Why authorization architecture is probably fragile | Dark Hacker News