Closed karelbilek closed 10 years ago
dabura667
commented
10 years ago hmmmmmmmmm.... Maybe the ability to set a default QR reader should be an advanced option?
I think defaults should lean towards security. The dev can't vouch for the security of a 3rd party app.
karelbilek
commented
10 years ago Well, if you are scanning public addresses, the security is not that important anyway. It's true it can leak some unwanted info though On Jun 7, 2014 6:41 PM, "dabura667" notifications@github.com wrote:
hmmmmmmmmm.... advanced option?
I think defaults should lean towards security. The dev can't vouch for the security of a 3rd party app.
— Reply to this email directly or view it on GitHub https://github.com/ksedgwic/Wallet32/issues/11#issuecomment-45414749.
dabura667
commented
10 years ago Let's say I'm a QR reader app dev.
"hmm, I want to steal bitcoins... but how?"
if reader reads bitcoin QR code, change bitcoin address to my bitcoin address and not the one being scanned.
Some people will notice, some people won't. Anyone unrelated to bitcoin will not hear of the scam nor care, so my app still gets downloads, and a bunch of bitcoiners who were careless lose their bitcoins. I win.
Then if they ever catch heat for it: "oh we got hacked and someone implanted malicious code into our app."
karelbilek
commented
10 years ago Oh. That's true, I haven't realized this possibility.
OK. Maybe closing this issue
On Sat, Jun 7, 2014 at 7:28 PM, dabura667 notifications@github.com wrote:
Let's say I'm a QR reader app dev.
"hmm, I want to steal bitcoins... but how?"
if reader reads bitcoin QR code, change bitcoin address to my bitcoin address and not the one being scanned.
Some people will notice, some people won't. Anyone unrelated to bitcoin will not hear of the scam nor care, so my app still gets downloads, and a bunch of bitcoiners who were careless lose their bitcoins. I win.
Then if they ever catch heat for it: "oh we got hacked and someone implanted malicious code into our app."
— Reply to this email directly or view it on GitHub https://github.com/ksedgwic/Wallet32/issues/11#issuecomment-45415999.
I have an application called "QR droid" installed.
In other applications (like Electrum for Android, but other apps too), this application gets run when there is a need for QR code scanning.
This application (QR droid) detects and scans QR codes much better than the very basic and rudimentary scanner you have.
Would it be possible to somehow use that?
(As I am not an Android developer I am not sure how intents work, but something is written here http://qrdroid.com/android-developers/ )