this post was submitted on 10 Jan 2024
24 points (96.2% liked)

Linux

48186 readers
2084 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago
MODERATORS
 

I found a binary file with a gibberish name in my home directory. Its content seems to be just hex zeroes when I open it in an online binary viewer. It doesn't have execute permissions. It seems I accidentally ran spotify --uri= around the time the file was created (I could not replicate).

Can I safely ignore this as some bug with a program that tried to write to a file?

top 11 comments
sorted by: hot top controversial new old
[–] madmaurice@discuss.tchncs.de 10 points 10 months ago

Convoluted name and a lot of null bytes? Sounds like a temporary file used during downloading.

[–] palordrolap@kbin.social 7 points 10 months ago (1 children)

You could run an offline fsck to make sure it's not being caused by disk corruption or something. An offline malware scan at the same time wouldn't hurt, however unlikely. (That is, boot from external media so you know the drive's not in use.)

The file command might be able to identify it if it's of a known format, but if, as you say, it's all zeros that won't be particularly fruitful (it'll just say "data" if a test on my own computer is anything to go by).

Or you could lsof | grep theweirdfilename to see if any active processes are using it, not that this would show up if it was malware (which is unlikely, especially if you did that scan earlier).

If, as you say, it's all zeros, you could just bzip2 it (or similar) if you don't want to delete it for whatever reason. That way if something complains you could uncompress it again.

That said, if it doesn't show up as useful and isn't fixed by any of the above it'd probably be OK to delete it.

[–] driveway@lemmy.zip 3 points 10 months ago

You're right, file just shows data. lsof did not return anything either, I had already renamed the file to be able to reference it in the terminal anyway.

[–] nmtake@lemm.ee 4 points 10 months ago

Have you checked the shell command history? (e.g, history | grep spotify)

[–] SpaceNoodle@lemmy.world 3 points 10 months ago (2 children)

I do this every now and then by hamfisting a dd or curl command. The most irritating thing about it is the need to open a GUI in order to delete the file since I can't reference the garbled filename from the CLI.

[–] driveway@lemmy.zip 3 points 10 months ago

Yes, that was annoying. Especially because I didn't have a GUI file manager installed.

[–] turbowafflz@lemmy.world 2 points 10 months ago (1 children)

I use the fish shell and it can usually autocomplete all manners of strange file names in a way it can understand

[–] SpaceNoodle@lemmy.world 4 points 10 months ago

Make a directory with 256 files, each filename starting with a different byte, and see how it does.

[–] Tetsuo@jlai.lu 1 points 10 months ago (1 children)

Have you checked when the file was last modified.

If it fits the date you did the Spotify command then I wouldn't worry much about it.

If you still are concerned you can send the file to virustotal to be safe.

If it's more concerning for you for a functional reason then move the file elsewhere if nothing break you should be fine.

[–] driveway@lemmy.zip 1 points 10 months ago

I checked when it was created and that spotify command is the only one that makes sense time-wise.

[–] missing_forklift@sh.itjust.works -1 points 10 months ago

you have entirely foss Bless hex editor right there, no need to use online stuff