House Democrats introduced legislation that if passed would force federal immigration enforcement agents to wear a public-facing identification in the form of a clearly visible and scannable QR code during enforcement actions.
The measure, H.R. 7233, was introduced last week by Rep. Ritchie Torre, a Democrat from New York, and referred to the House judiciary and homeland security committees. It currently has two cosponsors, Democratic Reps. Darren Soto and Shri Thanedar, and has taken no steps beyond initial referral.
Oh this is sinister. They can now add malicious things to QR codes. So literally you scan it and tell on yourself to Palantir. Fuck morons.
no one can force you to follow a link you scan, that is not how it works.
the problem i see in this is that when someone is shooting you in the back, it doesn’t help much that he is labeled with qr code.
This is why they should be disarmed, defunded, and dissolved.
They are enforcing paperwork. They need a pen, not a gun.
yeah. i mean step one should be banning them from wearing face mask. wtf kind of logic is that you are allowed to wear face mask and then they put qr code on you to compensate for that? they will just shoot you when you try to scan it and say they were afraid for their life.
Google and apple can, they could make it a convenience update. Lol https://www.cloudflare.com/learning/security/what-is-quishing/
I’m sure Palantir is motivated enough to find a way.
technique described on the link still requires you to actively open the link after you scan it.
I have seen phones auto-open scanned links, it was one based on android.
that is really bad application and you can choose some other. it is really not the norm. the point is this is not some universal vector of attack.
it is stupid attempt for a solution anyway, but not for this reason.
QR codes can contain other types of information aside from URLs (whose content can be altered remotely by the host). For instance, they can contain vCard data, where the subject’s name and business info are hard-coded into the pattern itself, with no remote connection needed (intended for sharing contact info without internet access). That format might be more appropriate for this case.
This will not work. The problem with vcard QR codes is that they are too dense. People would need to be shooting high resolution video at close distance with a steady hand for the scan to be successful. The only way this could reasonably work would be if they were wearing large micro QR codes, but not all scanners can read those.
VPN or IP spoofing?
The problem I see is if they’re too small. Maybe somebody records an agent doing something fucked up, but unless you can nab a high fidelity screenshot showing the QR code clearly, does it really matter if it’s there?
It would be good to have a digital database tracking each agent, saying “so-and-so was spotted at such-and-such place doing this-and-that; here are some photos and video evidence.”
Or “Here’s a group of ICE thugs brutalizing a bystander. Here are the QR codes that were spotted.”
But again, that all depends on people actually being able to scan the QR codes…
I guess it depends on the data. I suggest it’s their full name, and home address.