Email or username:

Password:

Forgot your password?
Darius's posts Post Back to profile
Top-level
Maybe it's Eyesaline

@darius I think the issues are:

QR codes are opaque, so you have no idea what one will do, whereas you can see a URL's contents.

QR codes can hold arbitrary data, not just URLs, so you might exercise non-browser code paths that URLs can't reach.

You might also encode an app-specific deeplink to trigger bugs in, like, poorly written cryptoshit wallet programs.

It's probably 75% paranoia, but I wouldn't do it.

14 Feb 2022 at 18:45 | Wall-to-wall | Open on mastodon.social
3 comments
Darius Kazemi

@ieure can't you do an opaque app specific deep link by using a URL shortener and pointing it to say zoom://whatever and open a zoom meeting? Just as an example

Also I contend that many many people do not have the digital literacy to understand even the slightest bit of what a plaintext URL is telling them.

14 Feb 2022 at 18:47 | Open on friend.camp
external quantum efficiency

@darius @ieure hmm I think there are code paths available via QR that aren't available to a bitly redirect, like maybe vcard?

Hmmm, there's lots of interesting stuff to do here github.com/zxing/zxing/wiki/Ba I like "join my wifi network"

14 Feb 2022 at 21:21 | Open on aleph.land
prasoon

@darius
Most non-tech people I know don't understand anything about urls. This includes people who only use apps to access the Internet, browser not being one of them, and people who know that they can open some links in a browser but, don't know about any part of the url or what it does.
My personal observations have been consistent with what my friends working with fake news in low digital literate communities found.

16 Feb 2022 at 11:53 | Open on mastodon.social
Go Up