Show HN: Google Cloud上でAPIキーの異常使用を検出する
Cloud Blog「GeminiとGoogle APIキーを保護する」を読んで、APIキーハイジエンの実装方法に興味を持った方のためのコードラボです。不正なAPIキーを見つけるスクリプトを紹介し、予期しない使用量の急増を自動検出して、(潜在的に)侵害されたキーをブロックする方法を学びます。
Cloud Blog「GeminiとGoogle APIキーを保護する」を読んで、APIキーハイジエンの実装方法に興味を持った方のためのコードラボです。不正なAPIキーを見つけるスクリプトを紹介し、予期しない使用量の急増を自動検出して、(潜在的に)侵害されたキーをブロックする方法を学びます。
Roman Storm warns that the legal theory in his case could set a precedent making open-source developers liable for how others use their code, potentially criminalizing the mere publication of privacy, messaging, or crypto tools. He notes that developer Michael Lewellen cannot publish lawful code due to prosecution fears, and argues this chilling effect extends beyond any single case.
A new paper by Thomas Bloom, Will Sawin, Carl Schildkraut and Dmitrii Zhelezov disproves a well-known conjecture in additive combinatorics. The result shows there exist arbitrarily large finite sets A of real numbers where max(|A+A|,|AA|) ≤ |A|^{2-c}. The solution was achieved by humans using methods related to an earlier AI solution to the unit distance conjecture.
The Cyber Resilience Act introduces an open-source steward role but fails to provide funding for ongoing maintenance, leaving critical security work unfunded despite new regulatory obligations.
The article reflects on the author's experiences at UN Open Source Week 2026, literally interpreting the themes of roads and bridges as metaphors for digital infrastructure and open source collaboration at the United Nations.
The article discusses Scrutineer, a tool designed to scan open source projects for vulnerabilities without overwhelming maintainers with excessive notifications or false positives.