Forgotten Internet: Giving (or Getting) The Finger

27 Comments

Hey, you know that guy in accounting, Marco? If you want to find out more about him, you’d probably go surf LinkedIn or maybe a social media site. Inside a company, you might look on instant messaging for a profile and even find out if he is at his desk or away. But back in the 1970s, those weren’t options. But if Marco was on the computer system, maybe you could finger him. While that sounds strange to say today, Finger was a common service provided by computer services at the time. It was like a LinkedIn profile page for the 1970s.

Based on RFC 742, Finger was the brainchild for [Les Earnest]. From a user’s point of view, you put a few files in your home directory (usually .project and .plan; both hidden files), and when someone “fingered” you, they’d see some human-friendly output about your account like your name and office location, if you were logged in or not, and the contents of your project and plan files.

Modern versions may also show your public PGP key and other data. You could usually put a file in your home directory called .nofinger if you wanted to stop people from fingering you.

Under the Covers

Behind the scenes, finger worked with a daemon on port 79 that handled TCP requests. By 1991, RFC 1288 defined the protocol in more detail. Since it was a network service, you could finger people on other computers as long as port 79 was open.

Things were pretty freeform, so while some people had information in their plan files, others had jokes or even ASCII graphics. Most people didn’t know about them and ended up with the defaults.

Why Finger?

This PDP-10 surely was running a finger service. (photo CC-BY-4.0 by [Gah4])
You might wonder why this was called finger. We always thought it was like the old mobster movies (“he put the finger on Lenny”). But it turns out, [Les] noted people using their fingers to trace through the verbose output of WHO command on WAITS, which was based on the operating system later known as TOPS-10, a common operating system on the PDP-6 and PDP-10 computers.

Incidentally, [Les] was the same guy who developed the SAIL keyboard that, as far as we know, introduced the META key you hear about in Emacs.

Cutting Off Finger

Finger is from a simpler time when you could assume people weren’t trying to hack into your system. Of course, they are. In 1988, the Morris worm exploited fingerd — the finger daemon — to spread itself among systems.

Between better alternatives, security concerns, and a general lack of awareness among new users, the writing was on the wall. Today, it is hard to find a system that provides finger services.

You could install finger, but we don’t recommend you keep it running for long. Ubuntu’s package manager, at least, will let you install both finger and fingerd easily.

Running finger with no arguments will show you a list of logged in users. Usually, you’d use it with a user ID, though:

$ finger alw 
Login: alw                              Name: Al Williams 
Directory: /home/alw                    Shell: /bin/bash 
On since Sun Jan 12 13:51 (CST) on tty2 from :0 
    19 days 19 hours idle 
On since Sun Jan 12 13:51 (CST) on pts/0 from :0 
   16 days 21 hours idle 
On since Sun Jan 12 13:52 (CST) on pts/2 from tmux(1721804).%1 
   2 seconds idle 
. . .
On since Wed Jan 15 13:48 (CST) on pts/7 from tmux(1721804).%4 
   13 days 21 hours idle 
On since Fri Jan 17 11:40 (CST) on pts/11 from :0 
  11 days 23 hours idle 
    (messages off) 
No mail. 
Plan: 
Write more Hackaday!

Sounds like a good plan.

In the 1980s, it seemed like finger would be around forever. But network tech can go from ubiquitous to forgotten in a flash. Just like UUCP in our last installment.

Featured image: The incredibly wittily titled “Left Index Finger” by Pixabay.

27 thoughts on “Forgotten Internet: Giving (or Getting) The Finger

  2. And back in that halcyon era (late 80s, early 90s) you could even mount nfs disks across the continent. It was a simpler time, when most fiber was still dark and Sun was still shiny.

    Report comment
    Reply

        1. My first encounter with Unix was at Data General in the early 90s, when we in Engineering got Sun workstations for schematic capture and Verilog simulations…and so much more! They were, of course, networked, and we were exposed to fast (10 mbit yellow cable) Ethernet!

          Then I discovered Linux…

          Report comment
          Reply

  3. Since I Was There, a few minor corrections:

    WAITS didn’t voice from TOPS-10 (which only ever ran on the 10s, never on the small number of 6s ever built). The monitor (nowadays we’d say “kernel”) DEC supplied for the 6 as the predecessor of both WAITS and TOPS-10 (which itself was the parent of TENEX, TOPS-20 and TWENEX).

