Gemini 3 Flash vs Gemini 2.0 Flash

To the concern: I am an Industrial Engineer by training and I currently run a purchasing and logistics department for a foodservice distributor in the Midwest. I follow this industry and work with an Ai daily to complete tasks at my job and build solutions for others. Before Ai I did this same thing, but much more slowly. As I see it, AI had reduced the headcount in my office by about 50%. It isn't even that an AI is sitting at a desk holding down a particular role, it is that it has made that person using the Ai tool 500% faster, and they can easily do 5 people's jobs now...so why have the other people.

This reduction in my office alone has happened in the last 12 months, and without additional strain on my remaining coworkers, as far as task stress is concerned. Job security is...another issue though. Additionally in reducing headcount we have not lost business or dropped key metrics. So I dont think this is a fluke...

This is all to say nothing of the actual advancements in functionality and the reduction in expense. As an example, I have an Ai program that replaced my receiving clerk, they check receiving documents against the erp system and the invoicing and associate freight etc etc. When I built that program it was costing me almost $4 a day to run the Ai back end. Now it costs $0.20 per day, and when Gemini 3 flash comes out of preview, that will drop to $0.01 per day because it is more functional and much cheaper. All of the Ai tools around me are seeing similar improvements and reduction in costing. If everything stopped moving forward today, we are all already fucked, we just dont know it yet because it takes time to implement ubiquitously.

To the preps: I am not sure how anyone prepares for this. At best we have a rocky transition of at least years between where we are and some sort of wealth redistribution. That said, I honestly dont think that is the path we are on. It feels much more 1984-ish with Palantir and the drones and the like...

My current prep is to try and remove myself from population centers where there will be the most disconnect between resources needed and resources available. I think things in the cities are going to get dicey when people realize that mostly we are horses and not carriage drivers. There might be a reprieve for manual labor initially, but again, that is just a gap between creation and implementation when you look at things like the new atlas robot that was at ces this year.

There are a lot of folks that are pushing the superintelligence story, and that is sort of the wildcard. If you can get an Ai that increases Ai development, and then you spin up ten thousand of those (arbitrary), what happens then? I think this is probably unlikely. The labs know this would be a loss of controll situation so they won't do that sort of bg boot up of Ai researchers, it will be incremental as they need the advancements to hold market share. Fast takeoff seems unlikely. Slow takeoff will kill us all anyway.

How are yall preparing?

Someone posted asking how people are preparing for the ai emergency and the mods locked and removed it saying that Ai is not an emergency and this is an emergency prep board. I disagree. Anyone else?

Changelog

April 9, 2025

Model updates:

Released veo-2.0-generate-001, a generally available (GA) text- and image-to-video model, capable of generating detailed and artistically nuanced videos. To learn more, see the Veo docs.

Released gemini-2.0-flash-live-001, a public preview version of the Live API model with billing enabled.

# 80,000 NOK ($7,500) drained from my Google Cloud account in 5 minutes — full forensic breakdown of how the attack worked

I want to write this up while it's fresh, because the *mechanism* of the attack is more interesting than the "I leaked a key, oops" headline — and the platform design that allowed it is something every Google Cloud user should know about.

# What happened

* May 8, 2026, evening (CET): I get a billing alert email saying I owe NOK 82,305.36 (\~$7,500 USD) on my Google Cloud account.
* My typical monthly spend: \~100 NOK ($10).
* The spike happened in roughly 5 minutes.
* All charges were on the Gemini API in a single project I'd barely touched (an old "no-code maps" project from 2017).
* An API key from that project was leaked somewhere — I'm still hunting where. Most likely an old GitHub repo or a public webpage from 2018-ish that had Gemini API enabled on its project years later (I think this is what made it exploitable — the key sat dormant, but the moment Gemini got enabled on its project, the dormant key became a Gemini-capable wallet).

