I love people’s absolute moral outrage about scanning a QR code. The same folks crying bc they have to ask for a plastic straws or wear a smal piece of cloth on their face in the grocery store.
I wear masks, carry stainless steel straws so I don’t have to use paper ones. You want me to eat at your establishment more than once, don’t make me use my phone at meal time.
It’s a genuine security risk.
Menus aren’t killing the environment either.
If you’re using these links as restaurant menus as opposed to ordering platforms (this is how I use them, and how this post & other commenters seem to be presenting the concept) that’s kind of limited to a risk of straight up being phished in a situation where you don’t really have any reason to hand over your information.
In a pub/bar setting it’s helpful to know what’s available at the bar before I’m standing at it, especially if I’m buying a round. That is to say it generally lowers the bar to menu availability, not raise it. Because before the pub/bar would simply have no table menu and you’d figure out what you wanted by asking or looking at the taps
There are clickless exploits and other methods that don’t require you to enter information, nevermind that nearly all of these menus have ordering and payment available through them and mimicking websites is fairly simple.
QR codes cannot be trusted just like links from unknown sources cannot be trusted.
I think you’ll find there isn’t an Android or iPhone on the market today vulnerable to SQL injection or XSS etc via scanning a QR code. You’re talking about device vulnerabilities that get patched and it’s equally possible to encounter these exploits with plaintext URLs
You’re talking about device vulnerabilities that get patched
Patching out zero days takes time.
it’s equally possible to encounter these exploits with plaintext URLs
Yes which is why I clearly stated that following URLs from any unknown sources carries risk.
The difference is that due to menus being a point of payment they have a greater incentive for abuse.
So we shouldn’t use smartphone features if they could potentially have exploits? With this logic you shouldn’t have a phone.
We shouldn’t replace perfectly good solutions with unreliable, cumbersome, insecure, annoying shitty tech just because.
If the restaurant doesn’t have a good enough reputation that I couldn’t trust the QR they provided (which displays the URL so I can inspect it before launching the web browser), I also wouldn’t want to trust my health to eating there.
It isn’t like some random thing you found on the sidewalk.
Yeah, I get wanting to not reprint menus every time something changes, but there are ways to do that which are more convenient and accessible than “scan a QR code to go to a random website and pray you have working internet access and also the site is working and up to date.” Y’know, like a damn menu board on the wall. Whiteboard/chalkboard even!
This is my personal preference, a place I used to go a lot had a black board across one whole wall and the menu was hand written on it. The menu changed frequently and it was often full of flourish and creativity from some employee.
It is a privacy/security issue, not moral. A QR eatery will probably not accept cash either.
The issue is because it connects with a website right? I wonder if there could be a way to encode the text of the menu in the QR code itself
The QR code would be huge lol
The largest can fit like 500-1k words, a restaurant menu could be less than that I think
Yes web site is the issue.
Cannot embed menu instead because the QR code is a URL.
Why does QR code have to be URL only
Mostly because otherwise you’d need an app that knows how to read and display the data
oh, I don’t use my phone much, assumed they should be able to show some kind of plaintext from a QR code by default
You can. I’ve encoded text in QR codes using both an android app and a desktop program.
The QR code would be so big you may as well just print a full menu instead. Here, for example, is a QR code containing the first two paragraphs of the US Declaration of Independence:
It would have to be much, much bigger if you want to include any pictures.
Still seems much better than linking to a website.
When it is that big you may as well print a conventional menu rather than QR code.
I dislike qr menus mostly cuz their websites suck and I often don’t carry a phone.
I’ve used exactly one QR coded menu that didn’t suck. Every other one was some manner of infuriating, top method being “every item takes up 75%+ of your phone’s screen and is all arranged vertically so it’s impossible to compare two items without scrolling through 3-40 screens worth”.
That last bit is the most annoying part. I can’t stand not being able to quickly skim and compare and since most restaurants have too many items on their menu at it is I find it especially annoying.
Those smug cooks, making a few dollars above minimum wage.
