The Trump administration’s new official app arrived with fanfare and promise. “The White House” app, available now on both Android and iOS, was supposed to deliver “unparalleled access to the Trump administration.” What it’s actually delivering, according to security researchers who dug into its code, is a masterclass in how not to build a mobile application.
This isn’t hyperbole. Security experts are genuinely alarmed about what’s hidden inside this app’s framework, and the deeper you look, the worse it gets.
Location Tracking Every 4.5 Minutes
A security researcher who goes by @Thereallo1026 on X decompiled the Android version and found something deeply unsettling: the app tracks your location as frequently as every 4.5 minutes. That data then gets shared with third-party servers, along with your notifications and potentially your phone number.
Think about what that means. Someone opening the White House app to read a press release could have their movements logged and transmitted to unknown servers dozens of times per hour. The app’s stated purpose is to deliver news and government information. There’s no legitimate reason for location data at that frequency.
Thereallo also flagged another vulnerability that feels reckless. The code for YouTube embeds comes from a personal GitHub account. If that account gets compromised, every single user of the White House app becomes vulnerable. That’s not just a security gap. That’s leaving a door open and hoping no one walks through it.
The iOS App Lied to Apple
Atomic Computer Services, another cybersecurity firm, analyzed the iOS version and found a different but equally troubling problem: the app told Apple’s App Store that it doesn’t collect location data. Except it does. The GPS tracking capability is built right into the code.
Whether that tracking actually activates is unclear, but the point is that the app contains location surveillance functionality that wasn’t disclosed to Apple during the App Store submission process. That’s not a gray area. That’s a direct misrepresentation.
Atomic Computer also found that privacy consent banners from third-party content had been stripped out and that security protections were minimal across the board. The firm’s assessment was cutting: “We’ve audited apps for startups with three employees that had better security than this.”
What’s Actually in the App?
The legitimate features are pretty standard stuff. There’s a collage video of President Trump when you open it. Pages dedicated to affordability metrics like egg and milk prices. An overtime calculator. Links to press releases and livestreams of briefings. Social media feeds and presidential photos.
None of that requires location tracking. None of it justifies the security vulnerabilities that researchers discovered.
Why This Matters More Than You Might Think
Government apps exist all over the world. They can be useful. A spokesperson for the Center for Democracy and Technology acknowledged to CNET that mobile apps can genuinely help make government more accessible. But they added something important: “This administration has given people a lot of reasons to worry about their privacy, and this app only raises more questions about what the federal government is doing with our personal data.”
That’s the friction point here. It’s not just that the app has security problems. It’s that the security problems exist in an environment where trust in government data handling is already fractured. When you combine lax protections with questions about data usage, people reasonably wonder what they’re signing up for.
The White House didn’t respond to requests for comment about the technology concerns. That silence speaks volumes.
The Practical Question
Should you download it? The answer is straightforward: no. The app isn’t necessary. You can read White House press releases, watch briefings, and follow administration updates through a web browser without handing over your location data every few minutes. You can check official social media accounts without a third-party server logging your movements.
One tech writer deleted the app ten minutes after downloading it. Hard to blame them.
The real question isn’t whether individuals should avoid this app. It’s whether a government body should be distributing software this poorly constructed and this privacy-hostile at all. When a startup with three employees can do better than the executive branch, something has gone very wrong.
