Yeah. Microsoft has been grooming us for years with this distinction between trusted connections and non-trusted connections. But I wonder, is that legit? I can imagine us all using candid comments in our code. If we were to add a comment regarding authentication, and if that comment were to consider the ramifications of an intruder surreptitiously accessing this code at this juncture, would we say something like, "Maybe should re-authenticate, but if someone gets here we're f*d anyway"?

Having developed several systems requiring security over the years, mostly sensitive information having to do with salary and demographics for HR, I find that at some level every system finds itself in a vulnerable state. The question is whether that vulnerability is warranted--not unlike a personal situation with a spouse or significant other or trusted friend or professional counselor. The best I can do as a developer is document very clearly what's at stake if someone accesses this code at that level of privilege. This is kind of a cop-out, but I develop systems; I don't run them; I don't provide insurance against social engineering...