You completely missed the point, he never went to that website on his phone

Automated kernel reporting must be opt-in

Any form of automated bug reporting can be dangerous if not done on an opt-in basis. You might be on an IP address you can't admit to using or have your hardware tied to when such a bug is triggered and the report sent. Just imagine the result of a kernel crash report containing encryption keys that gete intercepted by NSA and forwarded to police. For me, that could trigger a raid (raid #2) in an attempt to beat my re-keying process. How about one sent while running TAILS to post dissident material under a military dictatorship like Egypt (where 529 protesters were just sentenced to death). People trust things like TAILS with their lives, and these are based on Linux.

Automatic reporting by default has to be regarded as a "phone home" security hazard. That's why I go through both operating systems and browsers and disable all software that engages in network activity without an explicit request to do so on my part, automatic update checking included.

How did google know? They own your phone

Are you using a smartphone with a Google-provided or a carrier-provided operating system? If so, that's
how Google knows. Countermeasure is to only run an OS you control, and to block Google outright in
/etc/hosts (on a Linux-based OS) if you still get that kind of crap.

It is very easy for Google or a phone company to drop a tracking binary with an innocuous-sounding
name into any OS they install. CarrierIQ is a notorious example, revealed by a whistleblower from it's
own develoment team. Carriers could even opt to use it as a keylogger.

Remember, any operating system or hardware provided by a cellular carrier works for and is
effectively owned by them-it is their servant, not yours.

My Experia Z struggled a bit but was able to get it.

I would be nice if the Kernel displayed the error using KMS on a clean screen.

Ok, zbarimg was able to read it, maybe my camera is just crap, although my camera read this one just fine

It didn't actually read the QR code ^^ Realized that now.

Maybe try with this one: http://levex.fedorapeople.org/kernel...de_600x600.png
The one in the article is compressed (funny: the original one is smaller ) and has a watermark.

By the way, I don't have anything with a camera and a QR scanner right now, but I tried it with an online decoder and it worked.

That's all my phone managed to get out of it. Is that all?

Also how the actual fuck does Google know which website I was taking a photo off? Damn Google you scary!

Actually the QRcode displayed on the article is just damaged. QRcodes work best when they're just 2 colors (black and white), but this image has a bunch of shades of gray in it in several areas making it unrecognizable by the QRcode reader. This becomes obvious when you copy the image into GIMP then zoom in.

That's a Goldberg-tier way of distributing some malware. Attacking the huge intersection of smartphone-using Linux users who report kernel bugs using their phone.

1. Create a kernel patch that forms such malware in the QR output and causes a kernel oops.
2. Get said patch upstream, or atleast in Ubuntu.
3. ???
4. Profit