Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

> The official White House Android app has a cookie/paywall bypass injector, tracks your GPS every 4.5 minutes (9.5m when in background), and loads JavaScript from some guy's GitHub Pages (“lonelycpp” is acct, loads iframe viewer page).

Doesn’t seem too crazy for a generic react native app but of course coming from the official US government, it’s pretty wide open to supply chain attacks. Oh and no one should be continually giving the government their location. Pretty crazy that the official government is injecting JavaScript into web views to override the cookie banners and consent forms - it is often part of providing legal consent to the website TOS. But legal consent is not their strong suit I guess.



Aren't the banners for EU page visitors. I don't think there is a US law about this, is there?


Some states have them. California has a similar one "Don't Sell My Personal Information."


I think the Supremacy Clause protects federal agencies but not sure. Also Privileges and Immunities, and Commerce clauses...


And when the app links off to an EU site? Nothing prevents an EU user from using this app. There are a variety of Trump enthusiasts, though I suspect less than there are here in the US.


I think they just fine the entity doing business in the EU. If they don't do business there, I can't see any issues.

I'm not an attorney, but I don't find any cases that extend beyond that.


Quite honestly, it’d be hilarious to see the clown car response from the White House if some EU bureaucrats tried to enforce their GDPR rules on the White House though. “Lol Make us” is the nicest response I can guess at.


Please don't give them ideas.


They conduct a pervasive, hidden, persistent user tracking not only without consent, looking at the analysis, but also stripping the user from a chance of declining tracking on other sites.

I'm quite sure that's illegal.


Which federal law would be relevant here? I'm only aware of California and EU laws that might be. But, I'm fairly certain they don't apply to the US government because of several Constitutional and international laws superseding.

I'm not sure. If there is an attorney to answer that would be interesting.




Consider applying for YC's Summer 2026 batch! Applications are open till May 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: