Somehow that very obvious attack vector hadn’t occurred to me…location specific QR codes that redirect you through a site that captures a browser fingerprint before redirecting to a “legit” looking site. From there super easy to keep tabs on browsing behavior of anyone who was at the protest.
i'm skeptical of anything involving a QR code that isn't explicitly a restaurant menu. It's probably data collection
Somehow that very obvious attack vector hadn’t occurred to me…location specific QR codes that redirect you through a site that captures a browser fingerprint before redirecting to a “legit” looking site. From there super easy to keep tabs on browsing behavior of anyone who was at the protest.
I’ll hover over one with my camera and it’ll say bit.ly or some shit and I nope right outta there