Groups | Search | Server Info | Login | Register
Groups > comp.mobile.android > #149640
| From | Arno Welzel <usenet@arnowelzel.de> |
|---|---|
| Newsgroups | comp.mobile.android |
| Subject | Re: Recognising (or not) QR codes |
| Date | 2025-07-06 12:50 +0200 |
| Message-ID | <mcv2npF7rf1U1@mid.individual.net> (permalink) |
| References | (6 earlier) <1043hls$1kvvg$2@solani.org> <0b9gjlxfaq.ln2@Telcontar.valinor> <10468as.qpg.1@ID-201911.user.individual.net> <5stijlx3h.ln2@Telcontar.valinor> <1046sr7.7gk.1@ID-201911.user.individual.net> |
Frank Slootweg, 2025-07-03 21:31: > Carlos E.R. <robin_listas@es.invalid> wrote: >> On 2025-07-03 15:41, Frank Slootweg wrote: [...] >>> So QR codes are multi-purpose, *some* are dangerous, but others >>> *enhance* security/safety/privacy/<whatever>! :-) >> >> And AFAIK, the danger is only when opening an URL without pausing. > > Indeed. VanguardLH sort of implied that there are QR scanning apps (or > QR scanning parts of camera, etc. apps), which directly open the URL > without pausing, but didn't give details, so for the moment that's FUD. An URL itself is never "dangerous" - because if you assume that, that *all* links in the web are dangerous as well, if you do not check, where the link will bring you, before clicking it. In fact the danger comes from trusting an URL to be a known website, where you usually enter your account details to get access to your e-mail account, bank account or similar. That's one of the reasons why you should never open the website for online banking using a provided third party QR code since you can never know, if the URL is trustworthy. And since we have unicode nowadays and IDN domains, it may be possible to substitude single letters by very similar looking unicode symbols, so the URL still looks legit, even though it brings you to a fake phishing website. So the better approach is to enter the URL of your bank account or webmail always manually or use a bookmark for that which you have created on your own before. The problem of phishing on the other hand is at least partly mitigated by using 2FA, TOTP (time-based one-time password) or Passkey - in this case the username and password and not enough, since you still need the second factor, the TOTP or the browser needs to provide a valid key for the Passkey authentication. And Passkey won't work at all on fake websites since the authentication with Passkey is only registered for the original website and won't work on a fake website with a different domain. -- Arno Welzel https://arnowelzel.de
Back to comp.mobile.android | Previous | Next — Previous in thread | Next in thread | Find similar
Recognising (or not) QR codes Chris Green <cl@isbd.net> - 2025-07-01 15:15 +0100
Re: Recognising (or not) QR codes Andy Burns <usenet@andyburns.uk> - 2025-07-01 15:39 +0100
Re: Recognising (or not) QR codes Marion <marion@facts.com> - 2025-07-01 14:57 +0000
Re: Recognising (or not) QR codes Andy Burns <usenet@andyburns.uk> - 2025-07-01 16:12 +0100
Re: Recognising (or not) QR codes Marion <marion@facts.com> - 2025-07-01 15:25 +0000
Re: Recognising (or not) QR codes Theo <theom+news@chiark.greenend.org.uk> - 2025-07-01 18:07 +0100
Re: Recognising (or not) QR codes VanguardLH <V@nguard.LH> - 2025-07-01 11:24 -0500
Re: Recognising (or not) QR codes Arno Welzel <usenet@arnowelzel.de> - 2025-07-01 20:20 +0200
Re: Recognising (or not) QR codes Chris Green <cl@isbd.net> - 2025-07-01 19:55 +0100
Re: Recognising (or not) QR codes "Carlos E.R." <robin_listas@es.invalid> - 2025-07-01 21:15 +0200
Re: Recognising (or not) QR codes VanguardLH <V@nguard.LH> - 2025-07-01 20:03 -0500
Re: Recognising (or not) QR codes Chris Green <cl@isbd.net> - 2025-07-02 07:09 +0100
Re: Recognising (or not) QR codes Jörg Lorenz <hugybear@gmx.net> - 2025-07-02 08:48 +0200
Re: Recognising (or not) QR codes Chris Green <cl@isbd.net> - 2025-07-02 08:07 +0100
Re: Recognising (or not) QR codes Andy Burns <usenet@andyburns.uk> - 2025-07-02 09:00 +0100
Re: Recognising (or not) QR codes Yusuf Khan <yusuf.khan.nospam@ptcl.net.pk> - 2025-07-02 22:03 +0500
