Security is Hard
“Reasonable” assumptions don’t apply.
- File name length bounds don’t apply.
- Any input field can be arbitrarily weird.
Your adversary is creating improbabilities.
- Race conditions will happen.
“Nature is subtle but not malicious” – but the hackers are both.