Trust Decays
All trust is temporary.
Security Brutalism doesn’t treat trust as a principle—it treats it as a liability. Every assumption of good intent, every persistent privilege, every implicit approval is a countdown to compromise.
Trust is Not a Baseline
The system shouldn’t start by trusting you. It should start by constraining you. Trust, if earned, should be tightly scoped, auditable, and temporary.
What’s trusted becomes invisible. What’s invisible becomes unmonitored. What’s unmonitored becomes exploitable.
The longer something is trusted, the more likely it is to betray you.
Trust Surfaces Erode
- Accounts persist longer than people.
- Tokens outlive the apps they were issued to.
- Connections remain after the purpose dissolves.
Decay is not a mistake. It’s a constant. The only question is whether your system exposes it or ignores it.
Design for Distrust
Security Brutalism builds systems that:
- Expire credentials by default.
- Re-auth continuously in high-risk contexts.
- Minimize persistent access.
- Log everything that implies privilege.
Trust is not a gift. It’s a burden. Handle it like radioactive material.
Revocation is a Design Pattern
Build so that access can be taken away instantly, safely, and completely. Re-authentication should be cheap. Revocation should be easy. Least privilege shouldn’t just be a policy—it should be the default output of architecture.
Don’t design for trust. Design for decay.