specifically this is how QUANTUMINSERT worked (from the Snowden leaks.) also China used the same technique, injecting malicious JS through the GFW to get bystanders to DDoS github, in a much more obvious and indiscriminate way.

nobody here is remotely likely to be targeted by NSA, of course, but you can actually do such attacks on a budget if you compromise any router in the chain. combined with a BGP hijack it’s not far out of reach for even a ransomware gang to pull something like that these days.

yo mama’s so gullible, she participated in an interactive zero-knowledge proof and believed the prover was literally the mythical Merlin.

yo mama’s so dumb, she brought poker chips to a Monte Carlo simulation.

Zalgo captchas would go so hard.