CybersecKyle<p>QR Codes in Cybersecurity: Convenience Meets Caution <a href="https://www.cm-alliance.com/cybersecurity-blog/qr-codes-in-cybersecurity-convenience-meets-caution" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">cm-alliance.com/cybersecurity-</span><span class="invisible">blog/qr-codes-in-cybersecurity-convenience-meets-caution</span></a></p><p><a href="https://infosec.exchange/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cybersecurity</span></a> <a href="https://infosec.exchange/tags/Infosecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Infosecurity</span></a> <a href="https://infosec.exchange/tags/QRcodes" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>QRcodes</span></a></p>
#qrcodes
0 posts0 participants0 posts today
A Recursive QR Code
https://shkspr.mobi/blog/2025/03/a-recursive-qr-code/
I've been thinking about fun little artistic things to do with QR codes. What if each individual pixel were a QR code?
There's two fundamental problems with that idea. Firstly, a QR code needs whitespace around it in order to be scanned properly.
So I focussed on the top left positional marker. There's plenty of whitespace there.
Secondly, because QR codes contain a lot of white pixels inside them, scaling down the code usually results in a grey square - which is unlikely to be recognised as a black pixel when scanning.
So I cheated! I made the smaller code transparent and gradually increased its opacity as it grows larger.
I took a Version 2 QR code - which is 25px wide. With a 2px whitespace border around it, that makes 29px * 29px.
Blow it up to 2900px * 2900px. That will be the base image.
Take the original 25px code and blow it up to the size of the new marker, 300px * 300px. Place it on a new transparent canvas the size of the base image, and place it where the marker is - 400px from the top and left.
Next step is creating the image sequence for zooming in. The aim is to move in to the target area, then directly zoom in.
The whole code, if you want to build one yourself, is:
#!/bin/bash# Input fileinput="25.png"# Add a whitespace borderconvert "$input" -bordercolor white -border 2 29.png# Upscaled image sizeupscaled_size=2900# Scale it up for the baseconvert 29.png -scale "${upscaled_size}x${upscaled_size}"\! base.png# Create the overlayconvert -size "${upscaled_size}x${upscaled_size}" xc:none canvas.pngconvert "$input" -scale 300x300\! 300.pngconvert canvas.png 300.png -geometry +400+400 -composite overlay.png# Start crop size (full image) and end crop size (target region)start_crop=$upscaled_sizeend_crop=350# Zoom-in target position (top-left corner)target_x=375target_y=375# Start with a completely opaque imageoriginal_opacity=0# Number of intermediate imagessteps=100for i in $(seq 0 $((steps - 1))); do # Calculate current crop size crop_size=$(echo "$start_crop - ($start_crop - $end_crop) * $i / ($steps - 1)" | bc) crop_size=$(printf "%.0f" "$crop_size") # Round to nearest integer # Keep zoom centered on the target crop_x_offset=$(echo "$target_x - ($crop_size - $end_crop) / 2" | bc) crop_y_offset=$(echo "$target_y - ($crop_size - $end_crop) / 2" | bc) # Once centred, zoom in normally if (( crop_x_offset < 0 )); then crop_x_offset=0; fi if (( crop_y_offset < 0 )); then crop_y_offset=0; fi # Generate output filenames background_file=$(printf "%s_%03d.png" "background" "$i") overlay_file=$(printf "%s_%03d.png" "overlay" "$i") combined_file=$(printf "%s_%03d.png" "combined" "$i") # Crop and resize the base convert "base.png" -crop "${crop_size}x${crop_size}+${crop_x_offset}+${crop_y_offset}" \ -resize "${upscaled_size}x${upscaled_size}" \ "$background_file" # Transparancy for the overlay opacity=$(echo "$original_opacity + 0.01 * $i" | bc) # Crop and resize the overlay convert "overlay.png" -alpha on -channel A -evaluate multiply "$opacity" \ -crop "${crop_size}x${crop_size}+${crop_x_offset}+${crop_y_offset}" \ -resize "${upscaled_size}x${upscaled_size}" \ "$overlay_file" # Combine the two files convert "$background_file" "$overlay_file" -composite "$combined_file"done# Create a 25fps video, scaled to 1024pxffmpeg -framerate 25 -i combined_%03d.png -vf "scale=1024:1024" -c:v libx264 -crf 18 -preset slow -pix_fmt yuv420p recursive.mp4Terence Eden’s Blog · A Recursive QR Code
More from 
Terence Eden
blog! “A Recursive QR Code”
I've been thinking about fun little artistic things to do with QR codes. What if each individual pixel were a QR code?
There's two fundamental problems with that idea. Firstly, a QR code needs whitespace around it in order to be scanned properly.
So I focussed on the top left positional marker. There's plenty of whitespace there.
Secondly, because QR codes…
⸻
#art #qr #QRCodes
Terence Eden’s Blog · A Recursive QR Code
More from Terence Eden
Why are QR Codes with capital letters smaller than QR codes with lower-case letters?
