The official White House Android app has a cookie/paywall bypass injector, tracks your GPS every 4.5 minutes, and loads JavaScript from some guy's GitHub Pages.
  • roadrunner_ex@lemmy.caEnglish
    6·
    3 hours ago

    Not that it makes it "good’, but the issues found seem (to me) more incompetent than nefarious, at least.

    • andz@lemmy.world
      2·
      18 minutes ago

      Don’t know what your definition of nefarious is but to me the whole thing sounds shady as fuck from top to bottom and I’m being generous when I call it that.

  • TehPers@beehaw.orgEnglish
    10·
    5 hours ago

    Poor lonelycpp. They became a target for major nations worldwide over such a dumb reason.

    If I were them, I’d do anything I can to break the app immediately and force them to use anything else. I wouldn’t want to be in the supply chain for an app like this where being compromised is immediately a RCE incident for a government app.