4 comments

[ 3.3 ms ] story [ 22.4 ms ] thread
Bit.ly could follow the links, see if they redirect, and if they do then don't flag them as ".gov" if they don't terminate on a ".gov" site.

Ultimately however it would be better to eliminate these insecure redirects because even without bit.ly spammers can use .gov websites to make their link seem more legitimate.

It's not hard to not redirect bit.ly but redirect victims that click the link.

Some .gov sites need the redirect for whatever reason, but they could check the referer.

Or a step further: don't use the usa.gov URLs for any link that appears to contain an embedded URL (e.g, contains "http://" or "https://").
This is clearly a public safety issue. Private industry should set up a licensing board that regulates government use of technology, contingent on some demonstration of competence.