Hacker News new | comments | show | ask | jobs | submit login

Such a simple and wonderful idea; it brightened my Sunday. (Edit: I wonder how soon it will take SBX to decide that this is a vulnerability in their mobile app and change something that will break this.)

It really doesn't seem that much of a "vulnerability" actually. The only way to get a picture is if you get ahold of the victim's phone, or they willingly give it up to you.

If you get ahold of the victim's phone, the victim has bigger problems (NFC, e-mail, saved passwords, etc.).

All you need is a high-res picture of the victim's phone. Take a picture of them paying, use the same barcode yourself.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact