Yesterday, I talked about how the Russian Zlob gang was abusing open redirectors on the Net to seed Google with links to malware. I’d made a list of such open redirectors over the past few days, and have been contacting the owners of the redirectors explaining the problem and how to fix it.
Last night, I found an open redirector on the usa.gov site, which was being used in Google links to spread malware. I fired off an email to the usa.gov Webmaster explaining the problem. This morning I got a very nice email reply saying they’d verified the problem and fixed it; the redirector now does referrer checking and refuses to redirect for non-local requests. Checked it out, and sure enough, it was fixed.
Woot! They had a patched script up within hours. Who says the government is always slow and inefficient?