talk (software)

talk is a Unix text chat program, originally allowing messaging only between the users logged on to one multi-user computer—but later extended to allow chat to users on other systems.

Although largely superseded by

BSD systems^[2] and macOS.^[3]

History

Similar facilities existed on earlier system such as Multics, CTSS, PLATO, and NLS.^[4] Early versions of talk^[when?] did not separate text from each user. Thus, if each user were to type simultaneously, characters from each user were intermingled. Since slow teleprinter keyboards were used at the time (11 characters per second maximum^{[citation needed]}), users often could not wait for each other to finish. It was common etiquette for a long typing user to stop when intermingling occurred to see the listener's interrupting response. This is much the same as interrupting a long monologue when speaking in person. More modern versions use curses to break the terminal into multiple zones for each user, thus avoiding intermingling text.

In 1983, a new version of talk was introduced as a Unix command with

IRC

. Users more familiar with other forms of instant text communication would sometimes find themselves in embarrassing situations by typing something and deciding to withdraw the statement, unaware that other participants of the conversation had seen every keystroke happen in real time.

A similar program exists on VMS systems called phone.^[7]

Security

A popular program called "flash", which sent malformed information via the talk protocol, was frequently used by pranksters to corrupt the terminal output of the unlucky target in the early 1990s.^{[citation needed]} It did this by including terminal commands in the field normally designated for providing the name of the person making the request. When the victim would receive the talk request, the name of the person sending the request would be displayed on their screen. This would cause the terminal commands to execute, rendering the person's display unreadable until they reset it. Later versions of talk blocked flash attempts and alerted the user that one had taken place. Later it became clear that, by sending different terminal commands, it is even possible to have the user execute commands. As it has proven impossible to fix all programs that output untrusted data to the terminal, modern terminal emulators have been rewritten to block this attack, though some may still be vulnerable.^[8]^[9]

References

^ man talk, ubuntu.com
^ man talk, freebsd.org
^ man talk, apple.com
^ Day, John (December 19, 2002). "[ih] Origin of 'talk' command". internet-history (Mailing list).
^ "YTalk – About". ytalk.ourproject.org.
^ "utalk – a UDP-based talk protocol". utalk.ourproject.org.
^ Vos, Marc H.E. "Marc's Place – VMS – Phone". marc.vos.net. Retrieved 2016-10-19.
^ "Updated vte packages fix gnome-terminal vulnerability". Red Hat Customer Portal. February 24, 2003. RHSA-2003:053-10, CVE-2003-0070, Red Hat Bugzilla 1616950. Archived from the original on March 4, 2016.
^ Moore, H D; Digital Defense (July 11, 2009) [February 25, 2003]. "Gnome-Terminal Window Title Reporting Escape Sequence Command Execution Vulnerability". SecurityFocus. CVE-2003-0070. Archived from the original on January 28, 2021.

External links

[1] man talk, ubuntu.com

[2] man talk, freebsd.org

[3] man talk, apple.com

[4] Day, John (December 19, 2002). "[ih] Origin of 'talk' command". internet-history (Mailing list).

[5] "YTalk – About". ytalk.ourproject.org.

[6] "utalk – a UDP-based talk protocol". utalk.ourproject.org.

[7] Vos, Marc H.E. "Marc's Place – VMS – Phone". marc.vos.net. Retrieved 2016-10-19.

[8] "Updated vte packages fix gnome-terminal vulnerability". Red Hat Customer Portal. February 24, 2003. RHSA-2003:053-10, CVE-2003-0070, Red Hat Bugzilla 1616950. Archived from the original on March 4, 2016.

[9] Moore, H D; Digital Defense (July 11, 2009) [February 25, 2003]. "Gnome-Terminal Window Title Reporting Escape Sequence Command Execution Vulnerability". SecurityFocus. CVE-2003-0070. Archived from the original on January 28, 2021.

[2]

[3]

[4]

[7]

[8]

[9]

v t e Unix command-line interface programs and shell builtins
File system	cat chattr chmod chown chgrp cksum cmp cp dd du df file fuser ln ls mkdir mv pax pwd rm rmdir split tee touch type umask
Processes	at bg crontab fg kill nice ps time
User environment	env exit logname mesg talk tput uname who write
Text processing	awk basename comm csplit cut diff dirname ed ex fold head iconv join m4 more nl paste patch printf read sed sort strings tail tr troff uniq vi wc xargs
Shell builtins	alias cd echo test unset wait
Searching	find grep
Documentation	man
Software development	ar ctags lex make nm strip yacc
Miscellaneous	bc cal expr lp od sleep true and false
Categories Standard Unix programs Unix SUS2008 utilities List

History

Security

See also

References

External links