|This article needs additional citations for verification. (August 2010)|
Similar facilities existed on earlier system such as Multics, CTSS, and NLS. Early versions of talk[when?] did not separate text from each user. Thus, if each user were to type simultaneously, characters from each user were intermingled. Since slow teleprinter keyboards were used at the time (11 characters per second maximum), users often could not wait for each other to finish. It was common etiquette for a long typing user to stop when intermingling occurred to see the listener's interrupting response. This is much the same as interrupting a long monologue when speaking in person. More modern versions use curses to break the terminal into multiple zones for each user, thus avoiding intermingling text.
In 1983, a new version of talk was introduced as a Unix command with BSD v4.2, and would also accommodate electronic conversations between users on different machines. Follow-ons to talk included ntalk and Britt Yenne's ytalk. ytalk was the first of these three to allow conversations between more than two users, and was written in part to allow communication between users on computers with different endianness. All of these programs split the interface into different sections for each participant. The interfaces did not convey the order in which statements typed by different participants would be reassembled into a log of the conversation. Also, all three programs are real-time text, where they transmit each character as it was typed. This leads to a more immediate feel to the discussion than recent instant messaging clients or IRC. Users more familiar with other forms of instant text communication would sometimes find themselves in embarrassing situations by typing something and deciding to withdraw the statement, unaware that other participants of the conversation had seen every keystroke happen in real time.
A popular program called "flash", which sent malformed information via the talk protocol, was frequently used by pranksters to corrupt the terminal output of the unlucky target in the early 1990s. It did this by including terminal commands in the field normally designated for providing the name of the person making the request. When the victim would receive the talk request, the name of the person sending the request would be displayed on their screen. This would cause the terminal commands to execute, rendering the person's display unreadable until they reset it. Later versions of talk blocked flash attempts and alerted the user that one had taken place. Later it became clear that, by sending different terminal commands, it is even possible to have the user execute commands. As it has proven impossible to fix all programs that output untrusted data to the terminal, modern terminal emulators have been rewritten to block this attack, though some may still be vulnerable.
- man talk, ubuntu.com
- man talk, freebsd.org
- man talk, apple.com
- http://osdir.com/ml/culture.internet.history/2002-12/msg00026.html Origin of 'talk' command
- http://ytalk.ourproject.org YTalk at ourproject.org
- "Fix gnome-terminal vulnerability", redhat.com
- Example vulnerability in the Gnome terminal emulator, securityfocus.com