I decompiled the White House's new app

> The official White House Android app has a cookie/paywall bypass injector, tracks your GPS every 4.5 minutes (9.5m when in background), and loads JavaScript from some guy's GitHub Pages (“lonelycpp” is acct, loads iframe viewer page).

Doesn’t seem too crazy for a generic react native app but of course coming from the official US government, it’s pretty wide open to supply chain attacks. Oh and no one should be continually giving the government their location. Pretty crazy that the official government is injecting JavaScript into web views to override the cookie banners and consent forms - it is often part of providing legal consent to the website TOS. But legal consent is not their strong suit I guess.

Interesting. The site is nearly unusable to me unfortunately. '19 MBP w/ Chrome - scrolling stutters really bad

> An official United States government app is injecting CSS and JavaScript into third-party websites to strip away their cookie consent dialogs, GDPR banners, login gates, and paywalls.

Giving people a taste of web with Ublock Origin annoyance filters applied, refreshing. Can’t believe orange man regime is doing one thing right.

"An official United States government app is injecting CSS and JavaScript into third-party websites to strip away their cookie consent dialogs, GDPR banners, login gates, and paywalls."

In their defense, this is the first thing the Trump admin has done that's unambiguously positive for ordinary people.

This is a pretty standard decomplation of an Android app.

I am sure if you decompile other apps used by hundreds of thousands of people, you would find all sorts of tracking in there.

Thanks for helping the White House improve their app security for free though.