Latest News
I gave my last talk for 2020 at BotConf.
Industrial, hacking conferences
This section concerns non-academic conferences. Usually, peer-review is more limited, submission of an abstract, bio, demo, video, slides...Sometimes very technical!
- A. Apvrille, Building and maintaining a honeypot for medical devices, BotConf (online), December 2020. [slides] [video]
- A. Apvrille, Malware and Cybercrime in Medical IoT, CCCC (online), September 14, 2020
- A. Apvrille, T. Goodspeed, Pique curiosity, not diabetic fingers, Pass The Salt, July 2020 (virtual edition), [slides], or in French Capteur de glycémie connecté : les interdits at Barbhack August 2020, or in French Hacking de capteur de glycémie connecté at UYBHYS (online) November 2020 [youtube (starts at 54'45)]
- A. Apvrille, Medical malware on Android, SecSea, June 2020 (virtual edition), [video] and Nullcon Webinar, August 2020 [video] and NoHat November 2020 [video] . All talks are on the same topic but with different samples analyzed as demo.
- A. Apvrille, Hacking a Smart Coffee Machine, Insomni'hack, Geneva, Switzerland (cancelled due to COVID-19), and BSides Munich (online due to COVID-19) in August 2020 [video] [slides] [tech report]
- A. Apvrille, T. Goodspeed, A. Lakhani, Malware, Cybercrime and Vulnerabilities for Diabetic Patients, Troopers, Heidelberg, Germany, March 2020, conference canceled due to COVID-19
- A. Lakhani, A. Apvrille, Bringing Down the Empire: The Internet of Medical Things RSA, San Francisco, USA, February 2020, [slides]
- A. Apvrille, T. Goodspeed, The inner guts of a connected glucose sensor for diabetes, BlackAlps, Yverdon-les-Bains, Switzerland, November 2019. [video] [slides] [GitHub]
- A. Apvrille, Smartphone apps: let's talk about privacy, Hack.Lu, Luxembourg, October 2019. [video]
- A. Apvrille, A. Lakhani, Medical IoT for diabetes and cybercrime, Virus Bulletin, London, UK, October 2019. [paper]
- A. Apvrille, Cryptocurrency mobile malware, BlackAlps, Yverdon-les-Bains, Switzerland, November 2018 [slides]. Updated in Abusing cryptocurrencies on Android smartphone, Insomni'hack, Geneva, March 2019, [slides] [video] and Sthack, Bordeaux, June 2019
- A. Apvrille, Junior CTF, Lightning Talk at Hack.Lu, Luxembourg, October 2018, [video] [slides]
- A. Apvrille, Are there Spectre-based malware on your Android smartphone? Pass The Salt, Lille, France, July 2018, [slides] [video]
- A. Apvrille, P. Paget Ph0wn smart devices CTF: Behind the Scenes, Insomni'hack, Geneva, Switzerland, March 2018, [video]
- A. Apvrille, Is my toothbrush really smart?, Troopers, Heidelberg, Germany, March 2018, [slides]
- A. Apvrille, Android Reverse Engineering Tools: not the usual suspects, Virus Bulletin Conference, Madrid, Spain, October 2017 [slides]
- A. Apvrille, Infecting Internet of Things, DefCamp, Bucharest, Romania, November 2016 [slides]
- A. Apvrille, Mobile Applications: a Backdoor into Internet of Things?, Virus Bulletin Conference, Denver, USA, October 2016 [slides]
- A. Apvrille, Reversing Internet of Things from mobile applications, Insomni'hack, Geneva, March 2016 [slides] and Area 41, Zurich, June 2016 [slides] [video].
- A. Apvrille, Geek usages for your Fitbit Flex tracker Hack.lu, Luxemburg, October 2015 [slides]
- A. Apvrille, Criminal Profiling: Android Malware, Nuit du Hack, Paris, June 20, 2015, [slides]
- A. Apvrille, Fitness Tracker: Hack in Progress, Hack in Paris, Paris, June 18-19, 2015, [slides] and Hacktivity [slides] (October 2015)
- A. Apvrille, Pawn Storm: What's Up on iOS devices?, Insomni'hack, Geneva, March 2015, [slides]
- A. Apvrille, L. Apvrille, SherlockDroid: an Inspector for Android Marketplaces, Hack.Lu, Luxembourg, October 21-24 2014, [paper] [slides]
- A. Apvrille, A. Albertini, Hide Android Applications in Images, BlackHat Europe, Amsterdam, NL, October 2014, 16-17 [paper] [slides]
- A. Apvrille, R. Nigam, Obfuscation in Android malware and how to fight back, 8th International CARO Workshop, May 15-16, Florida, USA.
