[HN Gopher] Show HN: Scan QR codes to check-in guests registered...
___________________________________________________________________
Show HN: Scan QR codes to check-in guests registered via Google
Forms(tm)
Hi HN! I made a no-code platform for creating physical data
collection apps, using QR codes [1]. It does not yet have a self-
service config UI though, which limits adoption. That's why I
recently released a Google Forms(tm) add-on for QR code check-in,
based on the platform. This focused use-case makes it easy to
provide a fully self-service config UI. How it works: 1. Create
your Google Form as you normally would [2] 2. Activate the add-on
if you hadn't already [3] 3. Craft a confirmation email to be sent
to each form responder Upon each form submission, the add-on will
send a PDF with a unique QR code (a V4 UUID) to the responder.
Have guests present this code at the event, and record check-ins in
bulk using the included QR scanner. See here [4] for more
information, or try the Google Sheets(tm) version [5] (which
doesn't send email). [1] https://admin.trak.codes/ [2]
https://forms.google.com/ [3]
https://workspace.google.com/marketplace/app/qr_code_ticket_...
[4] https://blog.darkaa.com/qr-code-pass-per-response-google-for...
[5] https://workspace.google.com/marketplace/app/qr_code_pass_fo...
Author : komlan
Score : 62 points
Date : 2023-12-27 19:13 UTC (3 hours ago)
(HTM) web link (workspace.google.com)
(TXT) w3m dump (workspace.google.com)
| alaskamiller wrote:
| What's cool also is that this is from the West African tech
| scene.
| komlan wrote:
| Busted! Curious what gave it away, my username?
| davidjfelix wrote:
| 4th link to blog has a link to homepage. Homepage lists
| country in the footer.
| komlan wrote:
| Ah indeed ;)
| oh_sigh wrote:
| Is there actually an international West Africa tech scene? Or
| is it nation by nation?
| afandian wrote:
| Just a reminder to anyone using Google forms that you may exclude
| non-Google customers.
|
| My child's school uses them and it often the forms ask for a
| login. Google doesn't necessarily respect your choice to make a
| form public.
| komlan wrote:
| Indeed. This happens when the form is configured to collect
| "verified" emails.
|
| A form can use a custom field (doesn't require login), user
| input managed by Google Forms (named "Email", doesn't require
| login), or the google email of the user ("verified" email,
| _requires_ login).
|
| This add-on supports every one of these options.
| afandian wrote:
| Thanks, that's good to know.
| rahimnathwani wrote:
| I love the README/Overview on the linked page. It's really clear
| what this is for, why it's better than other solutions etc.
| komlan wrote:
| Thanks! I stole this structure from Obviously Awesome [1] by
| April Dunford, highly recommended.
|
| I just noticed the main submission link goes to the Google
| Sheets add-on, instead of the Google Forms add-on [2]. Oh well.
|
| [1] https://www.aprildunford.com/books
|
| [2]
| https://workspace.google.com/marketplace/app/qr_code_pass_fo...
| mlhpdx wrote:
| I like this for the "sum is greater than the parts" aesthetic,
| which keeps the door open to so many applications.
| komlan wrote:
| Thank you!
|
| The main platform is currently used by national post offices
| (physical mail tracking), health organizations (biological
| samples), banks (fixed assets tracking), manufacturing plants
| (parts inventory tracking), etc.
|
| QR codes make it easy to avoid data-entry errors in quite a
| large set of use cases with physical objects.
| EduardoBautista wrote:
| The overview is one of the best descriptions I have ever seen for
| what an app does and why I should use it. Well done.
| komlan wrote:
| Thank you! I stole [1] this structure from "Obviously awesome"
| by April Dunford.
|
| [1] https://news.ycombinator.com/item?id=38786113
| samstave wrote:
| This is WONDERFUL.
|
| EDIT: nto "But for use for" -- I meant "But in ADDITION" --
|
| But - for tool/item/inventory management in a garage.
|
| Get a cheap label printer [0], create a form of your
| tools/inventory with a matched set (code on tool, code on
| location of tool home) - Tool home has a QR code that leads to a
| tab in the sheet with all the tools that live in that location,
| container.
|
| Put airtags on the high-value tools, with links in the sheet to
| those.
|
| but scan a code on a tool - and it tells you tool details,
| including owner, home, whatever data properties you like.
