Do people still hand out physical business cards at events or is it all digital now?
i should have asked before ordering 50, lol
Do people still hand out physical business cards at events or is it all digital now?
i should have asked before ordering 50, lol
At my job we recently got 15 plastic cards with an NFC chip. Scan the card and you go to a page where you can add the info to your contacts. There’s a qr code for when NFC is disabled and too complex to turn on for some people (i.e. CEO’s and the like).
This being Lemmy, this’ll probably get comments like “never scan an unknown NFC tag blah blah blah”
God, information security! Only total losers care about that! I just cannot possibly imagine why CEOs never have phones with working NFC. Cannot possibly be because IT disables it so the brainless cretins don’t scan the thousands of unknown NFCs that get pushed on them by arrogant and conceited industry randos who wont leave them alone. Nah. That can’t be it.
… Blah blah blah.
Why is NFC needed in this case? Regardless of this being a potential security risk (which it is, but it’s not my point here), does it provide any additional value over a QR scan, which can easily store a URL or a contact information?
Contact images, perhaps? Or maybe just aesthetic purposes with however they’re choosing to distribute their contacts, and don’t want to paste QR codes in places. For contact transfer, I don’t think there’s much technical advantage to using NFC over a QR code, since QR codes can fit a lot more data than most people realize.
Not needed, but convenient. NFC is enabled by default on most phones so all they have to do is touch the card.
I see your point, but seems the same effort as a QR scan
NFC: hold to card, done. Qr: unlock phone, open camera, scan, confirm opening link.
Granted, it’s 4 seconds vs 0,5 second but still.
Our phishing training specifically says don’t scan random QR codes or nfc tags.
Yeah but it’s not random. It’s a business card. Surely some trust in other people can be possible.
If you’re in a vaguely sensitive industry, there’s going to be a few people seeing what they can get into at those conferences.
This is especially true of things like cyber security conferences, or tech. They’ll be crawling with corporate spies.
Actually, I’d say any major trade or industry conference is going to have corporate spies and more… eh, freelance trying to see what they can get into.
So the question becomes: have you/your company run a background check on that guy? No? Then why the hell do you trust him?
Because he paid $10k for a booth to talk about bird safe window tinting, and can actually answer questions about bird safe window tinting. Dude wants to go through all that work into maybe fooling me into giving up my work login credentials, more power to him.
I mean, random NFC tags, I can understand. But, isn’t advising someone to avoid QR codes obsolete by now? It was a pretty worthwhile attack vector at one point, but nowadays most phones will ask “Do you want to <handle> <contents in full>?” before actually doing anything with it…
Although, now that I think about it, it is best practice to advise to the lowest common denominator… Sometimes I overestimate users’ ability to avoid doing stupid things…
That process is safe until it’s not. There may be an exploit there waiting to be discovered. Thst exploit will never happen if you just don’t.