Open ghost opened 2 years ago
great catch... Sheesh
Scheduled in the dev sprint.
Consult the Ionic team for the best practice and had some conversations with them regarding this issue today. The feedback is, this should be a piece of cake, just a two-liner task :P. I will update once they provide the reference solution.
Issue:
The GPS location of a capture in the android version of the Capture App can be spoofed using free third party apps and developer options in android settings.
Steps to reproduce:
Current app behaviour:
False location data is stored in blockchain as chosen in the 3rd party spoofing app.
Expected app behavior:
Location data is stored in blockchain according to the real GPS data instead of the false one.
Context:
This spoofing of GPS location could be abused by people who will use the Capture App for news sharing purposes. They can act as if they are in an area of incident without physically being there. And this has the potential to spread misinformation.
┆Issue is synchronized with this Asana task by Unito