Latest News
I will give 2 online talks in June 2021 at THCon (in French) and BSides Oslo (in English). Both on live reverse engineering of recent Android malware.

Conferences I talked to (alphabetic order): AMUSEC 2021, AREA 41 2016, Barbhack 2020, BlackAlps 2018 2019, Black Hat Europe 2012 2014, BotConf 2020, BSides Munich 2020, BSides Oslo 2021, CARO 2014, CCCC 2020, Confidence 2010, DefCamp 2016, EICAR 2010 and 2012, GreHack 2013 2017, Hack in Paris 2015, Hack.lu 2013 2014 2015 2016 2018 2019, Hacktivity 2013, Hashdays 2012, Insomni'hack 2011 2012 2014 2015 2016 2017 2018 2019 2020*, ISSE 2002, USENIX LISA 2004, Mundo Hacker 2021, NoHat 2020, NorthSec 2021, Nuit du Hack 2015 2017, Nullcon Webinar 2020, Pass The Salt 2018 2020, PDPTA 2003, RSA Europe 2011, RSA US 2020, SAR-SSI 2010, SECI 2002, SecSea 2020, ShmooCon 2011, SSTIC 2017, SISW 2002, Sthack 2019, THCon 2021, Troopers 2018 2020*, IEEE TrustCom 2015, UYBHYS 2020, Virus Bulletin 2011 2013 2016 2017 2018 2019.

Industrial, hacking conferences

This section concerns non-academic conferences. Usually, peer-review is more limited, submission of an abstract, bio, demo, video, slides...
Sometimes very technical!

• A. Apvrille, Reverse Android malware like a Jedi Master, Virus Bulletin Conference (online), October 7-8, 2021. to appear
• A. Apvrille, Building and maintaining a honeypot for medical devices, BotConf (online), December 2020. [slides] [video]
• A. Apvrille, Malware and Cybercrime in Medical IoT, CCCC (online), September 14, 2020
• A. Apvrille, T. Goodspeed, Pique curiosity, not diabetic fingers, Pass The Salt, July 2020 (virtual edition), [slides], or in French Capteur de glycémie connecté : les interdits at Barbhack August 2020, or in French Hacking de capteur de glycémie connecté at UYBHYS (online) November 2020 [youtube (starts at 54'45)]
• A. Apvrille, Medical malware on Android, SecSea, June 2020 (virtual edition), [video] and Nullcon Webinar, August 2020 [video] and NoHat November 2020 [video] . All talks are on the same topic but with different samples analyzed as demo.
• A. Apvrille, Hacking a Smart Coffee Machine, Insomni'hack, Geneva, Switzerland (cancelled due to COVID-19), and BSides Munich (online due to COVID-19) in August 2020 [video] [slides] [tech report]
• A. Apvrille, T. Goodspeed, A. Lakhani, Malware, Cybercrime and Vulnerabilities for Diabetic Patients, Troopers, Heidelberg, Germany, March 2020, conference canceled due to COVID-19
• A. Lakhani, A. Apvrille, Bringing Down the Empire: The Internet of Medical Things RSA, San Francisco, USA, February 2020, [slides]
• A. Apvrille, T. Goodspeed, The inner guts of a connected glucose sensor for diabetes, BlackAlps, Yverdon-les-Bains, Switzerland, November 2019. [video] [slides] [GitHub]
• A. Apvrille, Smartphone apps: let's talk about privacy, Hack.Lu, Luxembourg, October 2019. [video]
• A. Apvrille, A. Lakhani, Medical IoT for diabetes and cybercrime, Virus Bulletin, London, UK, October 2019. [paper]
• A. Apvrille, Cryptocurrency mobile malware, BlackAlps, Yverdon-les-Bains, Switzerland, November 2018 [slides]. Updated in Abusing cryptocurrencies on Android smartphone, Insomni'hack, Geneva, March 2019, [slides] [video] and Sthack, Bordeaux, June 2019
• A. Apvrille, Junior CTF, Lightning Talk at Hack.Lu, Luxembourg, October 2018, [video] [slides]
• A. Apvrille, Are there Spectre-based malware on your Android smartphone? Pass The Salt, Lille, France, July 2018, [slides] [video]
• A. Apvrille, P. Paget Ph0wn smart devices CTF: Behind the Scenes, Insomni'hack, Geneva, Switzerland, March 2018, [video]
• A. Apvrille, Is my toothbrush really smart?, Troopers, Heidelberg, Germany, March 2018, [slides]
• A. Apvrille, Android Reverse Engineering Tools: not the usual suspects, Virus Bulletin Conference, Madrid, Spain, October 2017 [slides]
• A. Apvrille, Infecting Internet of Things, DefCamp, Bucharest, Romania, November 2016 [slides]
• A. Apvrille, Mobile Applications: a Backdoor into Internet of Things?, Virus Bulletin Conference, Denver, USA, October 2016 [slides]
• A. Apvrille, Reversing Internet of Things from mobile applications, Insomni'hack, Geneva, March 2016 [slides] and Area 41, Zurich, June 2016 [slides] [video].
• A. Apvrille, Geek usages for your Fitbit Flex tracker Hack.lu, Luxemburg, October 2015 [slides]
• A. Apvrille, Criminal Profiling: Android Malware, Nuit du Hack, Paris, June 20, 2015, [slides]
• A. Apvrille, Fitness Tracker: Hack in Progress, Hack in Paris, Paris, June 18-19, 2015, [slides] and Hacktivity [slides] (October 2015)
• A. Apvrille, Pawn Storm: What's Up on iOS devices?, Insomni'hack, Geneva, March 2015, [slides]
• A. Apvrille, L. Apvrille, SherlockDroid: an Inspector for Android Marketplaces, Hack.Lu, Luxembourg, October 21-24 2014, [paper] [slides]
• A. Apvrille, A. Albertini, Hide Android Applications in Images, BlackHat Europe, Amsterdam, NL, October 2014, 16-17 [paper] [slides]
• A. Apvrille, R. Nigam, Obfuscation in Android malware and how to fight back, 8th International CARO Workshop, May 15-16, Florida, USA.
• L. Apvrille, A. Apvrille, Pre-filtering Mobile Malware with Heuristic Techniques, GreHack, Grenoble, France, November 2013 [paper] [slides]
• A. Apvrille, Playing Hide and Seek with Dalvik Executables, Hacktivity, Budapest, Hungary, October 2013 - also presented at Hack.Lu, Luxembourg, October 2013, updated at Insomni'Hack in March 2014 [InsomniHack slides][Hack.lu slides][paper]
• K. de Pontevès, A. Apvrille, Analysis of Android In-App Advertisement Kits, Virus Bulletin Conference, pp. 133-138, Berlin, Germany, October 2013. [slides]
• A. Apvrille, Guns and Smoke to Defeat Mobile Malware, Hashdays, Lucerne, Switzerland, November 2-3 2012.
  This is a "Sponsor Talk" (though I do not really talk about Fortinet) [slides]
• A. Apvrille, G. Lovet, An Attacker's Day into Virology: Human vs Computer, BlackHat Europe, Amsterdam, The Netherlands, March 14-16 2012, [paper] [slides]
• A. Apvrille, Android Reverse Engineering Tools, Insomni'Hack 2012, Geneva, Switzerland, March 2, 2012 [slides]
• A. Apvrille, Cryptography for Mobile Malware Obfuscation, RSA Europe, London, UK, October 2011. [paper] [demo video]
• A. Apvrille, An OpenBTS GSM Replication Jail for Mobile Malware, Virus Bulletin Conference, pp. 86-94, Barcelona, Spain, October 2011. [paper][slides][demo video]. Copyright is held by Virus Bulletin Ltd but made available on this site for personal use free of charge by permission of Virus Bulletin
• A. Apvrille, Mobile Malware in Practice, Insomni'Hack 2011, Geneva, Switzerland, March 4, 2011, [slides]
• A. Apvrille, K. Yang, Defeating mTANs for profit, ShmooCon 2011, Washington DC, USA, January 28-30 2011, [slides]
• A. Apvrille, The Four Horsemen, 7th CONFidence 2010 conference, Krakow, Poland, May 24-26, 2010 [slides]

Academic, Peer-Reviewed Conferences

• A. Apvrille, Ingénierie inverse d'une brosse à dents connectée, Symposium sur la sécurité des technologies de l'information et des communications (SSTIC), Rennes, 7-9 juin 2017 [paper][video] (in French)
• L. Apvrille, A. Apvrille, Identifying Unknown Android Malware with Feature Extractions and Classification Techniques, IEEE TrustCom, Helsinki, Finland, 20-22 August 2015 [see here]
• A. Apvrille, T. Strazzere, Reducing the Window of Opportunity for Android Malware, in Proceedings of the 21st EICAR Annual Conference, pp. 131-149, Lisbon, Portugal, May 7-8, 2012 [paper] [slides].
• A. Apvrille, J. Zhang, Four Malware and a Funeral, in Proceedings of 5th Conf. on Network Architectures and Information Systems Security (SAR-SSI), Menton, France, May 18-21, 2010.
• A. Apvrille, Symbian Worm Yxes: Towards Mobile Botnets?, in Proceedings of the 19th EICAR Annual Conference, pp. 31-54, Paris, France, May 8-11, 2010 (Best Paper Award) [paper][slides]
• L. Apvrille, P. de Saqui-Sannes, A. Apvrille, Une méthodologie de conception des systèmes distribués basée sur UML, Actes de la 5ème conférence sur les nouvelles technologies de la répartition (NOTERE'05), p 217-214, Gatineau, QC, Canada, 29 août - 1er septembre 2005.
• A. Apvrille, D. Gordon, S. Hallyn, M. Pourzandi, V. Roy, DigSig: Runtime Authentication of Binaries at the Kernel Level, in the Proceedings of the 18th Large Installation System Administration Conference (LISA'04), pp. 59-66, Atlanta, November 14-19 2004 [Link].
• M. Pourzandi, A. Apvrille, E. Gingras, A. Medenou, D. Gordon, Distributed Access Control for Carrier Class Clusters, Parallel and Distributed Processing Techniques and Applications (PDPTA'03) conference, Las Vegas, June 2003.
• A. Apvrille, J. Hughes, V. Girier,Streamed or Detached Triple Integrity for a Time Stamped Secure Storage System, First International IEEE Security in Storage Workshop (SISW'2002), Greenbelt, Maryland, USA, December 2002, [pdf]
• A. Apvrille, V. Girier, XML Security Time Stamping Protocol, Information Security Solutions Europe conference (ISSE'02), Paris, October 2002, [pdf].
• A. Apvrille, J. Hughes, A Time Stamped Virtual WORM System, SEcurité de la Communication ur Internet workshop (SECI'02), Tunis, Tunisia, September 2002, [pdf].

Peer-Reviewed Journals

• A. Apvrille, L .Apvrille, SherlockDroid: a Research Assistant to Spot Unknown Malware in Android Marketplaces, Journal in Computer Virology and Hacking Techniques, vol. 11, no. 39, pages 1-11, 2015. [paper]. The final publication is available at Springer via DOI: [http://dx.doi.org/10.1007/s11416-015-0245-z]
• A. Apvrille, T. Strazzere, Reducing the window of opportunity for Android malware Gotta catch'em all, Journal in Computer Virology, 2012, DOI: 10.1007/s11416-012-0162-3
• A. Apvrille, Symbian worm Yxes: towards mobile botnets?, Journal in Computer Virology, 2012, DOI: 10.1007/s11416-012-0163-2
• L. Apvrille, P. de Saqui-Sannes, R. Pacalet et A. Apvrille, Un environnement de conception de systèmes distribués basé sur UML, Annals of Telecommunications, Vol. 61, n 11/12, pp. 1347-1368, Nov. 2006 [Abstract]
• A. Apvrille, M. Pourzandi, Secure Software Development by Example, IEEE Security & Privacy, vol. 3, no. 4, July/August, 2005, pp. 10-17. [Link]
• A. Apvrille, M. Pourzandi, XML Distributed Security Policy for Clusters, Computers & Security Journal (COSE91), Elsevier, vol. 23, no. 8, pp 649-658, December 2004 - [Abstract]

Workshop, trainings

Those are trainings I gave.

• Reverse Engineering of Modern Android malware, 16 hour training, RingZer0, August 2021, to appear
• Reverse Android malware for the Smart and Lazy, NorthSec, May 2021 (online) [video]: 3-hour workshop. Advanced.
• Junior CTF Install Party, Hack.Lu, October 2019. [slides]
• Android reverse engineering, Hack.Lu, October 2018: advanced [online]
• Android malware reverse engineering for the Brave, Virus Bulletin, October 2018: 1h30 with 2 tracks: beginners & advanced
• Hello, Android Malware Reversing! GreHack, November 2017: 2 hours, for beginners
• Say hello to Android malware reverse engineering XVeme Nuit du Hack, June 2017: 2 hours, for beginners
• Android malware reverse engineering, Insomni'hack, March 2017: 5 hours [slides]
• Android malware reverse engineering, Hack.lu, Luxembourg, October 2016: 3 hours [slides]

