@fr0gger When telling people that doing $potentially_insecure_thing is potentially insecure, I get that "OH, Isu, y'know, that sounds very farfetched, who'd ever go to such lengths just to interfere with my project? You're always overcomplicating things with your perfectionism!" look. In the future, I will send them this.

(Yes, I am aware of the fact that even a thousand such examples would not convince people. People need to get owned themselves and held responsible for it to induce change.)