Most active commenters
  • dheera(3)

←back to thread

Bring back menus, QR codes are terrible

(slate.com)
527 points lxm | 15 comments | 29 Jun 21 03:25 UTC | HN request time: 0s | source | bottom
Show context
Karrot_Kream ◴[29 Jun 21 04:35 UTC] No.27671804[source]
I gotta say, I disagree with this piece. I, for one, love QR code menus. I can pinch zoom rather than squint at a menu with small/unreadable fonts in dim lighting. I don't need to badger the already exhausted wait staff on a busy night when they forget to drop us a menu or two. When orders are taken online, rather than awkwardly force a friend to not go to the bathroom (or take their kid to the bathroom) until a server can take their order, they can just order and then go. I do think restaurants should handle payment themselves and have the option for paper menus or menus posted on a wall if needed, but otherwise I'm a fan.
replies(5): >>27671896 #>>27672255 #>>27672565 #>>27675012 #>>27678146 #
dheera ◴[29 Jun 21 05:48 UTC] No.27672255[source]
Ugh. Why can't we have both?

First of all it takes a shitton of steps to scan a QR code if you don't have WeChat. On a default Android device you have to click 7 or 8 times to get into the QR scanner thingy inside Google Lens. I carry a 2nd phone with WeChat and I can scan things in 0 seconds flat, but most people don't have it around here in the US.

And then many restaurants' QR menus just redirect you to their website with a terrible experience, and sometimes no pictures.

And then it's annoying as hell to try to read a phone screen in daylight outdoors.

If you can print a QR menu just print the damn menu also. Put the QR code on the menu cover for people who really want that.

These days I often just ask wait staff what they have because I don't want to look at my phone.

replies(5): >>27672264 #>>27672292 #>>27672329 #>>27673378 #>>27673382 #
1. dragonwriter ◴[29 Jun 21 05:59 UTC] No.27672329[source]
> First of all it takes a shitton of steps to scan a QR code if you don't have WeChat Not really, on most real devices.

> On a default Android device you have to click 7 or 8 times to get into the QR scanner thingy inside Google Lens.

Perhaps, on stock Android with no manufacturer special apps. But the Samsung, Google, and LG Camera apps, at least, have “point at a QR code and the camera reads it”, so it takes as many clicks as opening the Camera app.

replies(2): >>27672460 #>>27672499 #
2. dheera ◴[29 Jun 21 06:16 UTC] No.27672460[source]
Hm, I have a Pixel 5 and it most certainly doesn't do that. Nothing happens.

https://i.imgur.com/kjFEwiR.jpg

Then again, starting about 5 weeks ago it also stopped responding to "OK Google" and 3 weeks ago it stopped announcing turn-by-turn directions during GPS navigation so I guess this is the state of tech in 2021 :-/

(Definitely don't want an Apple device though, massive privacy issue for me to use a closed source kernel and that I can't easily introspect and MITM SSL requests on to see what data is being sent about me, I do like Android for the fact that I can more or less much hook into any part of the OS and execute custom code to monitor what the hell apps are doing behind the curtain, and even give them fake-but-realistic sensor data to even further protect my privacy.)

replies(4): >>27672525 #>>27672806 #>>27672813 #>>27674702 #
3. atoav ◴[29 Jun 21 06:22 UTC] No.27672499[source]
Firefox Android can scan directly from the URL bar of a new tab.
replies(2): >>27673504 #>>27676962 #
4. dzhiurgis ◴[29 Jun 21 06:26 UTC] No.27672525[source]
How do you do MITM SSL when pretty much every secure app use key pinning.
replies(1): >>27672547 #
5. dheera ◴[29 Jun 21 06:30 UTC] No.27672547{3}[source]
Exactly, on iOS it's not easy, on Android it's far easier because the OS listens to you, not Apple or Google, and it's far easier to root Android than it is to jailbreak iOS, or run an open source fork like LineageOS and run the same apps on that.

You can (a) decompile the app, mod it, recompile it, sign it, and then execute it (b) modify the OS to not care about app signatures (c) bypass it with Xposed hooks, ... lots of ways.

replies(1): >>27672775 #
6. dzhiurgis ◴[29 Jun 21 07:07 UTC] No.27672775{4}[source]
I find hard to believe that you can decompile any app that has bothered implementing key pinning (which I always assumed is done at app level, not OS).
replies(1): >>27673300 #
7. fingerlocks ◴[29 Jun 21 07:12 UTC] No.27672806[source]
I think you have this backwards? Its much easier to bypass cert pinning and MITM a local process on an Apple device. Disable SIP on Mac OS or jailbreak an iPhone (15 minutes on almost the latest iOS), ‘lldb attach’ and away you swizzle.
8. bitten ◴[29 Jun 21 07:13 UTC] No.27672813[source]
Pixel user here too. You have to enable "Google Lens suggestions" in the camera settings for it to read QR codes automatically.

Drop down menu > Camera Settings > Google Lens suggestions.

replies(1): >>27677879 #
9. mcny ◴[29 Jun 21 08:28 UTC] No.27673300{5}[source]
Speaking of https, I will give my own example. I can get to the cockpit (local ip:9090) of my fedora machine on my android phone if I continue past the scary warning but not on my iphone.
replies(2): >>27673958 #>>27674388 #
10. saxelsen ◴[29 Jun 21 09:03 UTC] No.27673504[source]
You just blew my mind!
11. lorenzhs ◴[29 Jun 21 10:21 UTC] No.27673958{6}[source]
You can most definitely bypass the invalid certificate warning on iOS (I also have a device that uses a self-signed certificate and listens on a local IP, I can open its web interface just fine on iOS)
12. NavinF ◴[29 Jun 21 11:30 UTC] No.27674388{6}[source]
I can bypass the self-signed cert error on my iPhone 8 on iOS 14.4.2

That aside, what's the point? There's no practical threat model where https makes what you're doing more secure. If you have neither a domain name that can use a real TLS cert nor your own CA added to the mobile device, it would be trivial for someone to MITM you. Just configure your Fedora dashboard to use http if you don't care about security

13. atatatat ◴[29 Jun 21 12:08 UTC] No.27674702[source]
I stopped trusting Google to put out bugfree products right around the time the Chromecast 2 came out.

It's been a downhill expectation on experience since.

14. don-code ◴[29 Jun 21 15:12 UTC] No.27676962[source]
This made my day. I always love finding out about super-useful features I wasn't aware of in software I use every day. Thank you!
15. SethMurphy ◴[29 Jun 21 16:07 UTC] No.27677879{3}[source]
In addition on my pixel 3 you can open camera app and long press QR code. This works with or without enabling lens suggestions.

So, double press power button, long tap QR code, and click link to visit site.