[–] HikingVet@lemmy.sdf.org 21 points 2 months ago (2 children)

There's the argument that you distrubuted it.

[–] ReversalHatchery@beehaw.org 16 points 2 months ago (4 children)

got it from a thrift shop, I don't even know what that square thing is

load more comments (4 replies)
[–] ZoopZeZoop@lemmy.world 3 points 2 months ago

Same argument for having it direct you to somewhere like meatspin. Can't be distributing porn to minors.

[–] Malfeasant@lemm.ee 2 points 2 months ago (1 children)

I tend to agree that this is how it should be, that doesn't mean that's how it is. If you walk around with a T-shirt that says "kill all CEOs" along with where to find them, you're going to run into some trouble, despite being a similar situation- you're just giving instructions, it's up to the viewer what to do with them.

load more comments (1 replies)
[–] breakcore@discuss.tchncs.de 22 points 2 months ago (1 children)

Except that people are not halfway intelligent.

[–] Kusimulkku@lemm.ee 4 points 2 months ago

Often the apps are from what I know. Most ones I've used don't open the link straight away

[–] Imgonnatrythis@sh.itjust.works 6 points 2 months ago

I'm ok just targeting the ones that aren't halfway intelligent for now.

[–] HalfAHero@lemmy.world 5 points 2 months ago (1 children)

Can we just get a website that plays a soundbite at full volume screaming about how they person is bad at privacy practices, maybe with Korn in the background for maximum embarrassment?

load more comments (1 replies)
[–] cdf12345@lemm.ee 4 points 2 months ago (1 children)

Criminal charges? It’s called the 1st amendment bro.

[–] HikingVet@lemmy.sdf.org 8 points 2 months ago (1 children)

Not if it incites violence, causes harm or any of the other carve outs in the first amendment of the USA.

I am aware that the post is supposed to be funny, and you are most likely making a joke, but this is the internet and these sort of disclaimers tend to be necessary.

load more comments (1 replies)
[–] SnotFlickerman@lemmy.blahaj.zone 32 points 2 months ago* (last edited 2 months ago) (3 children)

Why not just use this one?

[–] Iheartcheese@lemmy.world 31 points 2 months ago (2 children)

I knew what it would be. I still grabbed my phone. I saw youtube. I still clicked it.

[–] rockSlayer@lemmy.world 34 points 2 months ago (1 children)

At this point I do it just to feel something

[–] Iheartcheese@lemmy.world 8 points 2 months ago

I feel...him

[–] Imgonnatrythis@sh.itjust.works 10 points 2 months ago (2 children)

YouTube? Ok, I was going to guess goatse, but guessing not now.

[–] Iheartcheese@lemmy.world 17 points 2 months ago (1 children)

Search your heart. You know what it is. You know.

[–] Imgonnatrythis@sh.itjust.works 10 points 2 months ago (2 children)

It's not healthy that my mind goes right to goatse is it?

[–] Aggravationstation@feddit.uk 8 points 2 months ago* (last edited 2 months ago)

If you immediately thought of goatse when imagining the results of a link prank it probably means you have some lingering trauma from using the internet when the last century was old or when this one was new, as many here do. If you immediately thought of goatse when someone asked you what your plans for your birthday are, that might be an issue.

[–] Iheartcheese@lemmy.world 4 points 2 months ago

no. You are clinically fucked I would know my dad works at hospital.

[–] dragonlobster@programming.dev 5 points 2 months ago (1 children)

Don't give up

[–] someacnt@sh.itjust.works 3 points 2 months ago (1 children)

Dang it, my streak was going well till this

[–] DragonOracleIX@lemmy.ml 4 points 2 months ago

Don't let yourself down like that. Start a new streak.

[–] breakcore@discuss.tchncs.de 3 points 2 months ago

Dairy Queen, word for word.

I'll skip it :)

[–] xorollo@leminal.space 16 points 2 months ago (1 children)

Snowcrash

[–] Screen_Shatter@lemmy.world 4 points 2 months ago

i ge en i ge en nu ge en nu ge en us sa tur ra lu ra ze em men...

[–] bstix@feddit.dk 15 points 2 months ago

The largest QR code can hold up to 3 kb of data, which is more than enough to write a nasty virus in an injectable script if aimed at specific devices/apps. The main hurdle is breaking the app to execute the code instead of treating it as a string. It's the Drop Bobby Tables joke. Developers hopefully don't fall for this anymore.

Anyway. Making a shitty link and leading people there isn't a new idea. You don't even need a t-shirt. Hackers already place their own printed QR labels on top of otherwise real codes, and the user might not even notice, because they'll be redirected to the right site after the dirty deed is done dirt cheap.

[–] mEEGal@lemmy.world 9 points 2 months ago (1 children)

here's an idea : let it redirect to a URL but with it's query params tweaked so it automatically attempts an SQL injection on the website when loading

[–] SkyezOpen@lemmy.world 7 points 2 months ago

Outsourcing hacking? Not bad.

[–] PyroNeurosis@lemmy.blahaj.zone 6 points 2 months ago

Tragically they were beaten to death in broad daylight by police, but there was no surviving evidence.

[–] Malfeasant@lemm.ee 6 points 2 months ago (1 children)

Depending on what they plan to use the video for, a middle finger can be sufficient.

load more comments (1 replies)
[–] m_f@discuss.online 6 points 2 months ago* (last edited 2 months ago) (1 children)

X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*

[–] MeowZedong@lemmygrad.ml 4 points 2 months ago* (last edited 2 months ago)

A friend sent me this. Doesn't work on most phones now, just older androids I think. It's meant to teach you not to scan unknown QR codes by causing androids to restart on scanning.

[–] Imgonnatrythis@sh.itjust.works 4 points 2 months ago

Sounds a bit Snowcrashy.

[–] MutilationWave@lemmy.world 2 points 2 months ago

So I thought I pulled a great prank once. I made a QR code that directed to lemonparty. I used an online sticker service's free trial to print a bunch up with my friend's Instagram at the bottom. I travel all over for work so I was going to put them everywhere.

My problem was I printed them in yellow and they wouldn't scan. I told my friend and he thought it was a funny idea just like I knew he would, not a malicious prank. Wish it had worked.

load more comments
view more: next ›