Hacker News new | past | comments | ask | show | jobs | submit login

And the remote user's authentication is handled, how? And the routing, NAT, and discovery of your server's private IP address is handled?



None of that is necessary because you are not exposing anything to the internet. We are still talking about local sharing. Android does not have a firewall so there really is nothing to configure. But if you think it cannot be possible, try it for yourself.


You seem confidently oblivious of security concerns, almost as if you're just here to shill for a janky app.


Ok, let's paint this picture:

You scan a QR code to connect to someone's wifi.

All your traffic can now be captured. DNS requests will be logged. Some traffic might be redirected. When will the connection be closed? What if someone shows you a different QR code, and you're not that tech-savvy. For example a phishing webpage which asks for the user's password. Many many many people will still just enter their single-password-for-everything. What if the QR code is a deeplink to an app.. for example to a conversation on or whatever. Or maybe someone was previously logged in into some account.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: