alt Hacker NewsHow do you enforce this? You have a system where the agent can email people, but cannot email "too many people" without a password?
How do you enforce this? You have a system where the agent can email people, but cannot email "too many people" without a password?
It's not a perfect security model. Between the friction and all caps instructions the model sees, it's a balance between risk and simplicity, or maybe risk and sanity. There's ways I can imagine the concept can be hardened, e.g. with a server layer in between that checks for things like dangerous actions or enforces rate limiting