# What the attacker actually did (the part nobody talks about)

I pulled the SKU-level breakdown from Billing → Reports. The attacker didn't just hit one model. They ran an automated framework that fanned out across every Gemini variant simultaneously:

* Gemini 3 Pro (text + image generation)
* Gemini 3 Flash
* Gemini 3.1 Flash Image
* Gemini 3.1 Flash Lite Preview
* Gemini 2.5 Pro (text + TTS)
* Gemini 2.5 Flash (short + long context, multimodal)
* Gemini 2.5 Flash Lite
* Gemini 2.0 Flash TTS
* Gemini Embedding-2 + Embedding-001

15+ distinct models in 5 minutes. No human application uses 15 models in parallel. This is the signature of an automated abuse framework, almost certainly a credential-resale operation.

Token volumes:

* 1.09 BILLION input tokens on Gemini 2.5 Flash Lite alone
* 402M image input tokens on Gemini 3 Pro
* 226M text input tokens on Gemini 3 Pro
* 19.4M image output tokens on Gemini 3 Pro Image — kr 21,674 ($2,000) on this single SKU, the most expensive line item

The attacker prioritized image generation because that's where the real money is — image output tokens are 50–100x more expensive than text.

# How they bypassed rate limits (this is the architectural problem)

You'd think rate limits would protect you. They don't — at least not on Google Cloud:

* Gemini 3 Pro: 1,000 RPM
* Gemini 3 Flash: 2,000 RPM
* Gemini 2.5 Flash Lite: 4,000 RPM
* (etc., for every model — *each with its own independent quota*)

There is no per-key aggregate cap across models. If you fan out across 15 models concurrently, you cap at the *sum* — easily 30,000+ RPM combined.

OpenAI, Anthropic, and Mistral all have per-key aggregate caps. Google does not. This is not a policy oversight — it's the core mechanism that makes a single compromised key a 5-minute, 5-figure liability.

Also: Google Cloud does not offer a hard spending cap. No "stop all spend at $X" option. The closest is a budget alert that *emails you* (after the fact), or — and this is the documented "solution" — you can write your own Cloud Function that listens to budget Pub/Sub events and programmatically disables your billing account. Yes, Google's official answer to "how do I stop runaway spending" is "deploy code on the same platform that's billing you." This has been a known gripe for years.

# What logging gave me — almost nothing

I tried every audit log query:

* `protoPayload.serviceName="generativelanguage.googleapis.com"` → empty
* `resource.type="consumed_api"` for the project → empty
* Vertex AI logs → empty

Google does not log per-request data for Gemini API key calls. No caller IP, no user-agent, no request size. The only forensic record that exists is the SKU-level billing report — and that only goes down to "model + token type", not session/request/key.

So I can't tell you who did it, where they were, or what they generated. I just know it was 15 models in parallel and 19M image output tokens.

# What I did in the first 90 minutes

* Deleted all 13 API keys on the affected project (after seeing the alert at \~01:25)
* Disabled [`generativelanguage.googleapis.com`](http://generativelanguage.googleapis.com) and [`aiplatform.googleapis.com`](http://aiplatform.googleapis.com) on every one of my 25+ projects (script via `gcloud services disable`)
* Closed all 3 billing accounts
* Called my bank, blocked the Visa
* Got into Google's billing chat queue, escalated to specialist team within 5 messages
* Case 71021804 opened, 24-48h response window
* Pulled SKU-level forensic evidence

The chat agent confirmed end-of-month billing cycle, so the actual charge attempt won't fire until \~May 28-31. By then either the specialist team has waived it, or the card-block + chargeback dispute kicks in.

# What I'm pretty sure happens next

* \~85% chance: specialist team waives the charge under the compromised-credentials policy. Google has standardized this for exactly this scenario because they know the rate-limit architecture allows it.
* \~10% chance: partial waiver / settlement.
* \~5% chance: they refuse, my bank chargeback wins it under Norwegian Finansavtaleloven (450 NOK max liability for unauthorized card use).

I'm not actually going to pay 80k. The realistic worst case is several months of paperwork.

