Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Skip to content

Infosec Handbook Review Issues : “... Weather app leaks IP address and other details...in cleartext.”

[These issues are created out of the Infosec Handbook review conducted on March 15, 2019. ]

(Issue title)

Infosec Handbook Review Issues : “In summary, the weather app leaks your IP address, the identity of your device, and maybe your location (city name, GPS coordinates). All is sent in cleartext.”

Summary

Infosec Handbook Review Issues : “In summary, the weather app leaks your IP address, the identity of your device, and maybe your location (city name, GPS coordinates). All is sent in cleartext.”

Steps to reproduce

To check context read here

What is the current behavior?

“In summary, the weather app leaks your IP address, the identity of your device, and maybe your location (city name, GPS coordinates). All is sent in cleartext.”

What is the expected correct behavior?

User details should not be leaked

Relevant logs and/or screenshots

(Paste any relevant logs - please use code blocks (```) to format console output, logs, and code as it's very hard to read otherwise.) (You can use adb logcat command to capture log of you device, when connected to a computer)

Possible fixes

(If you can, link to the line of code that might be the cause for this problem)

Edited by Manoj Nair