frontpage.
newsnewestaskshowjobs

Made with ♥ by @iamnishanth

Open Source @Github

Open in hackernews

Doge Denizen Marko Elez Leaked API Key for XAI

https://krebsonsecurity.com/2025/07/doge-denizen-marko-elez-leaked-api-key-for-xai/
70•todsacerdoti•6h ago

Comments

quantified•6h ago
> “If a developer can’t keep an API key private, it raises questions about how they’re handling far more sensitive government information behind closed doors,”

It raises additional questions. Plenty of questions already unanswered. Seems likely it's been a shitshow.

saalweachter•6h ago
Like, "why does this nominal government employee have the API key to XAI"/"why is an active X employee playing such a prominent role in the government"?
zdragnar•5h ago
External tech workers have been a thing since at least the catastrophe that was the original ACA launch. That "tech surge" was definitely full of more experienced people than the "smart kids" we see in DOGE though.

More worrying is that the article points out at time of writing the key was still valid. Why such a high level key was used in an agent script, why it hasn't been rotated (can't be rotated?) and about a dozen other "whys" point to some rather damning practices.

I get that the idea was to avoid the obscene levels of red tape that can be common in government IT, but the pendulum has clearly swung far, far far too far the other way.

JumpCrisscross•4h ago
> It raises additional questions

Ones we should be ready to prosecute with official resources come ‘26 and ‘28.

In the meantime, I wouldn’t let him into my country. But the EU will be the EU.

optimalsolver•6h ago
This was the "normalize Indian-hate" guy.
phendrenad2•3h ago
Very interesting that he had to resign from DOGE over this, yet xAI seemingly welcomed him.
sleazebreeze•6h ago
Nothing to see here. Move right along. I'm sure one or two or a handful of repeated incidents don't represent a trend or potential for future fuck-ups.

What is DOGE even doing now? Can we get some status reports on what the DOGE employees are doing every week since they're such proponents of radical accountability?

bix6•3h ago
Just ask Grok with the free key!
aspenmayer•1h ago
the sound of one hand clapping (AI generated)
icecreamscoop•3h ago
Officially they are still re-writing the software that runs Social Security. Back in May, they said re-writing >1 millions lines of COBOL would only take a few months.

https://www.wired.com/story/doge-rebuild-social-security-adm...

Unofficially, they are the worst people so they are probably doing the worst things you can imagine.

jauntywundrkind•1h ago
Wired also had this recent update, on "DOGE 2.0".

> But without flashy leadership, DOGE technologists are now quietly cycling into federal agencies, spending days or weeks building products and cutting contracts before cycling out once again. This is all done with little oversight from the White House or the United States DOGE Service (USDS), which these technologists purportedly represent.

burnt-resistor•27m ago
Destroying things to justify privatization while stealing every detail about us to increase profits and target opponents. Sure, there are HIPAA, secrecy, and confidentiality violations happening but there's no one left to prosecute the criminals when the criminals are the police, COTUS, SCOTUS, and the unitary executive. The only meaningful distinction remaining is patronage vs. outsider.
lbrito•6h ago
These reports seem increasingly irrelevant. There are surely many people that care and are outraged, but that's about it. Tomorrow the news cycle will have something else, and the 20 year olds scrapping their pants at doge will be yesterday's news.
esseph•6h ago
XAI key is potentially root into X (social media), and Tesla via grok, yes?

If so, sounds potentially life threatening.

NTSB might wanna look into that.

Edit: DoD is also contracting for $200 million for grok. Yeah, this is bad. https://www.washingtonpost.com/technology/2025/07/14/elon-mu...

lbrito•5h ago
That's kind of my point. It is bad And likely no one will be held accountable for it.
glaucon•5h ago
> DoD is also contracting for $200 million for grok

Somewhat to one side but when up to USD800 million is being spent (Grok, is not the only AI shaped snout at the trough) it's depressing to see the vagueness of the supposed uses [1] (in a five line paragraph this is the most specific description of why that need to spend the money ... "to support our warfighters and maintain strategic advantage over our adversaries")

[1] https://archive.ph/p1ZXR#selection-719.61-719.141

esseph•3h ago
There are a lot of classified contracts, services, etc.
sashank_1509•6h ago
Jokers, even GitHub auto checks if you push code with a private key.
blibble•6h ago
I doubt it has an integration with grok
fennec-posix•5h ago
Once, I can understand, but twice? come on... And the keys were still valid hours later (according to the article)
ada1981•5h ago
I regularly expose my AI api keys in my weekly zoom meetings for our AI Playground :)

So far no one has taken me up on them.

Feel free to join as a VIP anytime!

epicwynn•4h ago
Just another example showing that power and persistence does not equal competence.

