Sign up to save your podcasts
Or
Share iOS QR Code Reader Can Be Spoofed | TWiT Bits
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
iOS QR Code Reader Can Be Spoofed | TWiT Bits
With iOS v11, the iOS camera app is continually looking for QR codes and, when found, displays a confirmation message prompting the user whether they wish to open Safari at that URL. But there's a URL parsing error which allows the true URL domain to be hidden behind a spoofed display URL. By exploiting the URL parsing flaw one domain can be shown while another entirely different domain is visited.
Full episode at twit.tv/sn657
Bandwidth for TWiT Bits is provided by CacheFly.
View all episodes
By TWiT
4.7
2323 ratings
With iOS v11, the iOS camera app is continually looking for QR codes and, when found, displays a confirmation message prompting the user whether they wish to open Safari at that URL. But there's a URL parsing error which allows the true URL domain to be hidden behind a spoofed display URL. By exploiting the URL parsing flaw one domain can be shown while another entirely different domain is visited.
Full episode at twit.tv/sn657
Bandwidth for TWiT Bits is provided by CacheFly.
More shows like Tech Break (Video)
View all
This Week in YouTube (Audio)
9 Listeners
Trey's Variety Hour (Video)
34 Listeners
This Week in Law (Audio)
109 Listeners
This Week in Law (Video)
6 Listeners
The Giz Wiz (Audio)
139 Listeners
The Giz Wiz (HD Video)
29 Listeners
Dr. Kiki's Science Hour (Audio)
96 Listeners
Maxwell's House (Audio)
35 Listeners
Jumping Monkeys (Audio)
72 Listeners
Ham Nation
116 Listeners
This Week in Enterprise Tech (Audio)
94 Listeners
net@night (Video)
24 Listeners
The New Screen Savers (Audio)
50 Listeners
Coding 101 (Audio)
15 Listeners
Futures in Biotech (Video)
10 Listeners
Padre's Corner (Video)
9 Listeners
FourCast (Audio)
0 Listeners
Ask The Tech Guy (Vintage) (Audio)
28 Listeners
Hands-On Photography (Audio)
31 Listeners
Ask The Tech Guy (Video)
0 Listeners