Trust Decays

All trust is temporary.

Security Brutalism doesn’t treat trust as a principle, it treats it as a liability. Every assumption of good intent, every persistent privilege, every implicit approval is a countdown to compromise.

Trust is not a baseline.

The system shouldn’t start by trusting you. It should start by constraining you. Trust, if earned, should be tightly scoped, auditable, and temporary. What’s trusted becomes invisible. What’s invisible becomes unmonitored. What’s unmonitored becomes exploitable.

The longer something is trusted, the more likely it is to betray you. In general, accounts persist longer than people, tokens outlive the apps they were issued to, and connections remain after the purpose dissolves.

Decay is not a mistake. It’s a constant. The only question is whether your system exposes it or ignores it.

Design for Distrust

Security Brutalism builds systems that expire credentials by default and re-auth continuously in high-risk contexts. It builds things to minimize persistent access and logs everything that implies privilege. It turns things visible and trusts nothing.

Trust is not a gift. It’s a burden. Handle it like radioactive material.

Build so that access can be taken away instantly, safely, and completely. Re-authentication should be cheap. Revocation should be easy. Least privilege shouldn’t just be a policy, it should be the default output of architecture.

Don’t design for trust. Design for decay.