Agreed. I used to work in a library, and was able to do something similar with our scanners.
The only thing "new" might be the recognition of being able to pass "alt-?" key combos through PDF-417 barcodes, which are becoming more and more ubiquitous, while the scanners still just pretend to be keyboards.
>“General speaking, we can make [a barcode scanner] to 'type' any keys to the host system, not only the 0-9 and a-z,” Yu said. He claims this lets someone create a boarding pass to “execute any command on computer.”
At a guess, they encoded Win+R cmd <enter> into a barcode. It's a neat trick with big potential.
The point being that it assuredly is trivial, but also potentially a gaping hole left open across a wide array of software.
In these sorts of situations, as with the Y2K bug, the problem is more often the product of social circumstances than technical circumstances.
Nonetheless, this doesn't prevent technical adversaries from preying upon the flaw, and taking advantage of social patterns of behavior, such as the casual tendency to presume barcodes are intrinsically safe.
The only thing "new" might be the recognition of being able to pass "alt-?" key combos through PDF-417 barcodes, which are becoming more and more ubiquitous, while the scanners still just pretend to be keyboards.