I found a binary file with a gibberish name in my home directory. Its content seems to be just hex zeroes when I open it in an online binary viewer. It doesn’t have execute permissions. It seems I accidentally ran spotify --uri= around the time the file was created (I could not replicate).

Can I safely ignore this as some bug with a program that tried to write to a file?

  • palordrolap@kbin.social
    link
    fedilink
    arrow-up
    8
    ·
    11 months ago

    You could run an offline fsck to make sure it’s not being caused by disk corruption or something. An offline malware scan at the same time wouldn’t hurt, however unlikely. (That is, boot from external media so you know the drive’s not in use.)

    The file command might be able to identify it if it’s of a known format, but if, as you say, it’s all zeros that won’t be particularly fruitful (it’ll just say “data” if a test on my own computer is anything to go by).

    Or you could lsof | grep theweirdfilename to see if any active processes are using it, not that this would show up if it was malware (which is unlikely, especially if you did that scan earlier).

    If, as you say, it’s all zeros, you could just bzip2 it (or similar) if you don’t want to delete it for whatever reason. That way if something complains you could uncompress it again.

    That said, if it doesn’t show up as useful and isn’t fixed by any of the above it’d probably be OK to delete it.

    • driveway@lemmy.zipOP
      link
      fedilink
      arrow-up
      3
      ·
      11 months ago

      You’re right, file just shows data. lsof did not return anything either, I had already renamed the file to be able to reference it in the terminal anyway.

  • nmtake@lemm.ee
    link
    fedilink
    arrow-up
    4
    ·
    11 months ago

    Have you checked the shell command history? (e.g, history | grep spotify)

  • SpaceNoodle@lemmy.world
    link
    fedilink
    arrow-up
    4
    arrow-down
    1
    ·
    11 months ago

    I do this every now and then by hamfisting a dd or curl command. The most irritating thing about it is the need to open a GUI in order to delete the file since I can’t reference the garbled filename from the CLI.

    • driveway@lemmy.zipOP
      link
      fedilink
      arrow-up
      3
      ·
      11 months ago

      Yes, that was annoying. Especially because I didn’t have a GUI file manager installed.

    • TurboWafflz@lemmy.world
      link
      fedilink
      arrow-up
      2
      ·
      11 months ago

      I use the fish shell and it can usually autocomplete all manners of strange file names in a way it can understand

  • Tetsuo
    link
    fedilink
    arrow-up
    1
    ·
    11 months ago

    Have you checked when the file was last modified.

    If it fits the date you did the Spotify command then I wouldn’t worry much about it.

    If you still are concerned you can send the file to virustotal to be safe.

    If it’s more concerning for you for a functional reason then move the file elsewhere if nothing break you should be fine.

    • driveway@lemmy.zipOP
      link
      fedilink
      arrow-up
      1
      ·
      11 months ago

      I checked when it was created and that spotify command is the only one that makes sense time-wise.