Rails has a security flaw: All attributes are writable by default. This allows for spectacular hacks, like this one: https://github.com/rails/rails/commit/b83965785db1eec019edf1fc272b1aa393e6dc57. This gem makes all attributes protected by default.