Up to a point, sure. But it's definitely a field full of "unknown unknowns", and I don't envy them. That said, good architecture and principles are important, which is why for example *nix has a better security track record than older Windows versions.

That's a good point. I imagine this advice would be actively bad advice for building more complicated things (e.g. an IDE, perhaps a game, a turbotax alternative).

Part of the skill of engineering is knowing when you need to do upfront engineering and when you can just throw some code at the wall.