HomeMicrosoft


Is Microsoft the source of all evil? It appears it is!
Marvin Hlavac
I just came across a website, which appears to belong to Microsoft, but it bears a strange URL:

Code:
http://thesource.ofallevil.com
I've never heard of the URL before. It may not even belong to Microsoft. Does anyone have any info on this, or anyone wishes to guess what it is all about?
toyfountain
Definitively not MS. Don't download any files linked from there or enter any personal data.
http://spiresecurity.typepad.com/spire_security_viewpoint/2007/03/who_is_thesourc.html
Quote:
PS:
I Googled the ofallevil page by searching for info about "activate.exe", one of the downloading files. According to Spyware.net, that file is or can be a Trojan.
Marvin Hlavac
It's interesting that Microsoft hasn't done anything to prevent that website from impersonating Microsoft. I don't understand the technicalities involved, but my guess is that it could be rather easy to do.
taoyue
If it were that easy to do, then there would be no phishing attacks on the Internet. eBay could shut down everyone impersonating eBay, Paypal could shut down everyone impersonating Paypal, and we'd be back to the leave-your-doors-unlocked Internet, where you could trust everyone to be who they say they are.

The barrier here is not technical, but the (lack of) speed of the legal system.
Steve S
This is obviously a fake website.

The company that I work for is the actual source of all evil.

We let Microsoft think they're the source of all evil as a decoy; but actually, they're only the "source of all mildly icky things."

PS: You didn't hear this from me... and I was never here...!
Marvin Hlavac
Steve, no, it's not the company that you work for that is the source of all evil - it is the company that I work for !

Tao, you know about these things much more than most of us, but I just though, since it appears that the sub-domain of thesource.ofallevil.com is only redirecting the traffic to microsoft.com, that microsoft.com could just simply return 404, instead of allowing the traffic.

It appears to be a harmless prank , (and I don't think any content has been changed - it just redirects). I actually would welcome any site with any URL to direct its traffic to laptopgpsworld.com. Laptop GPS World, being a new site, can use any help in generating more visitor traffic it can get !
taoyue
Ah, I misunderstood. I thought the site was hosting its own copy of Microsoft's content, which makes it a legal problem to shut them down.

The site isn't doing that. Instead, they've configured their domain to point to one of Akamai's mirrors of microsoft.com. The way to block this would be to examine the Host: field of the HTTP request. For various reasons, this would have to be done as a deny-list rather than as an allow-list, which rapidly becomes messy as the list gets longer.

Because the server is operated by Akamai, Microsoft would have to make a request to Akamai to put any sort of blocking in place. It's always easier to do something yourself than to get a supplier to do it on your behalf.

So yes, it's possible to block. But it's highly unlikely that this would take place unless the problem becomes widespread.
Marvin Hlavac
A couple of years passed since this topic was discussed here. I came across this old thread, and I tested the URL out of curiosity. It seems there has been some resolution to this. The subdomain is now redirected to a Microsoft's page. I get this message:

Quote:
Your current User-Agent string appears to be from an automated process, if this is incorrect, please click this link: http://www.microsoft.com/en/us/default.aspx?redir=true
laptopgpsworld.com About