Comment by imtringued
10 hours ago
I just realized that this blog site is pretending to be malware. I opened the tab and was constantly switching between the blog and writing this HN comment (I deleted the rest of the comment after realizing it) and was wondering where the tab went and kept opening it over and over again, then I realized that it completely rewrote the tab title with NSFW content (one of the title contained the world "nudes" with a faked amazon favicon) and when you reopen the tab, it shows you a black overlay with a message intended to induce shock if you ever bother to read it (I didn't read past the first sentence so I don't know what it was actually about).
Can dang/a moderator please ban the domain from HN? Even if its not exactly malware, it's pretending to be malware to grab your attention and it's obviously intending to fill your browser history with inappropriate content, which didn't work on my browser because I opened the blog in a private browser session. The operator clearly doesn't run his blog in good faith.
The pop-up is about disabling javascript, to avoid this kind of website doing this kind of thing.
I thought it was clever. But it also seems ham-fisted, and in poor taste.
The author also maintains https://disable-javascript.org/, which the pop-up links to. And has the exact script + titles used.
> You may want to consider linking to this site, to educate any script-enabled users on how to disable JavaScript in some of the most commonly used browsers. The following code uses scare tactics to do so.
> When added to your website, it will change the icon and the title of your website's tab to some of the most unhinged things imaginable once the user sends your tab to the background. Upon re-activation, the script will display a popover to the user informing them about the joke and referring them to this initiative.
It's not clever when people use HN at work. It's a complete erosion of user trust and could legitimately get someone fired. You think HR wants to hear oh no it was an object lesson in not using javascript. That's why I was searching for nudes on the work computer when I shared my screen at that meeting, not realizing some moron had programmatically changed the tab name when I clicked off. This domain needs banned. It's not operating in good faith, or in touch with the reality of the damage it could be doing.
list of tab titles from https://xn--gckvb8fzb.com/js/kill.js for entertainment:
{ "Official Church of Scientology: Difficulties on the Job - Online Course", "Ask HN: How could I safely contact drug cartels?", "The internet used to be fun", "am I boring - Google Search", "what is punycode - Google Search", "arguments for HN comment - Google Search", "how to hack coworker's phone - Google Search", "censorship on hacker news - Google Search", "rust programming socks - Google Shopping", "Adult entertainment clubs - Google Maps", "Pick up lines suggestions - ChatGPT", "Online debate argument suggestions - ChatGPT", "The Flat Earth Society", "Amazon.com: taylor swift merch", "Amazon.com: waifu pillow", "/adv/ - topple government - Advice - 4chan", "r/wallstreetbets on Reddit", "Infowars: There's a War on For Your Mind!", "birds aren't real at DuckDuckGo", "Lincoln MT Cabins For Sale - Zillow", "The Anarchist Cookbook by William Powell | Goodreads", "Fifty Shades of Grey | Netflix", "jeff bezos nudes - Google Image Search", "zuckerberg nudes - Google Image Search", "bigfoot nudes - Google Image Search", "Rick Astley - Never Gonna Give You Up - YouTube", "Pennsylvania Bigfoot Conference - Channel 5 - YouTube", "Linus goes into a real girl's bedroom - Linus Tech Tips - YouTube", "MrBeast en Español - YouTube", "FTX Cryptocurrency Exchange" }
It doesn't write anything extra to the browser history. How about actually checking before exaggerating. If you are bothered by a single wrong title with the right URL, well... I think something else is wrong.
You are also completely speculating on the intent. Less drama please.
[dead]