Call me crazy, but I don’t think an official government app should be loading executable code from a random person’s GitHub account. Or tracking your GPS location in the background. Or silently stripping privacy consent dialogs from every website you visit through its built-in browser. And yet here we are.
The White House released a new app last week for iOS and Android, promising “unparalleled access to the Trump Administration.” A security researcher, who goes by Thereallo, pulled the APKs and decompiled them — extracting the actual compiled code and examining what’s really going on under the hood. The propaganda stuff — cherry-picked news, a one-tap button to report your neighbors to ICE, a text that auto-populates “Greatest President Ever!” — which Engadget covered, is embarrassing enough. The code underneath is something else entirely.
Let’s start with the most alarming behavior. Every time you open a link in the app’s built-in browser, the app silently injects JavaScript and CSS into the page. Here’s what it does:
It hides: Cookie banners GDPR consent dialogs OneTrust popups Privacy banners Login walls Signup walls Upsell prompts Paywall elements CMP (Consent Management Platform) boxes
It forces body { overflow: auto !important } to re-enable scrolling on pages where consent dialogs lock the scroll. Then it sets up a MutationObserver to continuously nuke any consent elements that get dynamically added.
An official United States government app is injecting CSS and JavaScript into third-party websites to strip away their cookie consent dialogs, GDPR banners, login gates, and paywalls.
who the fuck would download this shit?
republicans are so fucking stupid
Legitimately was going to say the same thing. Who would ever download this garbage?
The narcissism is embarrassing.
stone age tribalism pretending to be individualistic–you are a unique and special snowflakeBUTSNOWFLAKESAREBADDONTBEASNOWFLAKE
Give it a few months and your phone will helpfully install it for you.
Oh it’s not just Republicans, any bootlickers suffice! Or people who just don’t follow politics the way many others do.
I downloaded it so I could rate it 1 star and then delete it.
Liberals are kinda dome too. Remember the USA is commiting a genocide under both parties leadership. We have no options but imperialism with a smile or a frown but always the root is wearing a crown. Hidden leaders or leaders frothing at the mouth. We still live in feudal ages, this I have no doubt. Welcome to the lords and ladies of the clown kingdome. We are a lost people and the mechanisms that we think we have are just a hamster wheel. We have to be radical and do something different to ever see change. All past moments were pacification to quell the peasants rage… they take their time high on the hog and move on to the next stage. Left foot right foot the empire marches on.
This is so poorly formatted, it’s difficult to know where to start. As a liberal, I’m apparently “kinda dome.” I in no way resemble half a sphere.
The Kingdome was a sports arena in Seattle that was demolished while I was in college there … the hed was “Kingdome fall down, go boom” as the strip story. I was not yet in any position of power and winced at this absurd hed.
If you want to get involved in leftist circles, this is not the way to do it. Speaking in absolutes and cliche sounds more like an LLM than activism, except ChatGPT would have done a better job.
Also, apostrophes are a thing. Check out Wikipedia if you don’t believe me.
The ios writeup was even better. Found it from the comments in op.
https://www.atomic.computer/blog/white-house-app-security-analysis/
The author is way too generous offering their services to the Trump administration. The app is a massive security hole by design. This administration is not your standard business client, they are the attacker that you defend against.
If your
adversariesbuddies haven’t already done this analysis, they’re having aslowgood week.
