This. Just, this.
-
This. Just, this.
@cstross it should be called the Medusa virus.
-
This. Just, this.
@cstross
Bonus points for bricking facial-recognition cameras. -
@neurovagrant @cstross @unknownbinaries I have that as a QR code on the underside of my laptop…
@neurovagrant @cstross @unknownbinaries anyone nosey enough to scan it deserves all they get
-
This. Just, this.
@cstross just remember not to take any selfies, amirite?
-
This. Just, this.
@cstross oh, but this exists. someone on here did a small batch of sew-on patches a few years ago that were QR codes of the EICAR test file. we have a couple...
-
@cstross oh, but this exists. someone on here did a small batch of sew-on patches a few years ago that were QR codes of the EICAR test file. we have a couple...
@cstross it isn't technically a virus, it's a file that virus scanners per their spec are supposed to treat as if it's a virus. so, for example, if a badly-written surveillance camera decodes the QR code and stores it in a way that a virus scanner can see (which is not what it should do, but...), then the virus scanner will quarantine the file which may break the camera
-
@neurovagrant @cstross @unknownbinaries How big a zip bomb can you get in one, anyway? And can you fit the EICAR string in an unpleasantly long way in?...
@flippac @neurovagrant @cstross @unknownbinaries if you're executing arbitrary code from a QR code, I think a zip bomb is the least of your worries.
-
@cstross it isn't technically a virus, it's a file that virus scanners per their spec are supposed to treat as if it's a virus. so, for example, if a badly-written surveillance camera decodes the QR code and stores it in a way that a virus scanner can see (which is not what it should do, but...), then the virus scanner will quarantine the file which may break the camera
@cstross that said, to know whether it actually works and when would require a lot of testing, which to our knowledge nobody has done
-
@flippac @neurovagrant @cstross @unknownbinaries if you're executing arbitrary code from a QR code, I think a zip bomb is the least of your worries.
@earthshine @neurovagrant @cstross @unknownbinaries it doesn't need to be executed - just mishandled by careless AV
-
This. Just, this.
@cstross my phone does not automatically scan QR codes, is this a feature on newer phones?
-
@flippac @neurovagrant @cstross @unknownbinaries if you're executing arbitrary code from a QR code, I think a zip bomb is the least of your worries.
@earthshine @flippac @neurovagrant @unknownbinaries QR code to download a PDF containing Javascript (which the PDF standard now incorporates) to dynamically generate a zip bomb containing infinite copies of itself.
-
@cstross my phone does not automatically scan QR codes, is this a feature on newer phones?
@Jmvars If so, it's a mis-feature. (iOS recognizes QR codes but then tells you to tap to confirm you want to open the URL it points to.)
-
@neurovagrant @trainguyrom @anotherdaniel @cstross @unknownbinaries I am not saying that a huge grocery store chain in norway is vulnerable to this "attack" in their self service tills, I would not know anything about that, no need to ask any further questions
-
This. Just, this.
@cstross Fuck yeah, I want one too and accessories as well!
-
This. Just, this.
-
@earthshine @flippac @neurovagrant @unknownbinaries QR code to download a PDF containing Javascript (which the PDF standard now incorporates) to dynamically generate a zip bomb containing infinite copies of itself.
@cstross @flippac @neurovagrant @unknownbinaries isn't modern software great?
-
This. Just, this.
I thought that's why Hentai TShirts are printed!
-
This. Just, this.
@cstross Sounds like the sort of thing that Adversarial Fashion would do/be interested in:
-
This. Just, this.
Great idea actually!
-
@neurovagrant @cstross @unknownbinaries
There's an older discussion on the topic here in my and @catsalad's timeline, not only with the EICAR, but also with a nice SQL bomb (remember Bobby Tables?
). Please feel free to make a shirt out of it.On German ambulances are QR codes leading to pages informing about why it's bad to film victims and rescuers. A good idea. Makes filming impossible if your camera app opens QR codes right away without user consent...
