HackerTrans
TopNewTrendsCommentsPastAskShowJobs

hak8or

no profile record

comments

hak8or
·há 3 meses·discuss
Looks like another instance, I am dealing with a very similar issue. I didn't even notice any sort of tiers, as I had 17 grand in costs accumulate at a similar pace.

I (a hobbyist running a small side project for a dollar or two a month in normal usage, so my account is marked as "individual") got hit with a ~$17,000 bill from Google cloud because some combination of key got leaked or my homelab got compromised, and the attacker consumed tens of thousands in gemini usage in only a few hours. It wasn't even the same Google project as for my project, it was another that hasn't seen activity in a year+.

Google refuses to apply any adjustments, their billing specialist even mixed up my account with someone else, refuses to provide further information for why adjustments are being rejected, refuses any escalation, etc. I already filed a complaint with the FTC and NYS attorney General but the rep couldn't care any less.

My gripe is not that the key was potentially leaked or compromised or similar and then I have to pay as a very expensive "you messed up" mistake, it's that they let an api key rack up tens of thousands in maybe 4 hours or so with usage patterns (model selection, generating text vs image, volume of calls, likely different IP and user agent and whatnot). That's just predatory behavior on an account marked as individual/consumer (not a business).
hak8or
·há 3 meses·discuss
Be very careful about using googles apis as a consumer, they have poor rate limiting and ineffective anomoly protection.

I (a hobbyist running a small side project for a dollar or two a month in normal usage, so my account is marked as "individual") got hit with a ~$17,000 bill from Google cloud because some combination of key got leaked or my homelab got compromised, and the attacker consumed tens of thousands in gemini usage in only a few hours. It wasn't even the same Google project as for my project, it was another that hasn't seen activity in a year+.

Google refuses to apply any adjustments, their billing specialist even mixed up my account with someone else, refuses to provide further information for why adjustments are being rejected, refuses any escalation, etc. I already filed a complaint with the FTC and NYS attorney General but the rep couldn't care any less.

My gripe is not that the key was potentially leaked or compromised or similar and then I have to pay as a very expensive "you messed up" mistake, it's that they let an api key rack up tens of thousands in maybe 4 hours or so with usage patterns (model selection, generating text vs image, volume of calls, likely different IP and user agent and whatnot). That's just predatory behavior on an account marked as individual/consumer (not a business).
hak8or
·há 3 meses·discuss
And this is why I am immediately shifting to bunny from cloudflare at this point.

A week ago I (a hobbyist running a small side project for a dollar or two a month in normal usage, so my account is marked as "individual") got hit with a ~$17,000 bill from Google cloud because some combination of key got leaked or my homelab got compromised, and the attacker consumed tens of thousands in gemini usage in only a few hours.

Google denied a rate adjustment, and haven't reached back out to me for a good few days now. My credit card denied the charge because it was over my credit limit by a good few thousand dollars and they suspected fraud, but now I am terrified of being taken to collections and ruining my prospects of renting an apartment due to my credit score/history being ruined, or them just taking me to court.

I am never going to use "use now pay later" services, especially with cloud portals where it's so hard to put in a actual cap, and the cloud provider not having any sane rate limits. I am fine paying if it was negligence or a mistake on my part as a very expensive lesson in security, but 17k is brutal.

The fact they don't have an easy way to hard cap usage (especially for an individual account) and have ineffective rate limits (how on earth is an account that pays a few dollars a month able to run up tens of thousands in just a few hours), makes me never want to use their (or any use now pay later with no easy caps or rate limits) service ever again. Or even a phone number to call.
hak8or
·há 7 meses·discuss
I was curious what instruments this use, looks like a special form of radar? Does this mean it effectively gives us very accurate height maps regardless of cloud coverage, and is able to differentiate between what surface material it's seeing?

> Radar instruments can image Earth’s surface through clouds, precipitation, regardless of sunlight, making them particularly well suited for monitoring polar regions. The Sentinel-1C and -1D satellites also carry an Automatic Identification System (AIS) instrument – improving the mission capacity to detect ships and sea pollution. The Sentinel-1D AIS was also activated as the satellite passed over Antarctica capturing the presence of ships in these extreme areas.
hak8or
·há 5 anos·discuss
I switched all my home machines' shell to fish, and my work computer also to fish, and it has been an amazing productivity boost for myself. The extremely ergonomic way it represents history (old commands) is what does it for me.

If I need to script something, I always do it in bash (which is easy to transition to from bash). I don't use the fish language for any scripting because of incompatability, but as a command line interface to my systems it has been a massive boom to my quality of life. I could not reccomend it more.