Page 1 of 1

antivaxxer hijacks QR codes

Posted: Fri Apr 30, 2021 2:07 pm
by Stephanie
Interesting story here about an anti-vaxxer in Australia basically putting his own QR codes over those used for contact tracking - which then took anyone scanning them to an anti-vax website.

https://threatpost.com/anti-vaxxer-hija ... 19/165701/

Re: antivaxxer hijacks QR codes

Posted: Sat May 01, 2021 9:15 am
by tom p
f.cking hell, what an utter shithouse.
I'm very glad that he'll be going to jail

Re: antivaxxer hijacks QR codes

Posted: Sat May 01, 2021 1:40 pm
by sTeamTraen
This is despicable, but it's true that it's a pretty trivial exploit. QR codes on restaurant tables are pretty common round here and it would be "amusing" to replace them with a rival menu, or Goatse or whatever.

Re: antivaxxer hijacks QR codes

Posted: Sat May 01, 2021 2:28 pm
by Bird on a Fire
sTeamTraen wrote:
Sat May 01, 2021 1:40 pm
This is despicable, but it's true that it's a pretty trivial exploit. QR codes on restaurant tables are pretty common round here and it would be "amusing" to replace them with a rival menu, or Goatse or whatever.
Activists do it too. For instance, a QR code on a Shell ad might instead go to a website about climate change.

Surpring goatse-ing people could be quite amusing, in certain contexts.

Re: antivaxxer hijacks QR codes

Posted: Mon May 03, 2021 2:00 am
by Chris Preston
This needs to be put into context. In South Australia, QR codes for registration are being used as part of the contract tracing process for COVID-19. If you don't have a smart phone, you are required to physically sign in every time you enter a premises. It is a requirement for business to provide information about everyone who has entered their premises to the Government.

And you all thought 1984 was just a novel. The rules are only in place for the duration of the declared emergency to do with the pandemic.

Re: antivaxxer hijacks QR codes

Posted: Mon May 03, 2021 2:43 am
by basementer
Stephanie wrote:
Fri Apr 30, 2021 2:07 pm
Interesting story here about an anti-vaxxer in Australia basically putting his own QR codes over those used for contact tracking - which then took anyone scanning them to an anti-vax website.

https://threatpost.com/anti-vaxxer-hija ... 19/165701/
Don't know how it works over there, but in NZ the QR codes are scanned from within a specific app. If you scan one it doesn't recognise, it doesn't interpret it as a web address and launch a browser. It just says that it doesn't recognise it.

Re: antivaxxer hijacks QR codes

Posted: Mon May 03, 2021 3:29 am
by Martin_B
basementer wrote:
Mon May 03, 2021 2:43 am
Stephanie wrote:
Fri Apr 30, 2021 2:07 pm
Interesting story here about an anti-vaxxer in Australia basically putting his own QR codes over those used for contact tracking - which then took anyone scanning them to an anti-vax website.

https://threatpost.com/anti-vaxxer-hija ... 19/165701/
Don't know how it works over there, but in NZ the QR codes are scanned from within a specific app. If you scan one it doesn't recognise, it doesn't interpret it as a web address and launch a browser. It just says that it doesn't recognise it.
WA has an app, which sounds like the NZ one. But Victoria relies on the phone's QR reader, so could be hijacked in this way.

Re: antivaxxer hijacks QR codes

Posted: Mon May 03, 2021 4:36 am
by basementer
Martin_B wrote:
Mon May 03, 2021 3:29 am
basementer wrote:
Mon May 03, 2021 2:43 am
Stephanie wrote:
Fri Apr 30, 2021 2:07 pm
Interesting story here about an anti-vaxxer in Australia basically putting his own QR codes over those used for contact tracking - which then took anyone scanning them to an anti-vax website.

https://threatpost.com/anti-vaxxer-hija ... 19/165701/
Don't know how it works over there, but in NZ the QR codes are scanned from within a specific app. If you scan one it doesn't recognise, it doesn't interpret it as a web address and launch a browser. It just says that it doesn't recognise it.
WA has an app, which sounds like the NZ one. But Victoria relies on the phone's QR reader, so could be hijacked in this way.
Mm, OK. I'd say I thought that sounded like a foreseeable security risk, except that these systems had to be built and deployed under worse pressure than I ever had to deal with.

Re: antivaxxer hijacks QR codes

Posted: Wed May 05, 2021 12:26 pm
by tom p
basementer wrote:
Mon May 03, 2021 4:36 am
Martin_B wrote:
Mon May 03, 2021 3:29 am
basementer wrote:
Mon May 03, 2021 2:43 am

Don't know how it works over there, but in NZ the QR codes are scanned from within a specific app. If you scan one it doesn't recognise, it doesn't interpret it as a web address and launch a browser. It just says that it doesn't recognise it.
WA has an app, which sounds like the NZ one. But Victoria relies on the phone's QR reader, so could be hijacked in this way.
Mm, OK. I'd say I thought that sounded like a foreseeable security risk, except that these systems had to be built and deployed under worse pressure than I ever had to deal with.
Even so, a national rollout of the same App would surely have made sense.

Re: antivaxxer hijacks QR codes

Posted: Thu May 06, 2021 6:17 am
by Martin_B
tom p wrote:
Wed May 05, 2021 12:26 pm
basementer wrote:
Mon May 03, 2021 4:36 am
Martin_B wrote:
Mon May 03, 2021 3:29 am


WA has an app, which sounds like the NZ one. But Victoria relies on the phone's QR reader, so could be hijacked in this way.
Mm, OK. I'd say I thought that sounded like a foreseeable security risk, except that these systems had to be built and deployed under worse pressure than I ever had to deal with.
Even so, a national rollout of the same App would surely have made sense.
That requires the different states to agree, and agree with the federal government. The federal government has already produced a particularly useless app and some states were against having any kind of app.

