More

crest · 2026-03-04T10:00:50 1772618450

A Chinese company saying you don't need encryption. Why should anyone waste time debunking their bad faith "arguments"?

crest · 2026-03-04T03:17:53 1772594273

But won't anyone think of the little children?!? The US president and his close friends sure do. /s

crest · 2026-03-03T17:27:41 1772558861

It's nice to see people sharing their mistakes too.

crest · 2026-02-26T14:12:46 1772115166

Let me guess you have to be an Australian citizen (inmate?) to have the right to sue and then you won't have standing?

freefaler · 2026-02-26T14:37:31 1772116651

You have to be onshore to get the case in front of Admnistrative Tribunal (ACT)

crest · 2026-02-26T14:07:55 1772114875

There is a difference between banned and you can't just pump it into the next water stream.

crest · 2026-02-26T06:04:41 1772085881

I hope Google has a database with the creation timestamp for every API key they issued.

827a · 2026-02-26T14:56:09 1772117769

You can see the creation date even on the GCloud dashboard. But this information isn't helpful in recovering from this issue, if they're interested in recovering correctly, because there's no guarantee that even keys created before the launch of Gemini didn't have Gemini access added to the keys intentionally. There are also likely public keys created after the launch of Gemini that also erroneously received the Gemini grant. The key creation date is ultimately useless; what it comes down to is whether the key's usage is intentional or malicious, which is impossible for Google to determine without involving the customer.

StilesCrisis · 2026-02-26T12:47:49 1772110069

If there's one thing Google is good at, it's logging.

ddalex · 2026-02-26T09:19:44 1772097584

I think Google has a database with everything. EVERYTHING.

crest · 2026-02-26T06:03:20 1772085800

They should limit the new features to new API keys that explicitly opt-in instead of fucking over every user who trusted their previous documentation that these keys are public information.

abustamam · 2026-02-26T13:50:03 1772113803

Isn't it standard practice to harden permissions on API keys? Like, if I were a bootstrapped startup maybe I'd take shortcuts and let an API key have a * permission but not for anything that could rack up thousands of dollars in bills for the customer. But at googles scale that just seems irresponsible.

crest · 2026-02-23T05:32:40 1771824760

LRO because the bridge has to forward the real frames. TSO because it’s fairly useless now.

crest · 2026-02-23T05:31:18 1771824678

The bridge driver gained features (vlan filtering) not performance.

crest · 2026-02-22T01:33:04 1771723984

You're not supposed to skip to the conclusion.

tptacek · 2026-02-22T02:22:09 1771726929

What conclusion? This is the Always Sunny corkboard.

iberator · 2026-02-22T20:15:41 1771791341

that's how you should be reading scientific journals