Announcement

Collapse
No announcement yet.

Kernel Developers Look At QR Codes For Error Messages

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • #11
    Originally posted by pouar View Post
    Actually the QRcode displayed on the article is just damaged. QRcodes work best when they're just 2 colors (black and white), but this image has a bunch of shades of gray in it in several areas making it unrecognizable by the QRcode reader. This becomes obvious when you copy the image into GIMP then zoom in.
    Maybe try with this one: http://levex.fedorapeople.org/kernel...de_600x600.png
    The one in the article is compressed (funny: the original one is smaller ) and has a watermark.

    By the way, I don't have anything with a camera and a QR scanner right now, but I tried it with an online decoder and it worked.

    Comment


    • #12
      It didn't actually read the QR code ^^ Realized that now.

      Comment


      • #13
        Originally posted by pouar View Post
        Actually the QRcode displayed on the article is just damaged. QRcodes work best when they're just 2 colors (black and white), but this image has a bunch of shades of gray in it in several areas making it unrecognizable by the QRcode reader. This becomes obvious when you copy the image into GIMP then zoom in.
        Ok, zbarimg was able to read it, maybe my camera is just crap, although my camera read this one just fine
        http://levex.fedorapeople.org/kernel...de_600x600.png

        Comment


        • #14
          My Experia Z struggled a bit but was able to get it.

          I would be nice if the Kernel displayed the error using KMS on a clean screen.

          Comment


          • #15
            How did google know? They own your phone

            Originally posted by blackout23 View Post
            [CODE]
            Also how the actual fuck does Google know which website I was taking a photo off? Damn Google you scary!
            http://imgur.com/NmBSATQ
            Are you using a smartphone with a Google-provided or a carrier-provided operating system? If so, that's
            how Google knows. Countermeasure is to only run an OS you control, and to block Google outright in
            /etc/hosts (on a Linux-based OS) if you still get that kind of crap.

            It is very easy for Google or a phone company to drop a tracking binary with an innocuous-sounding
            name into any OS they install. CarrierIQ is a notorious example, revealed by a whistleblower from it's
            own develoment team. Carriers could even opt to use it as a keylogger.

            Remember, any operating system or hardware provided by a cellular carrier works for and is
            effectively owned by them-it is their servant, not yours.

            Comment


            • #16
              Automated kernel reporting must be opt-in

              Any form of automated bug reporting can be dangerous if not done on an opt-in basis. You might be on an IP address you can't admit to using or have your hardware tied to when such a bug is triggered and the report sent. Just imagine the result of a kernel crash report containing encryption keys that gete intercepted by NSA and forwarded to police. For me, that could trigger a raid (raid #2) in an attempt to beat my re-keying process. How about one sent while running TAILS to post dissident material under a military dictatorship like Egypt (where 529 protesters were just sentenced to death). People trust things like TAILS with their lives, and these are based on Linux.

              Automatic reporting by default has to be regarded as a "phone home" security hazard. That's why I go through both operating systems and browsers and disable all software that engages in network activity without an explicit request to do so on my part, automatic update checking included.

              Comment


              • #17
                Originally posted by Luke View Post
                Are you using a smartphone with a Google-provided or a carrier-provided operating system? If so, that's
                how Google knows. Countermeasure is to only run an OS you control, and to block Google outright in
                /etc/hosts (on a Linux-based OS) if you still get that kind of crap.

                It is very easy for Google or a phone company to drop a tracking binary with an innocuous-sounding
                name into any OS they install. CarrierIQ is a notorious example, revealed by a whistleblower from it's
                own develoment team. Carriers could even opt to use it as a keylogger.

                Remember, any operating system or hardware provided by a cellular carrier works for and is
                effectively owned by them-it is their servant, not yours.
                You completely missed the point, he never went to that website on his phone

                Comment


                • #18
                  Did the QR code contain anything from Google?

                  Originally posted by AJenbo View Post
                  You completely missed the point, he never went to that website on his phone

                  Did the QR code or anything in the website that was photographed contain something from Google?

                  In fact, I would not trust a networked device with a QR code at all for security reasons, they are
                  rather like blind, non-human readable hyperlinks. One more part of the smartphone, Facebooked
                  world I have avoided.

                  Also-I cannot read German, might have missed something in that image
                  Last edited by Luke; 04-05-2014, 10:23 PM.

                  Comment


                  • #19
                    Originally posted by Luke View Post
                    Did the QR code or anything in the website that was photographed contain something from Google?

                    In fact, I would not trust a networked device with a QR code at all for security reasons, they are
                    rather like blind, non-human readable hyperlinks. One more part of the smartphone, Facebooked
                    world I have avoided.

                    Also-I cannot read German, might have missed something in that image
                    The reader shows you the human readable version and asks you if you want to proceed.

                    Comment


                    • #20
                      Originally posted by blackout23 View Post
                      Also how the actual fuck does Google know which website I was taking a photo off? Damn Google you scary!
                      http://imgur.com/NmBSATQ
                      My guess would be that it ran an OCR algorithm on the text and then did a search on the result it may also have scanned the QR code itself and indexed it as part of it's web crawling process, and matched it up when you scanned the code. There's honestly no reason that they wouldn't do that at this point if they detected one.

                      Comment

                      Working...
                      X