Practical antiforgery in software design

A lesson from the mint

If you ever tour the Fort Worth campus of the United States Bureau of Engraving and Printing, you get more than a history lesson — you get a masterclass in making things hard to fake. It has been reported that staff at the BEP’s on-site museum refer to the suite of techniques they use as “counterfeiting deterrence.” Cumbersome, yes. But also revealing: without a crisp name, a craft can feel like a grab-bag of tricks rather than a mature discipline.

From paper features to code patterns

A recent essay shared on Lobsters and hosted at hudlow.org connects those physical defenses to software. It has been reported that the author argues for treating antiforgery as a design discipline in its own right — not just a random set of security patches. Think layered defenses, provenance and signatures, tamper-evidence, purposeful friction and deception. In other words: borrow the BEP playbook and adapt it for APIs, binaries, and supply chains.

Naming matters

Why fuss over a label? Because language shapes practice. Call it “countermeasures” and engineers patch; call it “antiforgery” and you start teaching patterns, building toolkits, running exercises. The emotional payoff is obvious: pride in craftsmanship, fewer embarrassing compromises, less reactive firefighting. Sounds small, but it changes how teams prioritize work — and who gets blamed when something goes sideways.

A practical roadmap

The piece sketches practical moves: design for provenance, make forgeries expensive at multiple layers, detect early, and plan for rapid invalidation. These aren’t magic bullets. They’re design habits — cheap to start, costly to ignore. Name it, teach it, and maybe we stop treating forgery as an afterthought. Call it antiforgery, if you like. Either way, building with the assumption that someone will try to fake it is long overdue.

Sources: hudlow.org, Lobsters