Follow

If we make our roles, policies and permission matrices confusing enough, an attacker wouldn't be able to figure out how to get access to things.

Let's try a variation on this:

Any sufficiently confusing set of roles, policies and permission matrices is indistinguishable from "security".

😂

Sign in to participate in the conversation
Isaac Su

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!