EU-sponsored report says GenAI's 'fair use' defense does not compute

https://www.theregister.com/2025/07/14/eu_genai_fair_use/
2•chrisjj•8m ago•0 comments

Brainwaves sync while watching live dance

https://cosmosmagazine.com/health/body-and-mind/live-dance-brainwaves-sync/
1•Bluestein•19m ago•0 comments

How this app is making $80 000/month with TikTok marketing

https://autoslides.pro
2•Haris1245•19m ago•1 comments

How does your brain know something is real? Brain blends imagination and reality

https://www.popsci.com/science/how-does-brain-know-whats-real/
1•Bluestein•21m ago•0 comments

Discover Your Attractiveness Score with This AI Face Test Tool

https://www.rizzagic.ai/ai-dating-profile/attractiveness-test
1•rizzagic•23m ago•1 comments

Show HN: Weekday clock, a clock for people who dont work or go to school

https://weekdayclock.1link.fun
3•wenjian•28m ago•1 comments

A vulnerability that can be exploited to tamper with a train’s brakes

https://www.securityweek.com/train-hack-gets-proper-attention-after-20-years-researcher/
14•01-_-•33m ago•1 comments

The US government announces a Grok contract worth 200M dollars

https://www.theverge.com/news/706855/grok-mechahitler-xai-defense-department-contract
4•01-_-•35m ago•1 comments

I Built an Open Source Offline ChatGPT Alternative in 40MB

2•RajGuruYadav•37m ago•1 comments

The Tor Project removed OS spoofing from TOR intentionally

https://www.youtube.com/watch?v=3wlNemFwbwE
3•OgsyedIE•37m ago•0 comments

Joyjet Diamond Tools Used in Various Applications

https://www.kingelementw.com/diamond-tool-application/
1•JoyJet•37m ago•1 comments

Automerge 3.0

https://automerge.org/blog/automerge-3/
1•spiralganglion•40m ago•0 comments

15 Years If Jefit

https://www.jefit.com/our-story
1•jasong•43m ago•0 comments

An open-source SDK for finding dead code

https://blog.sentry.io/an-open-source-sdk-for-finding-dead-code/
1•skreep•45m ago•0 comments

WebAssembly binding for llama.cpp – Enabling on-browser LLM inference

https://github.com/ngxson/wllama
1•selvan•47m ago•0 comments

Carnival Cruise confiscates Starlink Mini because it threatens predatory pricing [video]

https://www.youtube.com/watch?v=a81anZ57urc
1•nomilk•47m ago•2 comments

Show HN: Create Frame Mockups Without Photoshop

https://framecanvas.app/
1•dizzierhys•48m ago•0 comments

Why the 40-yr old GNU's free and open, but not open-source

https://techhq.com/news/what-is-free-software-and-open-source/
2•ricecat•49m ago•0 comments

Reddit starts verifying ages of users in the UK

https://www.bbc.co.uk/news/articles/cj4ep1znk4zo
1•rwmj•51m ago•0 comments

Children Teach Themselves to Read

https://www.psychologytoday.com/us/blog/freedom-to-learn/201002/children-teach-themselves-to-read
1•thunderbong•55m ago•0 comments

We Tested 7 Languages Under Extreme Load and Only One Didn't Crash

https://freedium.cfd/https:/medium.com/@codeperfect/we-tested-7-languages-under-extreme-load-and-only-one-didnt-crash-it-wasn-t-what-we-expected-67f84c79dc34
1•matthewsinclair•59m ago•0 comments

I Don't Understand the Hyprland Hype

https://grigio.org/i-dont-understand-the-hyprland-hype/
2•grigio•1h ago•0 comments

Redka: Redis Re-Implemented with SQL

https://antonz.org/redka/
1•ingve•1h ago•0 comments

Round About Four Dimensions – Exploring the Unknown

https://www.creativeapplications.net/project/round-about-four-dimensions-exploring-the-unknown/
2•thunderbong•1h ago•0 comments

DIY Telescope Mods That Transformed My Astrophotography

https://www.youtube.com/watch?v=Efmzr_K4ApQ
4•karlperera•1h ago•1 comments

Biggest human imaging study scans 100,000th person

https://www.bbc.co.uk/news/articles/c8d65jvznvzo
1•neversaydie•1h ago•0 comments

Biomass satellite returns striking first images of forests and more

https://phys.org/news/2025-06-biomass-satellite-images-forests.html
1•lentoutcry•1h ago•0 comments

Show HN: iPantry – Track food inventory and reduce waste

https://apps.apple.com/us/app/ipantry-food-inventory/id1291843113
1•8mobile•1h ago•1 comments

Show HN: Timep – a next-gen profiler and flamegraph-generator for bash code

https://github.com/jkool702/timep
2•jkool702•1h ago•0 comments

CSS Shadow Palette Generator

https://www.joshwcomeau.com/shadow-palette/
1•blackbrokkoli•1h ago•0 comments