Replies to post #136396 on NeoMedia Technologies, Inc (NEOM)

[Saint Andrew]

One would certainly hope our end-to-end solution has made provision for water-tight security.

If not.. then NEOM had better start thinking about it NOW.

[jonesieatl]

As SaintAndrew says, I hope we have the solution in hand ....

.... as the potential problems are significant.

Does Neomedia have people working for it at this time capable of handling such issues?

For those who may not have read all the way to the end of that article:

"They discovered that the mechanism (reading 2D barcodes with cameraphones and going to the indicated websites) is ideal for Cross Site Scripting (XSS). This is an attack that normally exploits vulnerabilities in Web sites.

Untrustworthy information, perhaps in the form of harmful script codes, is frequently embedded in a page notified to the user and classified by the user, in principle, as trustworthy. Passwords or account data, for example, can be captured by phishing.

While "cross newspaper scripting" on the mobile phone you would only have to "rent" one barcode place in a print product, insert a link after it to a kit containing malicious software - and that would give you some form of control over large numbers of iPhones and other mobile devices.

The boarding passes that are now commonly printed out from the Internet, containing two-dimensional codes to indicate the flight and booking numbers as well as the class of seat, are favourite playgrounds according to FX.

By linking to the barcodes on baggage labels, you could use them to foist the wrong suitcases, perhaps filled with bomb materials, on passengers, thus branding them as potential terrorists."