Infosec Handbook Review Issues : “... Weather app leaks IP address and other details...in cleartext.”
[These issues are created out of the Infosec Handbook review conducted on March 15, 2019. ]
(Issue title)
Infosec Handbook Review Issues : “In summary, the weather app leaks your IP address, the identity of your device, and maybe your location (city name, GPS coordinates). All is sent in cleartext.”
Summary
Infosec Handbook Review Issues : “In summary, the weather app leaks your IP address, the identity of your device, and maybe your location (city name, GPS coordinates). All is sent in cleartext.”
Steps to reproduce
To check context read here
What is the current behavior?
“In summary, the weather app leaks your IP address, the identity of your device, and maybe your location (city name, GPS coordinates). All is sent in cleartext.”
What is the expected correct behavior?
User details should not be leaked
Relevant logs and/or screenshots
(Paste any relevant logs - please use code blocks (```) to format console output,
logs, and code as it's very hard to read otherwise.)
(You can use adb logcat
command to capture log of you device, when connected to a computer)
Possible fixes
(If you can, link to the line of code that might be the cause for this problem)