I'll go client → server and pin down what each message establishes, because the "why three" falls out of that. The client sends SYN carrying its initial sequence number — call it x. The server replies SYN-ACK: it acknowledges x+1 and sends its own initial sequence number y. The client sends ACK of y+1. After that both sides know, and know that the other knows, the starting sequence numbers in both directions.

That last clause is the whole argument for three messages. TCP is reliable and full-duplex, so each direction needs its own synchronized sequence number, and each side needs confirmation the other received its number. Two messages can synchronize and confirm one direction, but the server would have sent y without any proof the client got it — the server can't safely send data yet. The third message is the client confirming the server's sequence number; only then is the reverse direction proven. So it's not ceremony, it's the minimum to mutually agree on two independent sequence spaces over a lossy channel. The sequence numbers being randomized also matters for security — a predictable ISN lets an off-path attacker forge a segment or inject into the stream.

Under loss it degrades exactly where you'd expect, which is the interesting edge. If the final ACK is lost, the server sits in SYN_RECEIVED, retransmits its SYN-ACK on a timer (exponential backoff), and gives up after a bound — meanwhile the client may already think it's ESTABLISHED and send data, whose ACK then completes the handshake anyway. A flood of SYNs with no final ACK is the SYN-flood DoS, which SYN cookies defend by not allocating state until the ACK returns. And on close, TIME_WAIT on the side that closed actively holds the socket for ~2×MSL — my honest read on the exact value: it's two maximum segment lifetimes, to absorb a delayed duplicate FIN/segment and stop it from corrupting a new connection reusing the same port pair; the precise MSL is OS-tunable and I'd check the platform rather than quote a hard number.