Re: Recognising (or not) QR codes Andy Burns <usenet@andyburns.uk> - 2025-07-02 18:41 +0100
Re: Recognising (or not) QR codes Jörg Lorenz <hugybear@gmx.net> - 2025-07-02 10:05 +0200
Re: Recognising (or not) QR codes "Carlos E.R." <robin_listas@es.invalid> - 2025-07-02 12:38 +0200
Re: Recognising (or not) QR codes Jörg Lorenz <hugybear@gmx.net> - 2025-07-02 17:00 +0200
Re: Recognising (or not) QR codes Frank Slootweg <this@ddress.is.invalid> - 2025-07-02 15:31 +0000
Re: Recognising (or not) QR codes Jörg Lorenz <hugybear@gmx.net> - 2025-07-03 15:54 +0200
Re: Recognising (or not) QR codes Andy Burns <usenet@andyburns.uk> - 2025-07-02 08:11 +0100
Re: Recognising (or not) QR codes Marion <marion@facts.com> - 2025-07-02 17:08 +0000
Re: Recognising (or not) QR codes Arno Welzel <usenet@arnowelzel.de> - 2025-07-03 17:24 +0200
Re: Recognising (or not) QR codes VanguardLH <V@nguard.LH> - 2025-07-02 08:24 -0500
Re: Recognising (or not) QR codes Jörg Lorenz <hugybear@gmx.net> - 2025-07-02 17:02 +0200
Re: Recognising (or not) QR codes Andy Burns <usenet@andyburns.uk> - 2025-07-02 18:40 +0100
Re: Recognising (or not) QR codes "Carlos E.R." <robin_listas@es.invalid> - 2025-07-02 20:11 +0200
Re: Recognising (or not) QR codes Frank Slootweg <this@ddress.is.invalid> - 2025-07-03 13:41 +0000
Re: Recognising (or not) QR codes "Carlos E.R." <robin_listas@es.invalid> - 2025-07-03 20:13 +0200
Re: Recognising (or not) QR codes Frank Slootweg <this@ddress.is.invalid> - 2025-07-03 19:31 +0000
Re: Recognising (or not) QR codes "Carlos E.R." <robin_listas@es.invalid> - 2025-07-03 22:35 +0200
Re: Recognising (or not) QR codes Arno Welzel <usenet@arnowelzel.de> - 2025-07-06 12:50 +0200
Re: Recognising (or not) QR codes Allodoxaphobia <trepidation@example.net> - 2025-07-03 12:19 +0000
Re: Recognising (or not) QR codes Jörg Lorenz <hugybear@gmx.net> - 2025-07-03 17:22 +0200
Re: Recognising (or not) QR codes Arno Welzel <usenet@arnowelzel.de> - 2025-07-03 17:26 +0200
Re: Recognising (or not) QR codes Jörg Lorenz <hugybear@gmx.net> - 2025-07-03 18:17 +0200
Re: Recognising (or not) QR codes Arno Welzel <usenet@arnowelzel.de> - 2025-07-06 12:52 +0200
Re: Recognising (or not) QR codes Frank Slootweg <this@ddress.is.invalid> - 2025-07-03 19:28 +0000
Re: Recognising (or not) QR codes Marion <marion@facts.com> - 2025-07-04 17:20 +0000
Re: Recognising (or not) QR codes ram@zedat.fu-berlin.de (Stefan Ram) - 2025-07-04 18:30 +0000
Re: Recognising (or not) QR codes Andy Burns <usenet@andyburns.uk> - 2025-07-04 19:47 +0100
Re: Recognising (or not) QR codes Marion <marion@facts.com> - 2025-07-04 23:59 +0000
Re: Recognising (or not) QR codes Marion <marion@facts.com> - 2025-07-04 18:51 +0000
Re: Recognising (or not) QR codes "Carlos E.R." <robin_listas@es.invalid> - 2025-07-05 20:10 +0200
Re: Recognising (or not) QR codes Arno Welzel <usenet@arnowelzel.de> - 2025-07-06 12:55 +0200
Re: Recognising (or not) QR codes Frank Slootweg <this@ddress.is.invalid> - 2025-07-02 15:44 +0000
Re: Recognising (or not) QR codes Marion <marion@facts.com> - 2025-07-02 17:16 +0000
Re: Recognising (or not) QR codes VanguardLH <V@nguard.LH> - 2025-07-02 22:18 -0500
Re: Recognising (or not) QR codes "Carlos E.R." <robin_listas@es.invalid> - 2025-07-03 11:24 +0200
Re: Recognising (or not) QR codes Frank Slootweg <this@ddress.is.invalid> - 2025-07-03 19:08 +0000
Re: Recognising (or not) QR codes Andy Burns <usenet@andyburns.uk> - 2025-07-02 08:05 +0100
Re: Recognising (or not) QR codes Jörg Lorenz <hugybear@gmx.net> - 2025-07-02 10:29 +0200
Re: Recognising (or not) QR codes "Carlos E.R." <robin_listas@es.invalid> - 2025-07-02 12:43 +0200
Re: Recognising (or not) QR codes Andy Burns <usenet@andyburns.uk> - 2025-07-02 11:53 +0100
Re: Recognising (or not) QR codes Marion <marion@facts.com> - 2025-07-02 17:49 +0000
Re: Recognising (or not) QR codes Marion <marion@facts.com> - 2025-07-02 17:32 +0000
Re: Recognising (or not) QR codes Andy Burns <usenet@andyburns.uk> - 2025-07-03 00:34 +0100
Re: Recognising (or not) QR codes Arno Welzel <usenet@arnowelzel.de> - 2025-07-03 17:22 +0200
csiph-web