It seems there is something of a standard test string for anti virus (wikipedia has more on this).
The idea is that systems that look for viruses will have this string loaded as a signature of a valid virus, and so react as such. This allows you to test virus checking systems without an actual virus being used. Obviously some systems may flag as "test virus" or some such, and some may not have this "standard" string.
The string is :-
So far, so good, but what people are doing (see tweet) is putting that in a QR code, e.g. this (feel free to copy this image).
[note the white space around the image is part of the QR code spec]
And then sticking it on a car, or a hoody, etc..
The result is that some systems that happen to log the content of QR codes they see, e.g. on CCTV and the like, promptly trip their virus detection systems. Ooops.
Of course this does raise questions of whether this could count as Computer Misuse, but then should such systems be reading QR codes off a hoody anyway?
P.S. My QR code generator is on GitHub if you want... It seems to be more efficient than most (though no advantage for this particular case), and has a lot of options (png, svg, text, binary, eps, ps, hex, data URL). Have fun.
EICAR test QR
Subscribe to: Post Comments (Atom)
So.Energy & Ombudsman
It has been hard work, but I finally have a sensible final bill from So.Energy. It was only Electricity that was the issue. The problem was ...
Broadband services are a wonderful innovation of our time, using multiple frequency bands (hence the name) to carry signals over wires (us...
It seems there is something of a standard test string for anti virus ( wikipedia has more on this). The idea is that systems that look fo...
For many years I used a small stand-alone air-conditioning unit in my study (the box room in the house) and I even had a hole in the wall fo...
I'm wondering why anyone would have a CCTV system automatically logging QR codes... I can't think of a purpose for it (other than some kind of custom system, such as logistics companies identifying their own vehicles, etc.)ReplyDelete
There are generic vision libraries you can buy in that do QR codes, multiple country variants of ANPR and a few other useful things for fleet tracking, and output the data in a form that your "real" application can consume.Delete
I wouldn't be shocked to discover that (for example) petrol station ANPR to help deter drive-offs was using a generic vision library that does the lot, and filtering for number plates instead of configuring the library to only do number plates. A lot of this software is done on the cheap, after all.
"X5]+)D:)D<5N*PZ5[/EICAR-POTENTIALLY-UNWANTED-OBJECT-TEST!$*M*L" should be added too....ReplyDelete
I really don’t understand why CCTV would read the QR codes but I can see the next blog of you attaching the QR code to your bike. :)ReplyDelete
Can see cops/dignitaries perhaps having a QR code as "see this code, change the lights for me" perhaps?ReplyDelete
If you mean traffic lights, there's already a system in place for that, I think called OptoCom. From what I've read, it has mechanisms to prevent abuse by unauthorized motorists. A QR code, however, wouldn't be secure enough.Delete
Just write ''I can't breathe'' or ''I am Deaf'' on your mask with a Sharpie.ReplyDelete