1 Confirmation versus 6

[ufaforwork3]

New to Bitcoin, and apologies if this question has been answered before in another way.

I have a very basic idea on what confirmations are (the depth of the transaction, how many blocks have been completed since etc).

What I do not get is why some places would need 6 or more confirmations while others are pretty happy with 1 or 2. Isn't the blockchain and mining invented in such a way that once a block has been completed that it's 100% secure and perfectly confirmed?  In other words that x confirmation(s) should in theory always be as good as y confirmation(s), provided neither x or y = 0?  What makes something like 1 or 2 confirmations so much "less secure" than 6 or more? Can something go wrong after 3 or 4 that 6 is really needed?
Has anyone ever lost coins because they didn't wait for enough confirmations?
Thank you.

[mod edit: signature outside of sig space removed]

[ranochigo]

The way Bitcoin works is that miners finds blocks to include transactions into the blockchain. When the transaction receives one confirmation, a miner would have mined a block that has included that transaction in their block. At this moment, a rogue miner can try to "remove" the transaction from the Blockchain by generating a different block that spends the same input from the same block height. To succeed, they would need to have generated at least one more block than a network. Since nodes follow the transaction with the longest proof of work, the blocks that the miners broadcast will be accepted by the network and the other blocks generated by the honest miners will be orphaned. If the rogue miner includes the transaction that spends the same output in that transaction, it will be a double spend and the older transaction is effectively forgotten by the network.

Since the rogue miner have to generate at least 1 block more than the network, if they own a small portion of the network and the number of confirmations required is 1, they will not need that much hashpower to outpace the network, (ie. They just have to generate ~2 blocks by themselves)*. As the number of confirmation increases, it is harder for that miner to outpace the network (eg. for 6 confirmations, ~7 blocks by themselves)*. Hence, the difficulty of double spends increases with the number of required confirmations.

*Under the assumption that the network does not generate additional block during that time.

[aleksej996]

It sometimes happens that blocks are found in a very short time, since generation of blocks is random, 10 minutes is just what it is adjusted to be on average.
So they can both make a chain of blocks equally long and it is uncertain which of these chains will be the longest in the future. At that time, you need to wait for the second one to be sure, since the longest chain is the one miners work on.
It can happen that the second blocks on both chains are found in a close time frame from each other as well, then you wait for the 3rd one and so on.
Over time it becomes very unlikely that one chain won't be bigger for long enough to make miners of the other chain switch.
This can also be done on purpose by an attacker in order to send the same funds twice and as such buy things with same money twice.

When two chains compete in such manner and one wins (becomes longer for a decent amount of time for the whole network to propagate it) the blocks from the other chain that are now invalid are called orphaned blocks. The longest chain of orphaned blocks I am aware of was 4. 6 is considered to be enough.

[alerdenisov]

Additional to previous answers. It's needed not only to protect from rogue, also it's required because of protocol design. Let me explain:

Nobody could be sure that somewhere else there is no other bitcoin-branch, larger, when it is available in that part of the network.

The Bitcoin protocol says that the largest branch is always true. If someone shows a chain of blocks larger than mine (which means currently in my node), I believe it and use it. Imagine a situation where someone from Canada made a block and announced it on the network. At the same time, someone in China also made a block and announced. Due to network delays, the Chinese part of the network learns about the existence of chinese block before canadian block, and opposite situation in Canada. Since the branches are equal in length, it is impossible to tell which branch will be truth and here the race begins: who will make the next block faster.

And there possibility to mine without announcement for a while..

In simple way: much more confirmations, much more proof-of-work over transaction

(Here is link with latest orphaned-blocks: https://blockchain.info/orphaned-blocks)