Rule #1: If you want something to be private, don’t broadcast it (even blurred out!) on TV

For a change, it’s not a password that is revealed.

Graham Cluley
Graham Cluley
@
@[email protected]
@gcluley

Hide your QR codes on TV, not just your passwords...

BBC News reports:

Two French hackers used their computer skills to reconstruct a blurred-out code on TV and claim bitcoins worth $1,000 (£760).

Michel Sassano and Clement Storck had seen an interview with entrepreneur Roger Ver on French television.

Sign up to our free newsletter.
Security news, advice, and tips.

Mr Ver had offered $1,000 to viewers – but a QR code needed to claim the money had been blurred out.

The duo analysed a small part of the code that was visible, however, and managed to access the funds.

Here’s the French TV report (en Francais, naturellement) which contained the blurred out code:

Complément d'enquête. Les millionnaires du bitcoin - 12 octobre 2017 (France 2)

Here’s the part of the QR code which was left unobscured for a brief moment in the report, alongside part of the blurred private key:

Revealed qr code

And here’s how Sassano and Storck managed to decode the private key.

Impressive.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.