    Originally the plan files weren’t called .plan etc — that’s obviously a Unix filename and finger far predates Unix networking, or Unix outside bell labs at all. An aside: ever wonder why network byte order is big endian when most of the machines are little and endian? It’s because the PDP 10 was big endian and all of the IP and TCP protocols were originall ydeveloped on PDP-10s. In fact, unix sockets are a port of PDP-10 networking to the vax by Bill Joy.

    More random trivia: gnu finger’s name length (how many characters it would supply before truncating) was set to fit my entire name specifically by Brian Fox.

    Report comment
    Reply

    1. the PDP 10 was big endian

      the pdp-10 approach to bytes was so odd that i don’t think it makes sense to consider it any sort of endian. aiui (i’ve never used a -10), addresses were word addresses and some instructions had a way to specify a bit field within the word. given that endianism arises from addressing words with a byte address granularity, i don’t see how it would apply to the pdp-10.

      Report comment
      Reply

      1. It applies just fine. You’re correct that endianness applies to the order of bytes in a word. You’re confused because “byte” did not mean 8 bits.
        Your 36 bit word could be split into 3 bytes where each byte is 12 bits.
        You still had to choose an order to send each 12 bit byte over serial/network so it can be correctly reconstructed on the other end.

        Defining a byte to be 8 bits came much much later

        Report comment
        Reply

  4. I missed finger so much I wrote my own python replacement. It doesn’t handle .plan or .project, but pulls useful info out of ldap to show output similar to finger, but also includes login timestamp, password timestamp, account active status, and group membership. Still helpful for getting info on my users.

    Report comment
    Reply

  7. We had to turn off finger. Sometime around 1996 or so, was working at a community college. Our primary user/Email system was an AlphaServer 2100 running VMS. One day I’m watching the system and see the finger service start using more resources. It gradually increased to the point where the system was noticeably slower. Turned off the finger service and then the Helpdesk starting getting calls from people wondering why they could no longer see the online status of their friends in their chat programs.

    Long story short, this was the dawn of ICQ, AIM, and various other real-time chat services. I believe it was ICQ [fuzzy memory, so might be wrong] that was able to show if contacts were online in services outside of the chat system and one of the methods it used was to finger the host of the contact’s Email account. Initially we asked users to lower the frequency that it polled our system, but over time that was not enough as more people used that chat and we just ended up permanently disabling the service.

    Report comment
    Reply

  8. There were also a number of programs on my university’s TOPS-20 with names like “hand” or “toe” that presented login data in different fashions. I don’t remember what each of them did, or if there was any connection between the name of each command and what it was for, but one of them found you a vacant terminal, so if all the terminals were in use where you were you could ask someone to run that command to find out where it was worth looking. I don’t know if these were standard on TOPS-20 systems or were a local hack.

    Report comment
    Reply

  12. When I first saw the web the first thing I saw was some random professor’s homepage and I was like, “Oh, so it’s just finger but with pictures? Who cares?”

    Anyway, it took a while to get there, but today’s Internet is mostly just finger but with pictures.

    Report comment
    Reply

  15. Gnu finger had a bug in the mid 90s that would allow you to read any file on the system by symlinking your .project file to it and fingering yourself. First vulnerability I remember exploiting!

    When chained with a bug in one of the NextStep programs that would let you see the files in any directory (but not read them), you could explore the filesystem and read all files. Grab /etc/shadow, crack the passwords!

    Report comment
    Reply

    1. Ah, the good ol’ days.

      The Morris Worm in ’88 leveraged buggy fingerd listening daemons by overwriting the stack… other issues arose with various programs that would finger a remote system and send the results through yet other programs, giving rise to malicious data attacks (always sanitize inputs!)

      For example the erstwhile TCP wrappers could email you with news of an unexpected connection along with the finger data of the remote system (actually very handy, as it could potentially detect the user that initiated the connection.) This led to issues because mailers would interpret lines starting with a “!” as a shell command leading bad results. Quickly resolved, but unintended consequences….

      Report comment
      Reply

Leave a Reply

Please be kind and respectful to help make the comments section excellent. (Comment Policy)

This site uses Akismet to reduce spam. Learn how your comment data is processed.