I love how you can easily assume he’s French
It’s the accent
hon hon hon
been waiting for scammers to exploit QRs. wait’s over https://duckduckgo.com/?q=QR+linking+spyware
Been to one restaurant that only had QR codes, and it was horrible.
The wait staff were only there to clean tables. They just came by and slapped a QR code card on the table (yes, slapped, they clearly didn’t want to be there) and then walked away. The web site was horrible, and not designed with a small screen in mind. Had to order only through the website, including pay with my CC on their site. Also had to give them my phone number (so they could text me when my order was up).
Just the worst and most lazy corners cut at every possible chance.
How much did you tip the waiters?
At that point what services should they be tipped for?
Walked all the way to your table with a plate!
We have a rule: Phones stay in pockets/handbags while dining/going out and in flight mode. I also do not install apps on my phone, especially not in a hurry and without checking the app’s reviews and taking my time to decide what rights the app should have etc. They can give me a tablet to make my order if they don’t want to print menus.
We have both in our guesthouse, some people like spending more time working in cafe but can’t have them hoarding the menu for hours at end.
QR is convenient to place around a bigger property. People avoiding tech can simply enjoy walking to the outdoor or indoor seating area for a traditional experience.
The boomers are right about this one
Meh. I didn’t like it at first because it was unfamiliar, but I really don’t see anything wrong with it, especially if you can order and pay directly from your phone instead of waiting for a server to show up.
Qr codes can be malucious. Doesnt take a genius to swap one that compromises your phone while still tunneling to the menu so no one is suspicious.
You think a restaurant is going to give out a malicious URL to its customers?
Not knowingly.You could slap your tag into the page without anyone being the wiser and then them giving to the card to someone else to scan
if you can get a qr code on a current day phone that can auto install an app or tunnel, there are further issues at hand. the most a qr code might be able to do is redirect you to a website where it might try to prompt you to do something stupid with the phone.
I likely wont be fooled but i am not the target demographic to visit many bars or restaurants.
Soms people are easily fooled, shady people will exploit this.
Industries will also exploit this, if you’re on your phone anyway can easily serve you a form request for private information as well as picking up phone details trough their website already, over time i would not be surprised if the menu gets personalized in price and content to make sure they get the most they can.
Just put it up on the wall if you’re going to use a QR code.
At least as a backup. Sites break, internet goes down, occasionally people don’t have their phones, so on. Or maybe I’m just sick of looking at my damn phone.
This, but unironically
I love QR Code menus, especially when you can order through them.
But I hate when restaurants force them on you. Just give me the fucking choice so that everyone can order in the way they prefer.
Yeah but they can’t data track you through a paper menu, and a company choosing to lose revenue?? impossible
most of them only link to a PDF containing the menu anyways, they can’t track you there either
Most services that convert a link to a QR code absolutely track their users. bit.ly (the URL shortening company) has a paid service to track where, when, and device IDs of who accessed the link whether it was through their shortened URL or the conveniently generated QR code that they can also make you.
Pretty much any webhosted service out there essentially needs to track ip’s (unless they want to be ddos’d), so even the server thats serving the pdf can and will track you
They could even go the easy route and use something like bit.my to do it for them too
Yeah, but want I want to say with this: the restaurant gets nothing out of providing the menu only as a PDF. It’s stupid, just give me the OPTION to use a paper card, even though I prefer the PDF
If you’re on their WiFi, then they’re just getting the restaurant’s IP. If you’re on mobile data, then they’re getting your carrier IP, which is often inside layers of carrier-grade NAT. Either way, they don’t get much besides knowing you’re attached to a specific carrier.
Even then it usually goes through the device’s browser and fingerprints as hard as some JavaScript virtually can, but I figured that was a bit long for the original post
(I mean shit your device probably tells google itself where its going, much less the connections on the other end)
edit: and of course this isn’t just the restaurant collecting it cause why would they care, usually its a shady 3rd party that already has a massive profile on you they can cross-reference
Did anyone check what that qr code in the image points to?
Nosh-inal 🥸
Ben garrison is being called out
Ah yes, the old “insult everyone involved” gag.