A Security Researcher Decompiled The White House App, & What They Found Is Pretty Alarming

submitted by

https://www.androidheadlines.com/2026/05/a-security-researcher-decompiled-the-white-house-app-what-they-found-is-pretty-alarming.html

A security researcher decompiled the White House’s new official app and found some alarming stuff buried in the code, including a hidden GPS tracking pipeline, JavaScript loaded from a random GitHub account, no SSL certificate pinning, and an in-app browser that silently strips cookie consent dialogs and paywalls from every page you visit.

6
115

Log in to comment

Hot Top New Old

None of that is surprising.

 reply
26

Damn click bait economy making tech journalists have to jebait us for revenue

 reply
8

And it gets even stranger. Apparently, the app is loading JavaScript from a random person’s GitHub site for YouTube embeds. Yes, you read that right, it’s just loading JavaScript from a random GitHub site. So if that account ever gets compromised, arbitrary code could run inside the app’s WebView.

Somebody has the opportunity to do the most hilarious thing.

 reply
18

At least they acknowledge that cookie consent does nothing and paywalls are ridiculous.

 reply
12

My shocked face 😶

 reply
10

I wouldn’t have expected any less.

 reply
10
Insert image