Security Theater: On the Vulnerability of Classifiers to Exploratory Attacks.