Talk (software) - Security

Security

A popular program called "flash", which sent malformed information via the talk protocol, was frequently used by pranksters to corrupt the terminal output of the unlucky target in the early 1990s. It did this by including terminal commands in the field normally designated for providing the name of the person making the request. When the victim would receive the talk request, the name of the person sending the request would be displayed on their screen. This would cause the terminal commands to execute, rendering the person's display unreadable until they reset it. Later versions of talk blocked flash attempts and alerted the user that one had taken place. Later it became clear that, by sending different terminal commands, it is even possible to have the user execute commands. As it has proven impossible to fix all programs that output untrusted data to the terminal, modern terminal emulators have been rewritten to block this attack, though some may still be vulnerable.

Read more about this topic:  Talk (software)

Famous quotes containing the word security:

    The reins of government have been so long slackened, that I fear the people will not quietly submit to those restraints which are necessary for the peace and security of the community.
    Abigail Adams (1744–1818)

    Learned institutions ought to be favorite objects with every free people. They throw light over the public mind which is the best security against crafty and dangerous encroachments on the public liberty.
    James Madison (1751–1836)

    Happiness is peace after strife, the overcoming of difficulties, the feeling of security and well-being. The only really happy folk are married women and single men.
    —H.L. (Henry Lewis)