BrianKrebsMay 2, 2024

It's always amazed me that ID.me, which you have to use in order to interact w/ the IRS online these days, has a top level domain from the country of Montenegro. Ublock Origin says they're injecting tracking links from Italy's TLD when you login at the irs.gov website.

What's next? Cookies from Colombia? AI from Anguilla?

Show threadBrianKrebsMay 2, 2024
To be clear, I have nothing against private companies or citizens using whatever TLD they want. But we need to stop doing this on important .gov stuff. And I would consider the IRS to easily qualify there.
Show threadBrianKrebsMay 2, 2024

How about this? Lawmakers pass a law (gasp!) that says if you're a private company providing services to the entire populace on behalf of .gov, your site will use com/net/org only when it is interacting with the government. Full stop.

Probably even the extreme wingnuts in the GOP could get behind this, in a kind of "buy American" way.

Show threadthe_afflicted11

@briankrebs It really should. This is how most scams in third world countries start. 'SMSes like Click on this link to pay your tax/insurance, and the link is of some xyz@shop xyz@corner xyz@taxoffice site.'

Make it a law sooooon, Like before some foreign lobby gets to the GOP wingnuts.

May 2, 2024 at 8:01pmWeb