@jackcole No need to go the roundabout way through a public charger when any old headlight is allowed to send a "key fob accepted" message to the locks & ECU. Seriously #Toyota engineers, what were you thinking?! Have you never heard of the #security #infosec principles of #LeastPrivilege, #SeparationOfDuties and only accepting messages from systems that SHOULD originate that class of messages?

There is of course no guarantee that it would have helped, but it would have slowed an attacker down.

@BenAveling that's not a hot take. It's #LeastPrivilege and #SeparationOfDuties. It's temporary #StepUpAuthentication and timeouts.
A particular user should only be able to do what they need to do for a particular job function, but only when they need to do it, and only for as long as it takes to do the thing.

Delegated Administrator for AWS Organizations: ACM.139 Delegating governance via service control policies to an AWS Governance account
~~~~~~~~
by Teri Radichel | Jan 24, 2023
#cloudsecurity #governance #iam #aws #separationofduties #rootoftrust

https://medium.com/cloud-security/delegated-administrator-for-aws-organizations-8b58c021e8e1

Would You Accept an Inconvenience To Prevent a Data Breach?

Addressing the rise in credential and session compromise
~~~~~~
by Teri Radichel | Jan, 2023
#cloudsecurity #iam #mfa #separationofduties #securityarchitecture #circleci #oktapus

https://medium.com/cloud-security/would-you-accept-an-inconvenience-to-prevent-a-data-breach-f0df9de628e9

AWS SSO (IAM Identity Center) for Separation of Duties: ACM.126 Creating a permission set for DNS Administrators in AWS SSO
~~~~~~~~~~~~
by Teri Radichel | Jan 8, 2023
#aws #identitycenter #sso #separationofduties #cybersecurity

https://medium.com/cloud-security/aws-sso-iam-identity-center-for-separation-of-duties-f9e6627fc5a3