this post was submitted on 23 Sep 2024
206 points (97.7% liked)

Privacy

32165 readers
199 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] ohwhatfollyisman@lemmy.world 81 points 2 months ago (11 children)

scanning a random qr code has to be this generation's plugging in an unknown usb drive.

[–] ChaoticNeutralCzech 28 points 2 months ago* (last edited 1 month ago) (5 children)

It's easier to take precautions though. You probably don't have an insulated USB port or throwaway host device but handling QR codes safely just takes basic tech and skill.

Important advice:

  • Don't use apps that auto-open URLs in QR codes when pointed at!
  • Make sure the app shows the full content of the QR code and lets you peruse it indefinitely before you open the link!
  • Know the structure of URLs and common pitfalls!

Recommendations:

  • Be extra suspicious if there is no URL printed next to the code, or if the printed URL is different.
  • Use an open source reader app (most QR codes don't contain secrets but it's got permission to use either camera!) that does not resolve Punycode (Unicode in TLDs).
  • Strip any tracking parameters you spot before following any URLs.
  • Be careful if the QR code could have been easily tampered with (on a sticker over the original one, or on a plain sheet of paper inserted into a plastic wrap together with the rest)

I think today's generation's equivalent is free Wi-Fi networks. Kids without mobile data in an area without an established public network will connect to just about any open one unless the SSID includes "LaserJet" or similar.

[–] Zagorath@aussie.zone 5 points 2 months ago (1 children)

Strip any tracking parameters you spot before following any URLs.

If it's one of these QR codes at a restaurant for ordering, the parameters could possibly be necessary to properly connect your order to your table, depending on how they're set up.

[–] ChaoticNeutralCzech 1 points 2 months ago

Then it's not a tracking parameter of course.

load more comments (3 replies)
load more comments (8 replies)