this post was submitted on 26 Mar 2026
329 points (96.9% liked)
Programmer Humor
30630 readers
411 users here now
Welcome to Programmer Humor!
This is a place where you can post jokes, memes, humor, etc. related to programming!
For sharing awful code theres also Programming Horror.
Rules
- Keep content in english
- No advertisements
- Posts must be related to programming or programmer topics
founded 2 years ago
MODERATORS
I was on some website the other day and I opened the browser console for unrelated reasons. They had a giant message there that was like "STOP. If someone asked you to paste something here, you are probably going to be hacked. Do not do anything here unless you know what you're doing."
Which, admittedly, is probably good advice.
Good thing the site is asking me for pressing ctrl and v instead of pasting.
I've seen that before. I think it s default for some js package
I think Facebook started doing that 15 years go. Lots of people were being scammed like that.
I've opened console on some random site with far too wide article text and those asshats froze my whole browser.
I don’t get it, how does that hack/scam work?
Someone would say something like 'you can unlock a secret page on Facebook, just press F12 and paste this in', and the snippet would upload the victim's session token to the scammer's server. So that they can use the account to promote a crypto scam or whatever.
If you paste code into the consol the code writer can do anything you can do on any website in the context of the current website you are on. So for example download files, capture any data, or take over and use your active session remotely.
I don't see a CVE for this anywhere. Security folks must be asleep at the wheel /s
I got hacked by pressing F12 then Ctrl+v
(() => "I'm in.")()
Tried to 1-up you and ended up on a list
Wait, why does it think this is looking for child porn? Do I even want to know?
JS in Japan can mean elementary schoolgirls.
But I swear Google used to be smarter than this. It's the training data from 4chan that poisoned it's mind, surely.
Let's be honest. The data from 4chan poisoned all of our minds.
Nope. Never deliberately visited.
How'd they get JS from shougakusei? Or wait, is that like "junior school" or something, to obscure its meaning further?
The abbreviation takes the form of XY where X is:
- D for danshi/男子 (boys) or
- J for joshi/女子 (girls)
And Y is:
- S for shougakusei/小学生 (elementary schooler) or
- C for chuugakusei/中学生 (middle schooler) or
- K for koukousei/高校生 (high schooler)
Ooh okay, I see, thank you. I hope this knowledge will never come in handy.
Inguess we will all have to switch to TypeScript to search up JS stuff now. What comes up for "TS Fuck"
Reminds me of when my VP of engineering told me to be careful when trying to get to the TypeScript Playground. Googling "ts playground" brought him to a site that was absolutely not safe for work.
I have no idea and at this point I'm too afraid to ask
must be saying something about JS programmers
...
mandatory /s
Well... That's kinda terrifying
Why do you use Google?
Because it's baked into my phone. I get what I deserve, honestly.
(() => (() => (() => (() => (() => (() => "I'm in.")())())())())())()
Hacking is easy, indeed.
Mooooom, I've been hacked!
I'm in.