Re: antivaxxer hijacks QR codes

Posted: Fri May 07, 2021 9:30 pm
by dyqik
Martin_B wrote:
Thu May 06, 2021 6:17 am

That requires the different states to agree, and agree with the federal government. The federal government has already produced a particularly useless app and some states were against having any kind of app.
God, you might as well move to the US...

Re: antivaxxer hijacks QR codes

Posted: Sat May 08, 2021 9:43 am
by Squeak
dyqik wrote:
Fri May 07, 2021 9:30 pm
Martin_B wrote:
Thu May 06, 2021 6:17 am

That requires the different states to agree, and agree with the federal government. The federal government has already produced a particularly useless app and some states were against having any kind of app.
God, you might as well move to the US...
At least there are only seven states here and none of them are run by nutters. Last year, the states ganged up to effectively force the federal government into zero tolerance of covid infections, for which I am immensely grateful.

Interstate travel is a bit marginal at the moment anyway, since the borders close with little warning whenever there's community transmission of covid, so it doesn't really matter that each state uses a different app. Most people are starting close to home or traveling to a single other state for a holiday. We're not all doing constant laps of the continent.

Re: antivaxxer hijacks QR codes

Posted: Sat May 08, 2021 10:40 am
by Chris Preston
dyqik wrote:
Fri May 07, 2021 9:30 pm
Martin_B wrote:
Thu May 06, 2021 6:17 am

That requires the different states to agree, and agree with the federal government. The federal government has already produced a particularly useless app and some states were against having any kind of app.
God, you might as well move to the US...
The Commonwealth Government rolled out an app that is useless. The states are responsible for contact tracing, so some states created their own apps based on locations, rather than Bluetooth connections to other phones. Had the Commonwealth Government got it right the first time, there would have been one app.

Re: antivaxxer hijacks QR codes

Posted: Sun May 09, 2021 7:49 am
by Martin_B
Squeak wrote:
Sat May 08, 2021 9:43 am
dyqik wrote:
Fri May 07, 2021 9:30 pm
Martin_B wrote:
Thu May 06, 2021 6:17 am

That requires the different states to agree, and agree with the federal government. The federal government has already produced a particularly useless app and some states were against having any kind of app.
God, you might as well move to the US...
At least there are only seven states here and none of them are run by nutters. Last year, the states ganged up to effectively force the federal government into zero tolerance of covid infections, for which I am immensely grateful.

Interstate travel is a bit marginal at the moment anyway, since the borders close with little warning whenever there's community transmission of covid, so it doesn't really matter that each state uses a different app. Most people are starting close to home or traveling to a single other state for a holiday. We're not all doing constant laps of the continent.
Psst, Squeak. 6 states and 2 territories. ;)

Re: antivaxxer hijacks QR codes

Posted: Sun May 09, 2021 1:59 pm
by Squeak
Martin_B wrote:
Sun May 09, 2021 7:49 am
Squeak wrote:
Sat May 08, 2021 9:43 am
dyqik wrote:
Fri May 07, 2021 9:30 pm


God, you might as well move to the US...
At least there are only seven states here and none of them are run by nutters. Last year, the states ganged up to effectively force the federal government into zero tolerance of covid infections, for which I am immensely grateful.

Interstate travel is a bit marginal at the moment anyway, since the borders close with little warning whenever there's community transmission of covid, so it doesn't really matter that each state uses a different app. Most people are starting close to home or traveling to a single other state for a holiday. We're not all doing constant laps of the continent.
Psst, Squeak. 6 states and 2 territories. ;)
Oops. I'll just have in my passport now, shall I?

(Do you think I can reapply for citizenship after coffee?)

Re: antivaxxer hijacks QR codes

Posted: Mon May 10, 2021 1:23 am
by Martin_B
Squeak wrote:
Sun May 09, 2021 1:59 pm
Martin_B wrote:
Sun May 09, 2021 7:49 am
Squeak wrote:
Sat May 08, 2021 9:43 am

At least there are only seven states here and none of them are run by nutters. Last year, the states ganged up to effectively force the federal government into zero tolerance of covid infections, for which I am immensely grateful.

Interstate travel is a bit marginal at the moment anyway, since the borders close with little warning whenever there's community transmission of covid, so it doesn't really matter that each state uses a different app. Most people are starting close to home or traveling to a single other state for a holiday. We're not all doing constant laps of the continent.
Psst, Squeak. 6 states and 2 territories. ;)
Oops. I'll just have in my passport now, shall I?

(Do you think I can reapply for citizenship after coffee?)
Sure. I was mainly wondering which territory you had considered a state, and which you had forgotten (probably NT and ACT in that order).

And considering Australia also has half a dozen overseas territories (the Antarctic territory, Norfolk Island, Christmas Island, Cocos Islands, etc) the old adage of 6 states and 2 territories doesn't really stand up!

Re: antivaxxer hijacks QR codes

Posted: Mon May 10, 2021 6:25 am
by Squeak
Martin_B wrote:
Mon May 10, 2021 1:23 am


Sure. I was mainly wondering which territory you had considered a state, and which you had forgotten (probably NT and ACT in that order).

And considering Australia also has half a dozen overseas territories (the Antarctic territory, Norfolk Island, Christmas Island, Cocos Islands, etc) the old adage of 6 states and 2 territories doesn't really stand up!
NT is the one that routinely gets elevated in my brain, so presumably I was thinking of that one.

There's something funny about the offshore territories though - they're legally very different to NT and ACT, which both get representation in the federal Parliament. The offshore ones might be called territories but I think it's reasonable to ignite them when thinking about the members of the national cabinet.

If I were more actively curious than I am this afternoon, I'd probably go on a wikiwalk to find out why...