Don't most people within the HN demographic mouse over to see the link in emails...

Spare_account · on Dec 29, 2019

For comparison, my phone shows me the URL that the QR code decoded to, and prompts me to confirm that I want to browse to it

SlowRobotAhead · on Dec 29, 2019

Remember bitly, AMP, CDNs?

Also, as to something like a javascript exploit in a URL itself, QRs can hold a surprising amount of data, enough to max out most URL browser limits around 2,048 bytes.

sp332 · on Dec 30, 2019

At least bitly lets you look before you keep. Add a + to the end of any bitly URL to see where it goes, when it was created, and how many peole clicked it.

Spare_account · on Dec 30, 2019

You've described some of the scenarios that would result in me not clicking the link. The feature works well, doesn't it.

This is functionally the same as hovering over links in emails, which is the context in which I made my comment.

SlowRobotAhead · on Dec 30, 2019

Ok, explain those to my mom.

nkrisc · on Dec 29, 2019

Ok but if it's a bitly link then I'm still not clicking. Just like it an email includes an obviously shortened email.

sylvanaar · on Dec 29, 2019

Bitly is so useful though for making usable QR links

octorian · on Dec 29, 2019

On the desktop, especially if the Email is even slightly suspicious? Always. On mobile, it's somehow a lot more difficult and user unfriendly.