Take a look at these two QR codes. Scan them if you like, I promise there's nothing dodgy in them.
Left is upper-case HTTPS://EDENT.TEL/ and right is lower-case https://edent.tel/
You can clearly see that the one on the left is a "smaller" QR as it has fewer bits of data in it. Both go to the same URl, the only difference is the casing.
What's going on?
Your first thought might be that there's a different level of error-correction. QR codes can have increasing levels of redundancy in order to make sure they can be scanned when damaged. But, in this case, they both have Low error correction.
The smaller code is "Type 1" - it is 21px * 21px. The larger is "Type 2" with 25px * 25px.
The official specification describes the versions in more details. The smaller code should be able to hold 25 alphanumeric character. But https://edent.tel/ is only 18 characters long. So why is it bumped into a larger code?
Using a decoder like ZXING it is possible to see the raw bytes of each code.
UPPER
20 93 1a a6 54 63 dd 28 35 1b 50 e9 3b dc 00 ec11 ec 11 lower:
41 26 87 47 47 07 33 a2 f2 f6 56 46 56 e7 42 e746 56 c2 f0 ec 11 ec 11 ec 11 ec 11 ec 11 ec 11ec 11 You might have noticed that they both end with the same sequence: ec 11 Those are "padding bytes" because the data needs to completely fill the QR code. But - hang on! - not only does the UPPER one safely contain the text, it also has some spare padding?
The answer lies in the first couple of bytes.
Once the raw bytes have been read, a QR scanner needs to know exactly what sort of code it is dealing with. The first four bits tell it the mode. Let's convert the hex to binary and then split after the first four bits:
TypeHEXBINSplitUPPER20 9300100000 100100110010 000010010011lower41 2601000001 001001100100 000100100110The UPPER code is 0010 which indicates it is Alphanumeric - the standard says the next 9 bits show the length of data.
The lower code is 0100 which indicates it is Byte mode - the standard says the next 8 bits show the length of data.
20 9300100000 100100110010 0000 10010lower41 2601000001 001001100100 000 10010Look at that! They both have a length of 10010 which, converted to binary, is 18 - the exact length of the text.
Alphanumeric users 11 bits for every two characters, Byte mode uses (you guessed it!) 8 bits per single character.
But why is the lower-case code pushed into Byte mode? Isn't it using letters and number?
Well, yes. But in order to store data efficiently, Alphanumeric mode only has a limited subset of characters available. Upper-case letters, and a handful of punctuation symbols: space $ % * + - . / :
Luckily, that's enough for a protocol, domain, and path. Sadly, no GET parameters.
So, there you have it. If you want the smallest possible physical size for a QR code which contains a URl, make sure the text is all in capital letters.
This blog post was exhibited at QR Show, NYC
Terence Eden’s Blog · Why are QR Codes with capital letters smaller than QR codes with lower-case letters?
More from Terence Eden
blog! “Why are QR Codes with capital letters smaller than QR codes with lower-case letters?”
Take a look at these two QR codes. Scan them if you like, I promise there's nothing dodgy in them.
⸻
#qr #QRCodes
Terence Eden’s Blog · Why are QR Codes with capital letters smaller than QR codes with lower-case letters?
More from Terence Eden
Ich habe ja keine Ahnung, und nur Chat nur hier von! ich frage mich aber, ob es #QRCodes gibt die so ziemlich ins „jenseits“ laufen und immer weiter. Es gibt einfach zu viele Cameras die ständig „on search“ sind. Macht so etwas Sinn?
Die Landeshauptstadt Kiel warnt vor gefälschten Aufklebern zur Bezahlung von Parkgebühren. Es handelt sich dabei um einen QR-Code, der nicht zur offiziellen easypark-App führt.
Kieler Nutzer*innen sollten genauer hinschauen, ob die #QRCodes vertrauenswürdig sind. Gefälschte QR-Codes haben einen pinkfarbenen Rand und werden über den Original-QR-Code geklebt. In einem Verdachtsfall sollte die Polizei hinzugezogen werden.
Infos von Easypark
https://www.easypark.com/de/so-erkennst-du-betrug
www.easypark.comWichtige Informationen: So erkennst Du BetrugSchütze Dich vor Betrug
Needless to say, don’t scan any random QR-codes you get spammed with here.
Replied in thread
@soatok +9001%
"#Quishing" with malicious #QRcode|s is rampant and even aided by the fact that most #QRcodes are run through #URLshorteners!
I'm always looking for interesting use cases for #QRCodes. This one certainly makes my list of cool: A #QR code based doorbell.
https://dingdongdoorbell.com/
dingdongdoorbell.comDing Dong Doorbell
Don’t know who needs to here this so I’ll say it loud.
DO NOT SCAN QR CODES
A friend did that a couple of days ago. It was on a machine in a car park to download their app. Except someone has replaced it and the first she knew was her bank letting her know they’d spotted fraudulent activity.
She was lucky and the bank stopped all the transactions and blocked her account. The next person might not be.