Tencent admits to poisoned QR code attack on QQ chat platform Chinese web giant Tencent has admitted to a significant account hijack attack on its QQ.com messaging and social media platform. In a post to rival social media platform Sina Weibo – a rough analog of Twitter – Tencent apologized for the incident. The problem manifested on Sunday night and saw an unnamed number of QQ users …
First we had 'URL shortening' which conceals the target domain from the user.
Then we encountered hashed path components which prevent the target document being identified.
Now we have QR codes, which are utterly incomprehensible.
All of which make it ever harder to browse the web with caution and make it ever easier for malefactors to operate. Not really a very good approach.
I've never accepted QR codes for this reason, no idea what is happening "behind the curtain" after the link activates.
During Covid a few (take out) restaurants wanted me to scan their QR codes to get a digital copy of their menus - sorry, but a firm "No" was my immediate answer. I'll take the paper copy, please.
"But, but..."
No paper copy, no order, no customer. Non-negotiable.
I'm sorry, but am I the only one the in the world with any form of [electronic] self preservation??!
You are not the only one. Enjoy a pint with my compliments.
I recently went to a restaurant to order take out. I asked for a paper copy of their menu. They told me I could go grab their app which had everything I'd need to know. "Then I need to know how to download, instal, & run an app on a *FeaturePhone* that can do none of those things." Oh, then go online & the site includ- "You mean the site that is Not Accessible & prevents me from doing anything other than reading the title to insist I'm visiting your site even though there's *nothing else* for my screen reader to read?" Ummmm... "How about you provide a paper copy that I can take home, decide if I want to place an order with you, and then send a sighted helper out to do just that?" Well, they can just download our ap-
This is me leaving & taking my money elsewhere. You make it impossible for me to do business with you, don't be surprised when I take that as you having told me to fek right off because you don't want my money. I bet it spends perfectly fine with your competition. Bastards.
Companies seem to think that *everyone* has a SmartPhone. They do not. There are many valid reasons someone might not, among them cost, viability (how long does it last versus a FeaturePhone), security (FeaturePhones don't need updating as often if ever, since they don't include all the security flaws inherent in a supposedly smarter device), and often don't include functions deemed deal breakers for whatever reason (headphone jack, removeable battery, expandable memory, etc). All those hundreds of billions of Chinese & Indian users that still buy FeaturePhones each year must have a reason, no? I wonder what reason that might be? How about that a mere FeaturePhone makes it just a smidge more difficult for our every belch & fart to be tracked through a device with an always-on mic, user-facing webcam, & a battery that can't be removed to force such bits have been defanged.
Some of us value privacy & security. Others want convenience. Members of the first tend to look upon the second & wonder WTF they're thinking. Then we remember, they *are not* thinking, which is what caused the problem in the first place. =-/
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
