This is the standard questions you usually hear from system designers or developers: "What could possibly go wrong? We thought about everything." Well, experience shows, no they don't. The general problem with computer security is that you have to think not only what your system does, but also what it should not do. In general, that is an infinite problem space.