The official White House Android app has a cookie/paywall bypass injector, tracks your GPS every 4.5 minutes, and loads JavaScript from some guy's GitHub Pages.
Likely nothing illegal. Quite a bit of bad dev habits. Some concerning security fuck ups, including pulling in JavaScript from a server they don’t control. Injecting JavaScript to subvert cookie/gdpr/login/etc popups on third party sites.
Just generally bad things to do, especially in a government provided app.
ELI5?
Likely nothing illegal. Quite a bit of bad dev habits. Some concerning security fuck ups, including pulling in JavaScript from a server they don’t control. Injecting JavaScript to subvert cookie/gdpr/login/etc popups on third party sites.
Just generally bad things to do, especially in a government provided app.