Context: mObywatel is a Polish app comprising most of critical governmental services.
In Denmark, the state is worried that releasing especially the ui code, will leed to more phishing. Thats their excuse for not releasing government projects source code.
Because replicating UI design is of course the hardest thing about phishing attacks, making them virtually impossible without the source code…god damn that is such a bullshit reason.
However, browsing it requires an active ”Profil Zaufany” (exactly translated to English as Trusted Profile) account, which is not available for registration for people outside of Poland.
According to the ministry’s statement issued in their own Public Information Bulletin, this requirement has been enforced as a part of ”recommendations issued by the Ministry of National Defence’s CSIRT team, which include the possibility of user accountability”.
Moreover, the published code cannot be easily copied over while browsing via the official website.
🙄 fucking user-hostile “security by obscurity” wankers
Even if you manage to log in here, there’s nothing much to browse here. It’s just the mObywatel’s UI generation code.
Which by itself is useless.
It’s the dumbest “security” rule I ever heard of. It’s a “limited access” shared by almost 30 million people.
I wanted to award it worst app name but translated from Polish it’s mCitizen which is a pretty dope name.
deleted by creator
deleted by creator