I had a strange question asked of me today… Matt Weaver asked me if I had tried to ‘su -‘ on his machine today… I hadn’t, which opened a huge can of worms that ended up with me (and others) believing that my password was somehow obtained and used without my knowledge by persons unknown. This problem was exacerbated by the fact that I was using the same password on many systems. If the person was a good cracker, they would have covered their tracks, so it’s difficult to tell how long they’ve been at this, but if we are to believe logs it seems like it was only today (er, wednesday).
I do my best to choose good passwords, but I guess I had one bad habit left, which was using the same password on multiple systems… I suspect that many of you reading do this, so I don’t feel so guilty, but still…
Anyway, I have gone through all the Unix systems I have access to (or, at least the ones I remember) and changed my passwords to something unique to each system. I’ve also deleted any ssh keys I had floating around as they can’t be trusted anymore. At least this way if this happens again, using unique passwords on all the various systems will limit the blast radius. If you’re reading, I hope that was fun for you.. (P.S. If I have an account on your machine and I haven’t mailed you, let me know because I might have forgotten about you).
In less aggravating news I saw Henry Rollins tonight doing his Spoken Word act… As always, a wonderful show (although the seats sucked).