Technical magazines

• A. Apvrille, Piloter sa cafetière connectée, Hackable, numéro 33, April-June 2020 (in French) [shop]
• T. Goodspeed, A. Apvrille, NFC exploitation with the RF430RFL152 and 'TAL152, PoC || GTFO, 20:03, [Volume]
• A. Apvrille, Rancon sur téléphone mobile : les entrailles d'Android/Koler, MISC, no. 107, January-February 2020 - in French
• A. Apvrille, Analyse de la sécurité d'un capteur de glucose, MISC, no. 106, November-December 2019 - in French
• A. Apvrille, Does Malware Based on Spectre Exist? in Virus Bulletin, July 2018 [link to paper]
• A. Apvrille, Fabriquez votre T-shirt interactif avec un Lilypad Arduino, Hackable magazine, no. 21, p. 26, November-December 2017
• A. Apvrille, Rétrop-ingénierie d'applications Android avec Androguard, MISC, no. 92, July 2017, [link to paper] - in French
• A. Apvrille, Les objets connectés peuvent-ils être infectés? MISC - Hors Série numéro 15 : Sécurité des objets connectés, pp. 88 - 103, Mai 2017
• A. Apvrille, Analyse de la sécurité d'un bracelet sportif, MISC numéro 87, p. 76, Septembre-Octobre 2016
• A. Apvrille, L. Apvrille, Ventilation contrôlée par des framboises, Hackable magazine, no.11, p.32, Mars-Avril 2016
• A. Apvrille, L. Apvrille, Contrôler sa chaudière à distance avec un Raspberry Pi, Hackable magazine, no.8, p.60, Septembre-Octobre 2015
• A. Apvrille, Inside the iOS/AdThief malware, Virus Bulletin, August 2014 [pdf].
• A. Apvrille, R. Nigam, Obfuscation in Android malware and how to fight back, Virus Bulletin, July 2014 [pdf]. This was also presented at the 8th International CARO Workshop, May 15-16, Florida, USA.
• L. Apvrille, A. Apvrille, P. Bogossian, Retour d'expérience sur quelques épreuves de Hack.lu 2013 MISC numéro 73, p.50-86, Mai-Juin 2014
• A. Apvrille, Détenu virus mobile : nous avons les moyens de vous faire parler !, MISC Hors série numéro 5, p. 80, Avril - Mai 2012
• A. Apvrille, K. Yang, Defeating mTANs for Profit - part one, Virus Bulletin, pp. 6-10, March 2011
• A. Apvrille, Le virus Symbian RommWar à la loupe, MISC numéro 46, p.42-49, Novembre - Décembre 2009.
• A. Apvrille, La sécurité des Wikis, MISC numéro 44, p.76-82, Juillet - Août 2009.
• A. Apvrille, Conception et architecture de la bibliothèque cryptographique d'OpenSSL, MISC numéro 32, p.52-60, Juillet - Août 2007.
• A. Apvrille, Protéger les messages applicatifs avec XML Security ou PKCS, MISC numéro 25, Mai - Juin 2006.
• A. Apvrille, D. Gordon, DigSig novelties, Libre Software Meeting, Security Topic, July 4-9 2005 [slides].
• A. Apvrille, Des erreurs dans mon code sécurisé où ca ?! MISC numéros 16-17, Novembre 2004-Janvier 2005.
• A. Apvrille, M. Pourzandi, Trusted Computing in Linux: status, Linux World magazine, Vol. 2, No. 12, December 2004.
• M. Pourzandi, A. Apvrille, Setting up Virtual Security Zones in a Linux Cluster, Linux Journal, issue 126, October 2004 [HTML].
• A. Apvrille, L'ASN.1 par l'exemple dans les certificats X.509, MISC numéro 15, septembre-octobre 2004.
• A. Apvrille, M. Pourzandi, D. Gordon, V. Roy, Stop Malicious Code Execution at Kernel-Level, Linux World magazine, Vol. 2, No. 1, January 2004.
• A. Apvrille, M. Pourzandi, Protéger un réseau de machines distribuées contre un débordement de buffer... d'un seul coup, MISC numéro 7, mai-juin 2003.

Miscellaneous presentations

• A. Apvrille, Live reverse engineering of Android malware Android/BrazKing at Mundo Hacker in English and AMUSEC in French in April 2021, Android/Oji at BSides Oslo in English, THCon in French, June 2021. To appear.
• A. Apvrille Live reverse engineering of Android/BrazKing, AMUSEC (online) in French, and Mundo Hacker (online), in English, April 2021.
• A. Apvrille, OpenBTS for dummies v0.5, April 2011 [pdf]
• Programmation sécurisée sous Java: retour d'expérience, RéSIST, Septembre 2002 [slides].
• L'horodatage sécurisé: état de l'art et applications, RéSIST, Juin 2002 [slides].

Blog Posts

2021:

• A native packer for Android/Moqhao, May 19, 2021
• Android/Oji worm fake COVID 19 vaccine registration campaign, May 3, 2021
• Android/Flubot: preparing for a new campaign?, March 29, 2021
• Quark on an Android malware: how good was it? My opinion!, February 9, 2021
• An apparently benign app distribution scheme which has all it takes to turn (very) ugly, February 2, 2021

2020:

• Decrypting strings with a JEB script, December 17, 2020
• Unpacking an Android malware with Dexcalibur and JEB, December 16, 2020
• Customizing your Cowrie honeypot, November 3, 2020
• Into Android Meterpreter and how the malware launches it, part 2, Sept 25, 2020
• Locating the Trojan inside an infected COVID-19 contact tracing app, September 18, 2020
• CnC communication of a fake Aarogya Setup COVID-19 app, August 14, 2020
• Reversing V-Alert COVID-19 Android/BankBot and part 2, May 12, 2020
• Android malware targets diabetic patients, on Fortinet's blog, January 31, 2020

2019:

• A Mobile Bitcoin Miner? Really?, on Fortinet's blog, February 25, 2019

2018:

• Fortinet Discovers New Android Apps that Mine the Unminable, on Fortinet's blog, October 11, 2019
• An Android Package is no longer a ZIP, on Fortinet's blog, August 23, 2018
• Android/BondPath: a Mature Spyware, on Fortinet's blog, August 23, 2018
• Recent Security Research News, on Fortinet's blog, June 28, 2018
• You Will Fall For This One Day..., on Fortinet's blog, April 9, 2018
• Fortinet at Insomni'hack 2018, on Fortinet's blog, March 28, 2018
• Troopers Day 1, Day 2on Fortinet's blog, March 14-16, 2018
• Into the Implementation of Spectre, on Fortinet's blog, January 17, 2018
• Security Research News in Brief - November 2017 Edition, on Fortinet's blog, January 14, 2018

2017:

• Ph0wn: The 1st CTF of Smart Devices is Over!on Fortinet's blog, December 7, 2017
• Ph0wn: A CTF Dedicated to Smart Devices, on Fortinet's blog, November 27, 2017
• Security Research News in Brief - October 2017 Edition, on Fortinet's blog, November 9, 2017
• Security Research News in Brief - August 2017 Edition, on Fortinet's blog, October 19, 2017
• Blueborne: Technical Insight, on Fortinet's blog, September 19, 2017
• Security Research News in Brief - July 2017 Edition, on Fortinet's blog, September 7, 2017
• Analyzing Android malware using a FortiSandbox, on Fortinet's blog, August 17, 2017
• NSE Experts Academy CTF on Fortinet's blog,July 30, 2017
• SSTIC in a nutshell on Fortinet's blog, July 4, 2017
• Security Research News In Brief - May 2017 edition on Fortinet's blog, June 22, 2017
• Zero patch IoT environment on Fortinet's blog, May 17, 2017
• Security Research News In Brief - April 2017 edition on Fortinet's blog, May 10, 2017
• Security Research News In Brief - March 2017 edition on Fortinet's blog, Mar 24, 2017
• Teardown of a recent variant of Android/Ztorg part 1 and part 2, on Fortinet's blog, Mar 15, 2017
• You don't need to break my heart, on Fortinet's blog, Feb 27, 2017

2016:

• Reading your tracker's battery level with a standard Bluetooth 4.0 USB dongle, on Fortinet's blog, Dec 9, 2016
• Disassembling Linux/Mirai.B!worm on Fortinet's blog, Dec 8, 2016
• Hackathon Sophia Antipolis 2016, on Fortinet's blog, Nov 29, 2016
• DefCamp 2016, on Fortinet's blog, Nov 18, 2016
• Where I nearly won a connected coffee machine at DefCamp 2016, on Fortinet's blog, Nov 17, 2016
• IoT-based Linux/Mirai: Frequently Asked Questions, on Fortinet's blog, Oct 31, 2016
• Hack.Lu 2016 Wrap Up on Fortinet's blog, Oct 25, 2016
• IoT malware are coming. Will you listen to me know?, on Fortinet's blog, Oct 24, 2016
• Pebble Smartwatch Talk at Virus Bulletin 2016, on Fortinet's blog, Oct 14, 2016
• Risks or not behing Pokémon GO, on Fortinet's blog, August 11, 2016
• Pokémon GO Plus review through reverse engineering, on Fortinet's blog, August 11, 2016
• Android adware trying to deceive the analyst, on Fortinet's blog, May 20, 2016
• Your Gossip Is Public, on Fortinet's blog, April 22, 2016
• WhatsApp vs Telegram, on Fortinet's blog, April 15, 2016
• Insomni'hack 2016, on Fortinet's blog, March 25, 2016
• Bad Mirror: New Android Malware family spotted by SherlockDroid, on Fortinet's blog, March 7, 2016

2015:

• Hacktivity 2015 on Fortinet's blog October 14, 2015
• CryptoGirl on StageFright: A Detailed Explanation on Fortinet's blog August 25, 2015
• StageFright, Telegram Stage-Left & WhatsApp Stage-Right on Fortinet's blog August 14, 2015
• Locker, an Android ransomware full of surprises on Fortinet's blogAugust 11, 2015
• Want Everybody to Know You're Flirting? This App is For You! on Fortinet's blog July 25, 2015
• Insurance Fraud via Internet of Thingson Fortinet's blogJuly 9, 2015
• Nuit du Hack 2k15 on Fortinet's blog June 25, 2015
• Hack in Paris 2015 on Fortinet's blog June 24, 2015
• Android Security Report in Far Less Than 44 Pages on Fortinet's blog April 17, 2015
• InsomniDroid Part 2: Write Up on Fortinet's blog April 4, 2015
• Insomni'Hack iOS challenges on Fortinet's blog March 26, 2015
• Insomni'hack CTF write up on Fortinet's blog March 25, 2015
• Insomni'hack 2015 on Fortinet's blog March 23, 2015
• Investigating on PawnStorm for iPhone on Fortinet's blog February 13, 2015
• Aggressive Riskware Installation on Amazon Kindle (and Android)on Fortinet's blog January 12, 2015

2014:

• Inside Hack.Lu 2014, on Fortinet's blog November 10, 2014
• Android Emmental, Adding Cheese in Emmental Holes, on Fortinet's blog October 30, 2014
• Inside BlackHat Europe 2014, on Fortinet's blog October 29, 2014
• 0wning Emmental, on Fortinet's blog October 20, 2014
• Android Packers Talk at Hacktivity, on Fortinet's blog October 9, 2014
• My Day Unbricking a Friend's Phone, on Fortinet's blog September 17, 2014
• Want everybody to know you're flirting? this app is for you!, on Fortinet's blog July 25, 2014
• Clean for the phone, but not clean in the code, on Fortinet's blog July 7, 2014
• iOS Malware Does Exist on Fortinet's blog, June 9, 2014
• AngeCryption at Insomni'Hack on Fortinet's blog, March 31, 2014
• Mobile Advertisement Serving Fake Anti-Virus and App Over Billing on Spanish newspaper on Fortinet's blog, March 14, 2014
• New Drive By Download Android Malware on Fortinet's blog, February 17, 2014
• Malware or Spam Campaign on Internet of Things on Fortinet's blog, January 27, 2014

2013:

• Sophisticated DEX obfuscation or Proguard configuration issue? on Fortinet's blog, December 16, 2013
• RATP Android Application Privacy: Status on Fortinet's blog, December 2, 2013
• Alligator at GreHack on Fortinet's blog, November 14, 2013
• Hack.lu Capture The Flag (CTF) - RoboAuth on Fortinet's blog, October 29, 2013
• Hacktivity 2013: Keynotes on Fortinet's blog, October 17, 2013
• VB 2013 - Day 3 on Fortinet's blog, October 14, 2013
• VB 2013 - Day 2 on Fortinet's blog, October 11, 2013
• VB 2013 - Day 1 on Fortinet's blog, October 10, 2013
• iPhone 5S: Inside the Secure Enclave on Fortinet's blog, September 16, 2013
• NSA's (and GCHQ) Decryption Capabilities: Truth and Lies on Fortinet's blog, September 6, 2013
• Alligator detects GPS leaking adware on Fortinet's blog, August 2, 2013
• Mobile Malware Gets in the Top 10 Viruses on Fortinet's blog, July 29, 2013
• Millions of SIM cards vulnerable to remote compromise on Fortinet's blog, July 24, 2013
• Don't Send Your SMS Scam to an AntiVirus Analyst on Fortinet's blog, July 17, 2013
• I am Datarmined to secure my Facebook posts on Fortinet's blog, July 8, 2013
• An Anti-Virus Analyst's Day (or Hour) into Firefox OS on Fortinet's blog, June 20, 2013
• NSA Has Large Disks on Fortinet's blog, June 10, 2013
• 11M for a simple conference program application on Fortinet's blog, May 27, 2013
• 1,000 malicious Android samples per day on Fortinet's blog, May 13, 2013
• Finding Similarities and Differences at DEX level on Fortinet's blog, May 6, 2013

2012:

• EuroGrabber is Zitmo on FortiGuard's blog, December 7, 2012
• Hashdays Android Challenge: the Solution on FortiGuard's blog, November 23, 2012
• Hashdays Arduino Badge on FortiGuard's blog, November 9, 2012
• Hashdays 2012 wrap-up on FortiGuard's blog, November 7, 2012
• Advanced Tools for Android Reverse Engineering on FortiGuard's blog, November 5, 2012
• Hashdays Android Challenge: Win a FortiGate on FortiGuard's blog, October 29, 2012
• Hashdays challenge by Fortinet to begin on Oct 29, 2012, on FortiGuard's blog, October 23, 2012
• Android/Fakemart's end: authors has been identified on FortiGuard's blog, October 19th, 2012
• Android malware distributed by malicious SMS in France on FortiGuard's blog, September 21st, 2012.
• Making money out of Android/Fakemart on FortiGuard's blog, September 3, 2012.
• Dalvik Executable (DEX) Embedded in another DEX! on FortiGuard's blog, August 23, 2012.
• Android byte-code obfuscation challenge on FortiGuard's blog, July 30th, 2012.
• Controlling Android/Zitmo by SMS commands on FortiGuard's blog, July 21st, 2012
• StarCraft culture to understand Android on FortiGuard's blog, June 19th, 2012
• Tracking Android/Foncy - on FortiGuard's blog, June 6th, 2012.
• Back from EICAR 2012 - on FortiGuard's blog, May 25th, 2012.
• DroidKungFu is getting smarter (hopefully, so am I) - on FortiGuard's blog, May 11th, 2012.
• Mobile Botnets: We Had Told You So - on FortiGuard's blog, April 20th, 2012.

2011:

• Analyzing CarrierIQ's defense - on Fortinet's blog, December 20th, 2011.
• Android/Foncy emanating and propagating in France on Fortinet's blog, December 15, 2011.
• CarrierIQ on Android - FAQon Fortinet's blog, December 13, 2011.
• Levitator: Root on your Android phoneon Fortinet's blog, November 25th, 2011.
• OpenBTS for Mobile Malware Analysis - on Fortinet's blog, November 17th, 2011.
• Symbian malware uses a 91-byte XOR key on Fortinet's blog, November 8th, 2011.
• Clarifying Android/DroidKungFu variants on Fortinet's blog, October 26th, 2011.
• VB 2011 talks, part 3 and end on Fortinet's blog, October 25th, 2011.
• VB 2011 talks, part 2 - on Fortinet's blog, October 18th, 2011.
• VB 2011 talks, part 1 - on Fortinet's blog, October 12th, 2011.
• QR code and mobile malware: it happened! - on Fortinet's blog, October 3rd, 2011.
• Spitmo gets on Android: mini-FAQ - on Fortinet's blog, September 16th, 2011.
• Android/Zitmo: an Update - on Fortinet's blog, July 18, 2011.
• Zitmo hits Android - on Fortinet's blog, July 8, 2011.
• Android/CruseWin carries a malicious kill switch - on Fortinet's blog, July 4, 2011.
• Android/DroidKungFu: attacking from a mobile device? - on Fortinet's blog, June 16, 2011.
• Android/DroidKungFu uses AES encryption - on Fortinet's blog, June 9, 2011.
• Android/Smspacem under the microscope - on Fortinet's blog, May 30, 2011.
• Airpush... pushes the envelope - on Fortinet's blog, May 17, 2011.
• iPhone Tracking - on Fortinet's blog, April 21, 2011.
• Mobile Malware Statistics - on Fortinet's blog, March 28, 2011.
• How Android/Fake10086 selectively blocks SMS - step by step - on Fortinet's blog, March 10, 2011.
• Android/DroidDream uses two vulnerabilities - on Fortinet's blog, March 3, 2011.
• Hacking Mobile Phone Statistics - on Fortinet's blog, March 1, 2011.
• What's new in Zitmo.B? - on Fortinet's blog, February 23, 2011.
• ShmooCon 2011 Debriefing - on Fortinet's blog, February 9, 2011.
• Mobile phishing related to Yxes - on Fortinet's blog, January 12, 2011.

2010:

• Hidden feature in Android spyware - on Fortinet's blog, November 12, 2010.
• Symbian malware and Internet Access Points - on Fortinet's blog, November 4, 2010.
• Zitmo Follow Up: From Spyware to Malware - on Fortinet's blog, September 28, 2010.
• Zeus In The Mobile (Zitmo): Online Banking's Two Factor Authentication Defeated - on Fortinet's blog, September 27, 2010
• You can't judge a book by its cover - on Fortinet's blog, September 7, 2010.
• iPhone 4 / iPad: the Keys Out of Prison - on Fortinet's blog, August 5, 2010.
• Mobile Malware Sends WAP Push SMS - on Fortinet's blog, August 3, 2010.
• Symbian Signed Mobile Malware: One Gang? - on Fortinet's blog, July 29, 2010.
• SymbOS/Album One Step Closer To Mobile Botnets - on Fortinet's blog, July 15, 2010.
• SymbOS/Album Follows the Path of SymbOS/Yxes - on Fortinet's blog, July 8, 2010.
• How to send an SMS - the geeky way - on Fortinet's blog, June 7, 2010.
• EICAR 2010: Presentation Round-Up - on Fortinet's blog, June 4, 2010.
• Airport flight schedule crash (unharmful) - on Fortinet's blog, May 25, 2010.
• WinCE/Terdial or impunity for dialers - on Fortinet's blog, May 17, 2010.
• No, the iPad is NOT hacked - on Fortinet's blog, May 3, 2010.
• Reversing the Symbian Enoriv malware - on Fortinet's blog, April 13th 2010.
• SymbOS/Yxes goes version 2 - on Fortinet's blog, March 4th 2010.
• 10 Predictions for Mobile Malware in 2010 - on Fortinet's blog, January 28th 2010.
• Malicious Transfer of IM3 funds: the Return - on Fortinet's blog, January 26th 2010.

2009 and before:

• Duh's not malicious, dude! - on Fortinet's blog, December 10th 2009.
• Securing your jailbroken iPhone - on Fortinet's blog, December 2nd 2009.
• John Doe's Credentials - on Fortinet's blog, November 16th 2009.
• Targeted Spam: an Unfair Blow to Security - on Fortinet's blog, November 5th 2009.
• When Your Phone Becomes Your Worst Enemy - on Fortinet's blog, October 27th 2009.
• Keep your phone healthy: H1N1 vs. SymbOS/Yxes - on Fortinet's blog, October 13th 2009.
• Transmitter.C is not Yxes.E - on Fortinet's blog, August 26th 2009.
• Symbian Certificates or How SymbOS/Yxes got Signed - on Fortinet's blog, August 4th 2009.
• SymbOS/Yxes or downloading customized content - on Fortinet's blog, July 21st 2009.
• Detecting spyware for iPhones - on Fortinet's blog, July 16th 2009.
• 'Friendly' spam: A trick for managing unwanted emails from family, friends - on Fortinet's blog, June 25 2009.
• June 9th, 2009, Trash CRC32
• April 21, 2009, 2D Codes: Lowering the "bar" for mobile threats ?
• April 13, 2009, Attacking stamps for fun and profit ?
• March 9, 2009, Flocker virus writer's name found via Google? Or privacy issue?
• February 23, 2009, A cryptographer's eye on antivirus analysis

Challenges

I am the lead organizer of Ph0wn CTF, a CTF dedicated to smart devices. The first edition was in 2017. The fourth edition will take place in 2020.

I designed a few crackme if you feel like trying:

• Hashdays 2012 Android Challenge: [APK] [blog post 1 and blog post 2] [Solution]
• Insomni'hack 2012 CTF: [APK] [Solution]
• Basic Firefox OS CrackMe

I also designed some challenges for GreHack 2018 and 2019, THCon 2021... I am in the pic0wn CTF team. This is a very small team, but it's fun :)

• Hack.lu CTF 2020: 81
• Insomni'hack CTF 2019: 23 (with mushd00m team)
• Hack.lu CTF 2018: 49
• Insomni'hack CTF 2017: 56
• Vulnerability identified at the IoT Village competition in DefCamp 2016 (to my knowledge, only 3 were identified by all competitors)
• Hack.lu CTF 2015: 83 (6th local team)
• SSTIC 2015: 3rd in 0-Rulez and our solution was mentioned as the most original ;)
• Insomni'hack CTF 2015: 30
• Hack.lu CTF 2014: 161 (5th 'local' team)
• Hack.lu CTF 2013: 97 (6th 'local' team)
• ... a long time ago (2003) challenge SecuriTech: 42

Podcasts

• Sécurité des objets connectés sur NoLimitSecu, October 30, 2016. In French.

Memberships

I am/was member of the Program Committee for:

• Nullcon since 2018
• GreHack 2016 - 2018, 2020. I was PC co-chair of GreHack 2019.
• Virus Bulletin conference 2016 - 2021 reviewer
• Virus Bulletin Advisory Board since 2018
• WiSec 2014 posters
• the Security Topic at LSM 2005. [Slides]
• IEEE ClusterSec'06 Workshop

Android Security Acknowledgements in 2014.

Patents

I'm the inventor (or co-inventor) of those patents:

• 2001 Data integrity check method using cumulative hash function [10/034706]
• 2001 Upgradeable time stamp mechanism [10/027341]
• 2001 Virtual worm method and system [10/034,055]
• 2001 Method and system for providing a secure time reference in a worm [10/034709]
• 2002 Method and system for timestamped virtual worm in a SAN [10/202,067]
• 2002 Secure E-mail Timestamping [10/184477]
• 2003 Method and computer system operated software application for digital signature [10/740484]
• 2005 Method and system for managing electronic data content [WO2007074232]
• 2005 Procédé et système d'analyse de page [FR2895817]
• 2005 Method for creating a secure counter on an on-board computer system comprising a chip card [WO2007080289]
• 2005 Method for authenticating applications of a computer system [WO2007077362]
• 2006 Système et procédé de sécurisation de données [WO/2008/037895]
• 2006 Systèmes electroniques sécurisés, procédés de sécurisation et utilisations de tels systèmes [WO2008096076]
• 2008 Procédé de vérification de l'intégralité d'une mémoire EEPROM [FR2933791]
• 2016 Augmented reality visualization device for network security [US20180077200A1]
• 2019 - US2019/

Public key

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.4.11 (GNU/Linux)

mQELBEIJLssBCADqAloR2Ad88AiN9K/lqu3Vbs4sWTg9OctRejFmhfr3igbm1IID
QEZ14iKQ7sis7hurxYTURzxI1gKHpE85C231SZTMfWsu210YWtsg4OAlGPcHluYP
aBrBPreipr2Zan+VBTbOJ9+j1RVIyfAM5kfNuFlTrTHbksLirphZZllnEhm2Bk6E
wDQQbVs1f5oQa7Jt6gd01+MWx2fWe4Ramf1SFfrUcq4SBCgod6Js5PxW+qG9iGNC
1j/3yyGqCiZia6KYKuBD1vVwodUmmLLNSK4Rddcm/7yM7HcMbqYLWWDF8g/hjVEG
n7+/J8tHxEUCbdNKV7H/a7I4QmFZTKCCvGv1AAYptD9BeGVsbGUgQXB2cmlsbGUg
KFBlcnNvbmFsIEdudVBHIGtleSkgPGF4ZWxsZV9hcHZyaWxsZUB5YWhvby5mcj6J
ATEEEwECABsFAkIJLssGCwkIBwMCAxUCAwMWAgECHgECF4AACgkQYo6iZgEZdl6x
CwgAg65NLMcMmme7790AsEB89U7JuRw3uXrcG0Idp2+XflQRGF+wa9+NYi8M0B6v
dlINMRghMZ+BpYA81Dh9G8EamYd6aZifXN4uFyoHBMOYpz2TBQE94pMTJNDW2u+V
HaKPgiJhbd4s4oQqO0y/lpqdmDkS2ewNI4NYteL6+00ZTY+4bJeGHDVbhzlLLkni
DPuMocxIclfXUPMChiSu+RFXN1bQygnOkezozU0wvGdks08m1KDUOGYO7+dxDdNq
qYICjhbX+i2jEobiV8CuKVnTMj6MBHLp7rt2ikV55COQiRpDW+hmqc/6bKk8Cp9y
n+L+yQ9+0bxnkBoY3UqwgwsEcIkBHAQTAQIABgUCQgoZqQAKCRBO3R1vynOXk8M6
B/0bs5xIrv9kSrzl873MVMYkGfgxlzd3prCk3X09SJ98G//f46O+aQYOhqpqYKgb
7rup6vb3qHfnXEeR1mmgOjYNO9Q+Z4cRhBIoo0HnNl0HhLMO0ZHC33CTw5pzRsJS
I7ZLTnvlUZ+gjuUDjubEnUvTUrtUorX5tUMb4VCV5OyOto7Zb5NsflF4m+8cseo3
BCaNYsr7QG+QqOkvp2aZfmzXwJhgF2FTm2vdyDtdzg/+y7x3S+zL8fYzd1jMc99Z
zcTwQOTJVRgRmDbv/lF2wMbcp9UKEbIfUgpJJGUmvAzZIVA0EWl9rWFQqjng38p6
g+wdjpl9a+ZqRWQVtcw92Tqn0cvUy9IBEAABAQAAAAAAAAAAAAAAAP/Y/+AAEEpG
SUYAAQEBAEcARwAA/+EAFkV4aWYAAE1NACoAAAAIAAAAAAAA/9sAQwAFAwQEBAMF
BAQEBQUFBgcMCAcHBwcPCwsJDBEPEhIRDxERExYcFxMUGhURERghGBodHR8fHxMX
IiQiHiQcHh8e/9sAQwEFBQUHBgcOCAgOHhQRFB4eHh4eHh4eHh4eHh4eHh4eHh4e
Hh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4e/8AAEQgAjwBvAwEiAAIRAQMR
Af/EABwAAAEFAQEBAAAAAAAAAAAAAAMCBAUGBwABCP/EADoQAAIABQIDBAcGBgMB
AAAAAAIDAAQFEiITMgEGQiNSYnIHERQzgpKiFSEkMcLwQWNxc9LyNENhsv/EABoB
AAIDAQEAAAAAAAAAAAAAAAACAwQFAQb/xAAoEQACAgEDAwQBBQAAAAAAAAAAAgMS
BBMiUhQjMgEFEUJiMTNBYfD/2gAMAwEAAhEDEQA/AExxFcu2Eky0vixjsrroYUUO
XTuhXdxgeW6DKK4tsBwTaXwxxY29MEtxy2wol3FdaUB0GK/FCrSxGCCNowol247r
oDgG0h6cfF1RxCV2OMEasS3DcUDyygATbaP+UdkPmhVuXdjiG4tsAAbRtES2xxCV
vigxB4YS0DLZb6+qABrcLCIrYII94oGF27q7sEG0ihTpxWr2ljDf2q52mOowv5Y3
Q4aVwkVuIjHDcpy2LWSRcsWabNw49UZ+blyQrtBl7dgiGiRWkVrO6UPFDd/lDN6l
tESLFm4SGFC2YWVuiLLeocYhxvdo5F7m1iFZOQ6xJm7KOtGG4vmBL/j/AFRwtcWJ
S/1Ra6/H5DWUcW/6wMjSv3kwhZd3UygZLmH4jiJdMEbLLUkR0xuinJ7rGrVjFaTi
DE9UuzcJeUoII+WFIYsiYtZCWiWmWPVbd+qFWl826NaBrLYmbaJaI3bsu7CbRt+/
b0wTSISIrvqgZ3ceBDd1RIcI8SJg44wZQ5QESIh3dXVBB95uhTobG7L6oG8ZgmCT
MliNowZREQw+0hIRHpjH92krGu0VmatRiJLLcy3p2wZTZe63Uh0MssiErcocKlk2
jcPzR5/tsQDHVl7veDChZLkWLlxJFIy57tOBlSJcu78sGnHyE3DUSSP/AGDAZpgs
HErih82iy/SQw1bRcsWMHylDRRxq1rBb8RIjcIlHEOVpEMD+z5xXu5gi/uZQNTJp
TLWJu8Qx6aDPhrX9CZZFYMQ3DChG3Hp8scNpLhRCQjjjGgSkOgbh7sGERIdsBQJL
tuyh0OTOkoDrChxX0lExSpEppPZsESHvdUQ4423DE9y00riIchu3RR9xVWj3FiCN
WbcOCpVQEbhSt3lK2EjLTi91PZ8OUWqWO8Ryu+GHFvVpjb5YwWxI2+pI2JGUki0/
eS7xL+2UKF6brbiEvLF0JQkO2G75WXZuWsi8QwvRKL0S8iqi1cKFq9uMWApSXXd+
HX8ow3eqmkWUqsYj6ReQdFxYh9Ue8MBe2XESIu0YOQiMShDJhkmVX8UNZ7RFJYrW
RCUdixVtUOgqtmYr4iQry3FcVowQOPqH1ld98cJXRx3EWQ4x7GJarUqkOgsR7pfT
DoRtx/1gcsN1o7rRicGisZSZeeSwi1XaZLt2/u2GVQIcR823uw6p72SjiIfdluGO
nECp2nut/wDrq+q6G5ERdWMQyxrItWJI2ZWspfKLUJd68WEReGJi5dvvPmGMlbV5
ORymJxCSEsbmRoXJM8mtU/Ul54XMErSG6MuTHaPxLitYlryG3tIG1veg05LMlUk6
YHTFe4iIYCiRKbG5YkQljcNsV2WRfqTLXkNXvWVwxHvt3WldDzmOlOptPZOMmEWr
yISK0oqv2my20mDAuJK31JNaJSa1UrWRF0xB1CZJriK7GBvaxvvCx80D27bY0MLC
02sxRycnU2qex40rer5o7qESjj3RqlIj5Zmkxbkl2iyEhi/UyeT9jsWlYpYwtRiW
D7siyx8MRPKdFXo+2TBCwSxFfdit88U2vNqEnMUlb5payFbvEIjcXd8Xyx1o2WM5
+41VGfP/ADjTae4peTX7VOF7zujbtuLvRnczWuYK07RW4lrItqezEfijbJblCkql
WM+z1+0OXuYvIWEOWUZ7VeWagK5quUcWex3EQpYOLhHEiHuxTkWRlsppYzRr5ELS
qVLyfbOtmHd4umNQ9C04sK0ynutJcykht8Q5D+qM7pE2moJuXaLB3L7pRYOU5sqf
zNIzA3dm4cfijNWTubjRkjtG3oXj081N1P5JZT8nLm+zWJFkNuX6YnvQ7IzVM9H9
NWUwt2usWDbkQ3DGU+m6vlU+cmSosFknIYrEdpF1FGoUWvJpnopk6lLsXqaIrSP8
zb9OXyxoMy1MqrbVX7Ff9MFaGcmioa8loL8QXeLu/DGXkielHCylzTE27hJlw/LE
lMtY1zHMYTGEVxMLcRQxnpxMjKlMOIRt/dsZupI0nybGlGsdQiOcZiRmNGqS4kJF
kSxtKLlLTKZtK3JK5bBuEoweZnnTk4xznEWoW7uxono0qTCIpNzLls2+aNKKRl2s
Zc8CstlL59PihN1xbo4cYVaQj0xdM4TJ1WepjJeYYn8GghK0cRIvFFo5Xq5VOkjN
SorJjGZWlday7KI/mNHt1BXSZPTJj1iu5xWkK9xfLFNbTKx6O6SuXk3e0C+aWxjC
6RG7GOtZbcTq1ZeLFw5lmnK5iX7Ol8wy21yUuxISK3b0wmZ5vkZmkzFNkZOZTOEk
kpQ5e0i6fLuhv6Pp6nqlZyYc4VzhMu1GbRG7HL4omH0Zb64mqahS5CWIiI2kNt11
3mgT5ZbKLG3p9vQwvmOi1DlCtJc7IXDczTG0S8sTgsv03JLxCUPPTJWibUJOkz0q
sRUWoTrd3TaPhERiHU3sxt+mMfNVVk2noMRmaPcV2ptYbGE4iJmpkUWqi1qabynJ
0lxfh5ZzGJ+L9lFXq6i+1CER96V1vmGJaW7CXFIliMLM3bryFx4u4zcR4+ZWhetM
MEVjkMUevVNlRmssUr2jD7mOsJ0ylbbiIvliv3FdcUNjQ1WzEkjWaoQcR7sT3LU4
yWmlsErSEror926JClF+IEosN4h/BuUi32mVW7vDBhLK0hhrQyupsuRYiSxxKHnF
YjwHq/8AIuKeffyKHVeap6TryUy9sxOLXqLFmQ3F+rqh9V+b6lzHI6cxLlJsW7U6
iEum2K3ydIjV/SVMLmiIloXku63HHGNeqfL9FVRWS8qS12pItQulhW7vFiULVmXy
GlatVUqPLjVqqkq53aS+oLC+WNKnK5S1yZTUxMCvTXqFa63vW/FiWPljIxIUOXJp
cTNMhuYwbdQYrvN9cl2iUqlbRXcWpawrWFFXFdo1Zf7Dc0irUiefaqNX5onJxbGM
WTLVkwsrYectTxNX7K4u0EcfEMVloCIwqnk5cwtyS7QWbYWddRTeiqql2nkCc8uY
LpXbbEHzDVdC5KbdTvd2E1esaSySkrmENpM7sVu64tRmV3iivHDbcwNJXaoSWlpi
enFpl1lMTDitER6oNPSrqfOOlZgRFyStIbosnLnOzqOlcvT6PTVksbdYk3MZ5iiH
5lqDKq5k85Ircz3lvVFyxCtiNUVw+GJKlW62URcmJEsvNEtSvfCMEniTRmzcudpR
ZO673I7okBxKI/lzKiytpbViMSVnr++78vDFpfEwZPJjK+R6mNP9JU4JFcyZtWtZ
MFYkXiLuxtD1TX2W5zk/jCK3TTaQiRbSy7t1sfM3NhMRWVPSXHhxMR9XHhx2kMWL
k7neoHWZDhUpwilhcN58OHHiXAdv+MR6lVLGnqMpo9ck0oqEnJilkxMEy5jCLIh6
rYunMfK9LqFFYPs6iWxOI7f2UMJiVRVqhJzirkOle0WX3ROzdQBMpwB9xceH58eP
Dhx9UUbbfyJIkkWRrf70Plmqr9mnnS5blsJfywxKZJVwrxIolqyhj6zNt4F6+BuI
uHHj/HKGU1TWCREHHhaJfw+6LCKXGk+owIiIso4IcKpjVERMbcP9IdS9PM/zIeES
iqw1llkJXQqeK5IjEomQMAHjxL1cNvq4R6UhqXCXru/rCDWUipNfYkUS1MUWtqdM
eJlOKRtDhw4xL0mV4sG6y3p/OFZbBqVUvVPnJiUptNGXl2OWy3WtHaNwj+qJKk1X
jOzLOPBZy6xSLVg0bWcLiISuH4R+aGt9SlpaURJrHiHFP38eNv3ZD+m6Az87XESn
ErE6nEw9XAePqx9R+v8ATFpfExZNzH//2YkBNAQTAQIAHgUCQgocGQIbDwYLCQgH
AwIDFQIDAxYCAQIeAQIXgAAKCRBijqJmARl2XsUKCACnsoy4/Y4walQ+qH4/Ults
o8VwwU81Tx7LNWlRU2yPSefxZkwUrQTeHIPMvAIPCq80MzPvIGxcJOEegX85EpyG
ksG0iclJodB0JIZLS0tdVfe2MUtqsUeQZDA4Zkg1UJRbNUReTqqRTpsFdwxpx1bv
i7SZ1d8Xahz3NhG87eNxVCH1qXkgeDxV57mhzFiOOf24Zblz27JUKv+j0QlbDOgI
SkmDgzqR5+GHbfc1VJf7EauDqBP8OkdpnqaQdtMW3RDYLJKN7oLYEkCboSC3qPgu
cKrihDL87IXJ/aKNY2hxVoIghuwBObXwdMStZleI0O9vmWNxbEuXRm0mS7SvfJfa
iQEcBBMBAgAGBQJCChzqAAoJEE7dHW/Kc5eTLxgH/A2oYBhevhN45L5uSmvWL9ax
HUKIETo3A3GTa5wCC5mntgQ3sv6eal1qhUJbgZ+itkN+Yk7V8Gfs0jtnMrOZ6jY3
OQSmv+g4RUpsqM9Vj0nhPv0QZ+ch2quj2p8N8NJZSVZHm7Hmg89q2714fWK67T3g
LLdgXgkJRA19R6G+FEeQqajcvH3G6j61hML/rH/4c2W91sjCuE800l0uMi7qJVRk
A2p/iQMtwHQiiWNi4Q4giPHad41FoC4HZzgUizo7YdW+pFDmCBR5YVoBDW3KJaXW
7sw0lVJz2CvHvZ5+w+8/4nMdEVohCoLVFArNjYWTkzLd/eXYyFajf/XhZOEiL060
K0F4ZWxsZSBBcHZyaWxsZSA8YXhlbGxlLmFwdnJpbGxlQGdtYWlsLmNvbT6JATYE
EwECACAFAkbqd5ACGw8GCwkIBwMCBBUCCAMEFgIDAQIeAQIXgAAKCRBijqJmARl2
XpA8B/oCLxx244LhGaUebu++XxsdJ3cQhUQupz9SyKzsX+Ggcu5/HsrcaRg6Iv+Y
fi0LTLTqKuP8mFqFI4q8hPHByQEhKUBpuLfz9NAEpv9LijkBn8Dvqr2TzTOivOhP
bhslWTp1inJ5N5B1HHn8N0yWKqTCFySPYRvDwdHFLW6igT4eN9OcuQfDWJpL9+4Z
uYQJGWzTevo5Avt0uj7ZvqFr8RZPsSE+912Yd1ctZkzHmcwrENr7hEGC0OGijd5m
RO3tvV99wWKY7qEEYNzXDlucPWQcaUPOPch5uYb6JVbet0E59eA7f244CnLws1iQ
xxE87E93VYbvzG3kPEPIhKYB0bXMtClBeGVsbGUgQXB2cmlsbGUgPGF4ZWxsZUBw
cml2YXRkZW1haWwubmV0PokBOAQTAQIAIgUCUjyw3gIbDwYLCQgHAwIGFQgCCQoL
BBYCAwECHgECF4AACgkQYo6iZgEZdl6IVAf/YicmzU9udI4RWepbjMnx+D9yPbAP
UBUlY6JGy9yLw8/OJPW7DComUy/qoD0hzd3zpWlyW2Jit3WwUowj99OSuicLEEp9
52yDbmFgt0+NoHowlbQJ+7jDgzr6wiJY1V3eoCTCblI2MpiucsrLs/opwCDegnsz
gTJf3MohrCy4PUki0tWhcL2jWG11nuIppUQ6w+hHZEzxwhvBHzAKVv2Mxm8eBDGK
+mzUmIoDof5wWZ5WLNFcp/t266HE4yvgYFFCaPkDO1WRB/lOb/vAWZGMf2YN0qKU
BAnjInoHzdCCfneJkZzRkLHokJAk5WNXw2rx84E2LLZ9U5TuHZzXTSvZW7QeQXhl
bGxlIEFwdnJpbGxlIDxhYXB2QGdteC5jb20+iQE4BBMBAgAiBQJSjO2PAhsPBgsJ
CAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRBijqJmARl2XvuHB/9nRU6pC3wx9yaX
iNc2kQ8P8cZBXDmQ9xpuy0fHzzBkLr2xVOD7i0IOdU+mjuNpBqZC8qUQlHN1xt7g
c03mDK2FXO98/FJZOe6rHGClJvR93OAqwyWJf7q30vw5hO/wjeVOkA+3q95La/Ly
ituLsiRhVW/ZapkqLuWhPFqCFgySNhrXrEa4AqJ+FkljclwOnjHuama/ho/eGL9s
4Uzzqb+yuuopuK1J0o78CCDbWgY9YreTPATUuC3YCDTtIpRtH9VP80Tnm/kEcel+
tYcGwsp2tmOROgG8GgLOcEa7BVF/ehD+aV6FiJDB9yPWyLT/l+a1+bHt8YfyUsLy
EYl6Ek1h
=HAlk
-----END PGP PUBLIC KEY BLOCK-----