Comment by armchairhacker
20 hours ago
> people can be bribed or convinced to join botnets so IP whitelisting doesn't work either
Do you think this won’t also be bypassed, by bribing people to scan QR codes and spoofing location etc.?
20 hours ago
> people can be bribed or convinced to join botnets so IP whitelisting doesn't work either
Do you think this won’t also be bypassed, by bribing people to scan QR codes and spoofing location etc.?
The person who scanned to QR code is knowable. They have their IMEI encoded in the response.
Allegedly can be spoofed.
But regardless, I imagine scammers will circumvent this to buy products, login to bank accounts, etc. of the exact users they’re targeting. The user will be presented with “Scan this QR code for $100” as the scammer is logging into their account with spoofed metadata.
> Allegedly can be spoofed.
Not on a non-rooted device, which won't pass attestation.