This is the standard questions you usually hear from system designers or developers: "What could possibly go wrong? We thought about everything." Well, experience shows, no they don't. The general problem with computer security is that you have think about not what your system does, but what it should not do. And in general, that is an infinite problem space.