Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I've also heard of QR-reader software being exploitable through QR codes that they're supposed to read.

So any time I see a QR code, I hesitate to point a reader app at it because I'm concerned that my phone could get hacked through it.



It would be really hard for a QR app to take over your phone, even if it is poorly written and gets owned. There are layers of protection below the aps on an OS like iOS. I'm not saying it's absolutely impossible, but if someone figured it out they could sell the technique for literally millions of dollars to a huge assortment of potential buyers. They probably aren't going to waste it on you.


My phone is a rooted Android phone, though.


Then don't give the QR app root.


That's the case for any software that accepts any kind of input.

Your browser, your PDF viewer, your messenger are just more popular, but not fundamentally different from a QR reader application.


Years ago, WinAmp on Windows was exploitable through a maliciously prepared .m3u playlist: a simple plain text file expected to be filled with pathnames of songs, one per line.

If you're so scared, don't browse anything with your mobile device; browsers are exploitable through pages they land on.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: