Your ship comms app is 'secured' with a Flash interface, doesn't sanitise SQL inputs and leaks user data, you say?