this post was submitted on 17 Jan 2024
332 points (93.0% liked)

The Onion

4742 readers
17 users here now

The Onion

A place to share and discuss stories from The Onion, Clickhole, and other satire.

Great Satire Writing:

founded 3 years ago
MODERATORS
[email protected]
[email protected]
332
No Scan Do (i.kinja-img.com)
submitted 11 months ago by [email protected] to c/[email protected]
130 comments fedilink hide all child comments
 

read more: https://www.theonion.com/no-scan-do-1851166788

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] -1 points 11 months ago (9 children)

I think you'll find there isn't an Android or iPhone on the market today vulnerable to SQL injection or XSS etc via scanning a QR code. You're talking about device vulnerabilities that get patched and it's equally possible to encounter these exploits with plaintext URLs

[–] Cypher 5 points 11 months ago (6 children)

You’re talking about device vulnerabilities that get patched

Patching out zero days takes time.

it’s equally possible to encounter these exploits with plaintext URLs

Yes which is why I clearly stated that following URLs from any unknown sources carries risk.

The difference is that due to menus being a point of payment they have a greater incentive for abuse.

[–] [email protected] 7 points 11 months ago (5 children)

So we shouldn't use smartphone features if they could potentially have exploits? With this logic you shouldn't have a phone.

[–] Baines 1 points 11 months ago

no but QR is a shit bug/exploit riddled mess of a format

load more comments (4 replies)
load more comments (4 replies)
load more comments (6 replies)