This probably goes without saying for people here but DO NOT SCAN the fucking QR code that's on one of the pages on this site.
It is a code to allow them to collect personal data from you. They are using these codes as one of many data source for their heatmaps of at-risk locations for unionisation, they are probably also using it to permanently keep tabs on people they may not want to employ in future.
If you zoom in very closely on the code you'll see a tiny url that links to this: https://privacy.flowcode.com
I would be concerned about doing it from any phone without knowing EXACTLY what they're doing. I don't know what info they're potentially grabbing from the phone in order to identify it and if they're able to identify anything about the phone then they're probably able to then speak with partner companies that do tracking for marketing to identify the individual owner of the phone.
I'd say if it's through emulating Android or something then yeah go nuts but I wouldn't do it on any owned hardware without knowing first what's going on and what data they can grab.
What I'd probably do is go into a Linux container or a Whonix VM and make HTTP requests with falsified user agents or something like that; mind you I'm not an expert, but I feel like that'd at least be the start of a secure way to do it
Probably fine as long as it's not on a real phone. Whether that's even useful activity or not I don't know though, hard to say how that data will look on their side and how easy it will be to discard from the rest of the data.
Anything that wastes even a tiny bit of their time is probably good though.
I feel like something from Tor would be a bit too easy to discard, but I think with a right blend of randomized user agents connecting from common VPNs would be harder to filter out. Would be rad were there a generous gray-hat with a botnet, but I only know stuff from the defense side
This probably goes without saying for people here but DO NOT SCAN the fucking QR code that's on one of the pages on this site.
It is a code to allow them to collect personal data from you. They are using these codes as one of many data source for their heatmaps of at-risk locations for unionisation, they are probably also using it to permanently keep tabs on people they may not want to employ in future.
If you zoom in very closely on the code you'll see a tiny url that links to this: https://privacy.flowcode.com
They're collecting whatever they want.
They're sharing it with whoever they want.
Do not under any circumstances scan that code. It only links to https://doitwithoutdues.com, but gives them all they need to track you.
If you're an Amazon employee you should probably not even visit either website at all, especially with your phone.
We're got you covered!*
Applies to full time employees only.
We truly do live in a cyberpunk dystopia
Time to systematically "scan" from several VPNs and Tor exit nodes?
I would be concerned about doing it from any phone without knowing EXACTLY what they're doing. I don't know what info they're potentially grabbing from the phone in order to identify it and if they're able to identify anything about the phone then they're probably able to then speak with partner companies that do tracking for marketing to identify the individual owner of the phone.
I'd say if it's through emulating Android or something then yeah go nuts but I wouldn't do it on any owned hardware without knowing first what's going on and what data they can grab.
What I'd probably do is go into a Linux container or a Whonix VM and make HTTP requests with falsified user agents or something like that; mind you I'm not an expert, but I feel like that'd at least be the start of a secure way to do it
Probably fine as long as it's not on a real phone. Whether that's even useful activity or not I don't know though, hard to say how that data will look on their side and how easy it will be to discard from the rest of the data.
Anything that wastes even a tiny bit of their time is probably good though.
I feel like something from Tor would be a bit too easy to discard, but I think with a right blend of randomized user agents connecting from common VPNs would be harder to filter out. Would be rad were there a generous gray-hat with a botnet, but I only know stuff from the defense side
Hopefully we can attract these types down the line. I'd love to see more grey/blackhat discussion around the site.