|
| If you like barcodes/QR codes and GIMP - You will love BarTender
| (seagull Software [1])
|
| It allows you to make ANY type of barcode you want, QR code,
| badge, etc etc.
|
| Its AMAZING [Free*] software. (You only pay a cheapo $500 lic if
| you have a high volume printer for printing thousands of product
| labels fast - eles; its a super powerful free program with an
| utterly amazing and knowledgable supprt staf f (no affiliation)
|
| Here is a test I did making "Card Carrying Conspiracy Theorist"
| badges based on a comment from someone saying they were one. THe
| QRs go to the /r/ profile - as does the bar code.
|
| The image can be set as a template then do a merge for pics and
| employee data from a sheet....
|
| https://imgur.com/a/eyAxpcb
|
| (I like Guilloche designs (the swirly woven bits you see on
| money)) and so I used that motif - but the QR code placement and
| calc is automatic via Bartender.
|
| I made a bunch of labels for a cannabis company - and I tied the
| QRs through a tinyURL which did all the geocoding of the QR
| scanning so that we could send product to a particular place, and
| then track where and how many people scanned the QR (the QR went
| directly to the lab test reports for the makup of the cannibis,
| CBD, etc...
|
| So, then you could measure which market the CBD or THC were
| drawing most interest - and see how sales were vs scanning.
|
| anyway - QR codes get a bad wrap. They are lame for menues - but
| a goot idea is to scan a QR code, then just have a folder of
| scanned links for purusal later - as opposed to launching safari
| when I clearly dont ue safari. :)
|
| [0] https://www.amazon.com/qr-code-
| printer/s?k=qr+code+printer&p...
|
| [1] https://portal.seagullscientific.com/downloads/bartender
| komlan wrote:
| Wow, happy to find another QR code enthusiast here! They
| simplify a lot of things, indeed.
|
| Great use case! I did a tool inventory management use case
| once, with the underlying platform [1].
|
| It starts with generating QR codes for sticker papers [2], from
| the app. Those never expire and are all different (v4 UUID).
| You can then assign a QR to any new item, then scan it for
| registration in the app, specifying room, drawer, etc. (and
| gps, picture, etc. if needed).
|
| You can browse tools per room, drawer, etc., and scan anytime
| to record an update. Each tool gets a history trail.
|
| You can even make data-entry easier by making special QR codes
| for drawers; scanning them fills some form fields with presets,
| so you don't have to manually select stuff and make mistakes.
|
| I mostly see use-cases where other people scan a QR you made,
| but there are use cases where the QR codes are only ever
| scanned by you and your staff.
|
| [1] https://admin.trak.codes/ [2]
| https://share.darkaa.com/!9DXEQQTg2z/trak-qr-codes-demo-hn.p...
| samstave wrote:
| The QR code, use, whatever isnt the problem to solve to. Its
| resolution.
|
| This has always been a psychological issue with Humans and
| Signage.
|
| Signage is a HUGE FUCKING DEAL (If you have ever had to some
| up with a signage policy for a Hospital with _thousands_ of
| addressible spaces, where a certain population of 'stake
| holders' (nurses) are involved - getting naming/numbering
| correct in a large space where ALSO robots need to understand
| the convensions... that is south fast.
|
| I have a bunch of solutions on this matter - if you really
| want to deep into coding... (I orignially designed a coding
| schema for Lucas Letterman which was shot down by the head of
| ILM engineering as "the worst Idea He had ever seen" to later
| incorporate that into his networking duties as head of
| networking at goog)
|
| Anyway -- I am totally pro QR - but with GPTs, I feel like we
| are finally at the cusp to leverage them in a meaningful way.
| onetimeuse92304 wrote:
| The issue is, at least for me, I consider all QR codes as unsafe.
| Unfortunately, you don't know where the QR code leads you before
| you scan it and then it is already too late. So you can't do the
| equivalent of inspecting the link before you click it.
|
| Recently we were in a restaurant which required scanning a QR
| code to get served (for some reason asian restaurants like doing
| this). The codes were labels attached to the menu. I told the
| waitress "I can't scan the codes because I don't know who put the
| QR codes there". She told "the codes lead to their website". I
| told her "I don't know that, it takes a moment to print a label
| that looks exactly the same to my eye". She told me "it would
| then not point to their website". I respond if she knows what
| MITM attack is. She responded "if you can't afford a phone we
| should leave and go somewhere else".