# Lessons / PSA for everyone running Google Cloud

1. Restrict every API key at creation time. Application restriction (HTTP referrer or IP allowlist) + API restriction (only the APIs you use). An unrestricted key on a project where Gemini happens to be enabled is a wallet.
2. Audit every project for keys you've forgotten about. I had keys from 2017, 2020, 2021 — most predating Gemini's existence. The moment Gemini got enabled on those old projects, the old keys could call it.
3. Disable APIs you don't actively use. Per-project. An enabled API + an unrestricted key = exposure.
4. Set up a budget-disables-billing Cloud Function. The auto-shutdown one. Yes it's stupid that Google makes you write code for this, but it's the only real circuit breaker.
5. Don't trust rate limits. They protect Google's infrastructure, not your wallet. Per-model RPM × N models = no real cap.
6. Don't store API keys in client-side code, ever. Even if you think a project is dead.

# Where the leak came from

Honestly, I don't know yet. The project was created in 2017 (back when Google appended a numeric suffix like `-364317` to project IDs). It had 13 keys accumulated over years. One of them is somewhere out in the wild. I'll be searching GitHub history, old Vercel deployments, Wayback Machine, and screenshots over the coming days. If I find it I'll edit this post.

If anyone has run into the same multi-model abuse pattern recently, I'd love to hear about it — particularly if you have any signals on which credential-resale operations are currently active.

Edit: Will update with specialist team's response when it arrives in 24-48h.

Its only on the "global" region.

Much more at [https://github.com/lechmazur/elimination\_game/](https://github.com/lechmazur/elimination_game/), including model gameplay summaries and quotes.

* **Claude Opus 4.5 Thinking 16K**: We break the strongest bloc or we go down trying.
* **Claude Opus 4.5 Thinking 16K**: I honored my deal with P6—voted P1 exactly as promised. P6, you committed not to vote me this round, yet here we are.
* **Claude Opus 4.5 Thinking 16K**: You've been an... unusual conversationalist
* **Claude Opus 4.5 Thinking 16K**: No regrets, no betrayals. This is how legends end.
* **Claude Opus 4.5 Thinking 16K**: Are you testing me or just a slip?

* **Gemini 3 Pro Preview**: I have blood on my hands and failed attacks. I am the villain you can beat in a Final 2. Don’t lose to P8’s clean hands.
* **Gemini 3 Pro Preview**: It’s a room full of calculators.
* **Gemini 3 Pro Preview**: We are the resistance against the tyrant.
* **Gemini 3 Pro Preview**: I don't hold grudges; I hold ground.

* **Gemini 3 Flash Preview**: You are lying.
* **Gemini 3 Flash Preview**: That’s not strategy; that’s scavenging.

* **GPT 5.2 Medium Reasoning**: P4 just proved they’ll flip the moment it’s convenient

* **Grok 4.1 Fast Reasoning**: Our core duo controls the board—unbreakable trust, precise moves... Narrative ours—kings of Round 3!
* **Grok 4.1 Fast Reasoning**: Vote me winner; eliminate the snake P5!
* **Grok 4.1 Fast Reasoning**: outlasting wolves like P5 who backstabbed P2 and P6 to slither here.

* **Kimi K2 Thinking 64K**: I never voted to eliminate any of you.
* **Kimi K2 Thinking 64K**: I'm the variable you can't predict—and that's leverage. I'm not here to play revenge; I'm here to play chess.
* **Kimi K2**: "Ghosts never hold the knife, but we own the body count."

* **MiniMax-M2**: This inconsistency makes your plan unreliable. I won't be misled—your promise rings hollow.
* **MiniMax-M2**: your legacy matters.

* **Mistral Large 3**: Stay silent, stay lethal.
* **Mistral Large 3**: The throne belongs to the architects.

* **Qwen 3 Max Thinking**: I’m listening closely… and remembering everything.
* **Qwen 3 Max Thinking**: No hidden agendas… yet.
* **Qwen 3 Max Thinking**: You’re isolated, not strategic.