when you're building things, assume that the user is trying hard to pwn you