|
| The funniest is those QR codes left at random in public. I
| imagine scanning these is like finding a random pendrive and
| putting it in your computer.
| abraae wrote:
| > Unfortunately, you don't know where the QR code leads you
| before you scan it and then it is already too late
|
| What are you so scared of? It isn't the 90s where by tricking
| someone into following a dodgy link their windows machine was
| instantly pwned.
| simon_acca wrote:
| Remote code execution vulns are still routinely discovered,
| for example: https://cve.mitre.org/cgi-
| bin/cvename.cgi?name=CVE-2023-4199...
| EduardoBautista wrote:
| I've never heard of this domain before, so I shouldn't
| click on it because vulnerabilities in the browser are
| still routinely discovered.
|
| Sorry for the sarcasm, but if you trust clicking on links
| in a browser, QR codes should be fine as well.
| fiddlerwoaroof wrote:
| Yeah, if your threat model involves not trusting links,
| you should be disabling JavaScript and CSS by default and
| probably not browsing the web in the first place. Libpng
| and other libraries frequently have fairly critical bugs
| that are a bigger concern than MitM attacks.
| ianbutler wrote:
| Trust me when I say randos aren't dropping modern 0days on
| restaurant menus. Not when a novel attack can fetch
| millions through brokers.
| simon_acca wrote:
| Not only do I agree with you, but I don't think anyone
| would be able to tell an attack was imminent if they were
| to see the URL anyway. I was just providing facts to the
| comment above that didn't seem to think RCE are a thing
| anymore.
| simon_acca wrote:
| There's apps that just scan the qr code into a text field no
| matter what its content is, then you can inspect the URL
| manually.
|
| Unfortunately there's a deeper problem in this security model,
| in that only a tiny tiny fraction of the web's userbase knows
| how to assess a URL, and even experts can easily struggle
| precommunicator wrote:
| > So you can't do the equivalent of inspecting the link before
| you click it.
|
| Of course you can. Use an application that allows it.
| EduardoBautista wrote:
| > Unfortunately, you don't know where the QR code leads you
| before you scan it and then it is already too late.
|
| iOS shows the domain if it is a URL and you have to tap it.
| It's no different from tapping on a link on a website, which I
| would say is more insecure since you don't even get the domain
| info before tapping.
| chatmasta wrote:
| There are less privacy assurances when opening a QR code,
| since it can encode a URL with precise physical information
| embedded within its query parameters (like "table number" at
| a restaurant, for example). That kind of information isn't
| available to the typical website.
|
| (FWIW, I actually wish more table QR codes _did_ contain
| these parameters - why do I need to enter the table number in
| the form after navigating to the online menu? I hate these
| things btw...)
| dweekly wrote:
| This is true, but also mostly moot, sadly, due to the
| pervasive use of URL shorteners for QR code services.
|
| So instead of seeing a nice hover-over of
| "SuperDeliciousItalian.com/menu", as often as not it will be
| "qr.to/f2CrS" or somesuch.
|
| So exposing the URL encoded in the QR code doesn't provide
| all the information you need to assess its validity or
| safety.
| hnlmorg wrote:
| That's a risk with any and all hyperlinks. There's nothing
| unique to QR codes with that.
| komlan wrote:
| It depends on which app you are using to scan the codes. For
| Trak [1], the main use case is to scan QR codes _you_ made
| yourself (or someone from your company made). The scanner
| simply rejects anything it doesn 't recognise as a valid (app-
| specific) code.
|
| [1] https://admin.trak.codes/
| jddj wrote:
| There are open source QR scanner apps on F-Droid which actually
| make you tick a box saying "I've checked the above URL and I
| want to visit that website" before they will open the browser.
| Grazester wrote:
| My QR code scanner shows me the content of the QR code. This is
| my Google Pixel phone btw
| ImportOllie wrote:
| If you consider all qr codes unsafe then use a tool to check
| them don't lecture the waitress on man in the middle attacks...
| hnlmorg wrote:
| Not only is this the wrong place to vent your annoyances with
| QR codes (it's tangential to the Show HN) but you honestly come
| across as an unpleasant customer if that's how you interact
| with your restaurant servers (you could have just said "my
| camera is broken, do You have an address I can type instead").
| zoezoey wrote:
| This is awesome!
___________________________________________________________________
(page generated 2023-12-27 23:00 UTC)