we should note that tictoc says -- for more, we're joined by the head of engineering jack schwartz.report was alarming, page after page getting more nervous. what are some of the major security flaws you found? two on top of each , aer, allowed a bad actor malicious user to modify urls for login. that would result in code being run on the victims device. , account takeover activity was capable to be leveraged against the victims device and once that account is addingver, there was videos, deleting videos, marking videos that are private as public and there was subsequent vulnerability that allows for api access into personal data of the account owner that was being maintained by tictoc. >> one of the weaknesses of , they deployed a solution or patch for it? >> we notified them and they were quite responsive and closing these issues, but the research is implemented of a much larger concern and that is applications are deployed on both devices that are susceptible and these are discovered vulnerabilities that we know of and when we consider movie don't know in the applications that ha