Had to register on some sites recently, and Security Questions were mandatory. That triggered my rant mode, so now I’m going to tell everyone why Security Questions are stupid.
- I don’t have a favourite song, movie, poem, etc.
- Neither do I like to watch sports, have favourite artist or athlete.
- In the era of Facebook, relying on (assumed to be) private information knowledge is stupid. This includes Mother’s maiden name, pet name, or brand of car.
- The favourites questions are particularly dumb because they assume your favourites don’t change over time.
- Ditto for dream job. Let’s see… when I was 3 I wanted to be a soldier. Then a doctor. Then a lawyer. Now I’ll do anything that earns me lots of money. Soon I’ll be happy I even have a job.
That is all I can think of for now. Any other thing you can think of?
Lots of users getting malware on their linux computers lately. Most of the time, the infection vector is due to a weak password. That aside, let’s look at a typical malware.
Below is a print out of the particular malware that resides in /var/tmp
As you can see. they have cleverly hidden it by using a directory name with 2 spaces. Some interesting files are
$ cat 1.user
$ head src/cfgfile.c
EnergyMech, IRC bot software
Parts Copyright (c) 1997-2001 proton, 2002-2003 emech-dev
The malware looks to be an IRC bot, which is quite typical for linux. Anyway, at this point in time I lost interest. If you want a closer look at this thing, feel free to email me. 🙂