Well, that assumes a supermarket self-checkout. (Which, admittedly, is the most likely possible use for this kind of attack.) But there are other places where barcode readers are there for the general public to use.
As an aside, the barcode readers I've encountered at work do not need to be put into a programming mode. But on the other hand, my employer tends to go for inexpensive equipment...
There thing is that these scanners can be programmed to accept only a number of characters but nobody bothers to do so.
It probably wouldn't make that much difference anyway. Typically the only way to program barcode readers is by using special barcodes from the manual or printed out from the manufacturer's software. An attack would just need to start with the special barcode for 'enable these characters'.
Well, maybe. Evidently there is some case to be made for it being possible to use control characters in a barcode, else the standards wouldn't include them. It must be useful to someone, somewhere. So it shouldn't really be up to the scanner hardware to say "yeah nah, not passing that on, ever".
And as others point out, it's not really within the scope of applications to decide whether or not certain keypresses go through to the OS. So what does that leave us? Really just the device driver for the barcode reader. If it were possible to set as an option in the device driver "ignore control characters from this 'keyboard'", that'd do it.
I don't doubt that many do it that way, but my own (admittedly limited) experience is a similar, but less dishonest/manipulative method.
Some years ago, I was at the recording of a comedy panel show (Good News Week back when it was on the ABC, in case there are any Australians of the right age reading). The show gets recorded, various bits get trimmed out for various reasons - so it'll fit in the time slot, because they messed something up, excessive swearing, etc. Before the show starts, they played clips from previous shows, including things that were funny but had to be left out for time, things that were hilarious but too sweary, etc. Same ultimate effect; warming the audience up, but it's all still from the show's own merits.
It took this? Not our general policy of running around the world tampering with governments, murdering people, and blowing up cities for profit?
Those did kill it most of the way, and the "somewhat interested" is conditional on some pretty unlikely things, such as someone else footing the bill for the trip.
Yes, they have made a lot of changes, but those changes have only pissed off the tablet users. So now you have an OS that not only desktop users don't want to use, but tablet users don't want it either.
Sounds like a step in the right direction; the insistence on using the exact same UI on tablets and desktops is the biggest thing wrong with Windows 8. Which no-one really wants to use on either desktop or tablet anyway, so I'm not really seeing a lot of downside to these changes.
Sure, businesses upgrade when they need to. Never a moment before there is a serious, compelling NEED to upgrade; typically something they absolutely need to operate absolutely needing the newer version, or existing hardware failing and new purchases coming with the new version. The business I work for has mostly XP workstations, and the server that we rely on most is running NT 4.0.
"Upgrade when you need to" is secondary to "if it ain't broke, don't fix it". Whatever shiny new features the newer version has, there are always teething problems with an upgrade. They could be minor, such as needing to tweak the config of something and only taking a few minutes. Or they could be major, such the software you need not working properly with the new version and needing some rewriting, taking who knows how long. And there's no way of knowing ahead of time what it'll be, so upgrades are always a crapshoot on how much productivity you'll lose in the process.
It's nice that there is an option to disable it - even if it is indirect. But the fact that the "feature" is there at all still offends me. When the makers of a browser decide it's a good idea to turn my browsing history into targeted advertising, I decide a different browser is a good idea.
I've been making less use of Firefox in general in recent years anyway, but this is the straw that broke the camel's back. Firefox gets uninstalled on all my machines.
"Help Mr. Wizard!" -- Tennessee Tuxedo