Path: csiph.com!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail From: Arno Welzel Newsgroups: comp.mobile.android Subject: Re: Recognising (or not) QR codes Date: Sun, 6 Jul 2025 12:52:23 +0200 Lines: 36 Message-ID: References: <457djl-m9c5.ln1@q957.zbmc.eu> <92vejl-bft5.ln1@q957.zbmc.eu> <1043hls$1kvvg$2@solani.org> <104678i$1mopc$1@solani.org> <1046afb$1mrqo$1@solani.org> Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Trace: individual.net RMcJIe8fW7DcoJ0wcRbwZwuSmK+xk5Pk06bPCpaXdCOqvyE1GE Cancel-Lock: sha1:yFMAvaBMTXp1mgE2ektSUMk8FVI= sha256:gdqqNrtrTD952PP/0xH3brrnk3mu0VKJWxT4f1L5J6o= Content-Language: en-US, de-DE In-Reply-To: <1046afb$1mrqo$1@solani.org> Xref: csiph.com comp.mobile.android:149641 Jörg Lorenz, 2025-07-03 18:17: > On 03.07.25 17:26, Arno Welzel wrote: >> Jörg Lorenz, 2025-07-03 17:22: >> >>> On 03.07.25 14:19, Allodoxaphobia wrote: >>>> On Wed, 2 Jul 2025 17:02:20 +0200, Jörg Lorenz wrote: >>>>> On 02.07.25 15:24, VanguardLH wrote: >>>>>> My concern is a QR code can contain a URL. >>>>> >>>>> That is their purpose. >>>> >>>> And scammers/crackers/evil-doers see an opportunity. >>> >>> QR-Codes in public places are very insecure. And in addition QR-codes >>> should never be used for financial transactions or other security >>> sensitive activities. >> >> Not the QR-Codes themself are insecure - its the websites they link to. > > The code is very often faked to divert to such a (insecure) site. > Popular where payment processes are involved like EV-chargers for instance. Yes, but then the danger is still that people trust websites they open by using the QR code and not the QR code itself. By calling QR codes "dangerous" you give the wrong impression, that just scanning a QR code and checking, what website it links to, is dangerous. And this is of course not the case. Just don't trust any websites which get opened using a QR code scan - only view them and do never enter any personal data there. -- Arno Welzel https://arnowelzel.de