- L. Apvrille, A. Apvrille, Pre-filtering Mobile Malware with Heuristic Techniques, GreHack, Grenoble, France, November 2013 [paper] [slides]
- A. Apvrille, Playing Hide and Seek with Dalvik Executables, Hacktivity, Budapest, Hungary, October 2013 - also presented at Hack.Lu, Luxembourg, October 2013, updated at Insomni'Hack in March 2014 [InsomniHack slides][Hack.lu slides][paper]
- K. de Pontevès, A. Apvrille, Analysis of Android In-App Advertisement Kits, Virus Bulletin Conference, pp. 133-138, Berlin, Germany, October 2013. [slides]
- A. Apvrille, Guns and Smoke to Defeat Mobile Malware, Hashdays, Lucerne, Switzerland, November 2-3 2012.
This is a "Sponsor Talk" (though I do not really talk about Fortinet) [slides] - A. Apvrille, G. Lovet, An Attacker's Day into Virology: Human vs Computer, BlackHat Europe, Amsterdam, The Netherlands, March 14-16 2012, [paper] [slides]
- A. Apvrille, Android Reverse Engineering Tools, Insomni'Hack 2012, Geneva, Switzerland, March 2, 2012 [slides]
- A. Apvrille, Cryptography for Mobile Malware Obfuscation, RSA Europe, London, UK, October 2011. [paper] [demo video]
- A. Apvrille, An OpenBTS GSM Replication Jail for Mobile Malware, Virus Bulletin Conference, pp. 86-94, Barcelona, Spain, October 2011. [paper][slides][demo video]. Copyright is held by Virus Bulletin Ltd but made available on this site for personal use free of charge by permission of Virus Bulletin
- A. Apvrille, Mobile Malware in Practice, Insomni'Hack 2011, Geneva, Switzerland, March 4, 2011, [slides]
- A. Apvrille, K. Yang, Defeating mTANs for profit, ShmooCon 2011, Washington DC, USA, January 28-30 2011, [slides]
- A. Apvrille, The Four Horsemen, 7th CONFidence 2010 conference, Krakow, Poland, May 24-26, 2010 [slides]
Academic, Peer-Reviewed Conferences
- A. Apvrille, Ingénierie inverse d'une brosse à dents connectée, Symposium sur la sécurité des technologies de l'information et des communications (SSTIC), Rennes, 7-9 juin 2017 [paper][video] (in French)
- L. Apvrille, A. Apvrille, Identifying Unknown Android Malware with Feature Extractions and Classification Techniques, IEEE TrustCom, Helsinki, Finland, 20-22 August 2015 [see here]
- A. Apvrille, T. Strazzere, Reducing the Window of Opportunity for Android Malware, in Proceedings of the 21st EICAR Annual Conference, pp. 131-149, Lisbon, Portugal, May 7-8, 2012 [paper] [slides].
- A. Apvrille, J. Zhang, Four Malware and a Funeral, in Proceedings of 5th Conf. on Network Architectures and Information Systems Security (SAR-SSI), Menton, France, May 18-21, 2010.
- A. Apvrille, Symbian Worm Yxes: Towards Mobile Botnets?, in Proceedings of the 19th EICAR Annual Conference, pp. 31-54, Paris, France, May 8-11, 2010 (Best Paper Award) [paper][slides]
- L. Apvrille, P. de Saqui-Sannes, A. Apvrille, Une méthodologie de conception des systèmes distribués basée sur UML, Actes de la 5ème conférence sur les nouvelles technologies de la répartition (NOTERE'05), p 217-214, Gatineau, QC, Canada, 29 août - 1er septembre 2005.
- A. Apvrille, D. Gordon, S. Hallyn, M. Pourzandi, V. Roy, DigSig: Runtime Authentication of Binaries at the Kernel Level, in the Proceedings of the 18th Large Installation System Administration Conference (LISA'04), pp. 59-66, Atlanta, November 14-19 2004 [Link].
- M. Pourzandi, A. Apvrille, E. Gingras, A. Medenou, D. Gordon, Distributed Access Control for Carrier Class Clusters, Parallel and Distributed Processing Techniques and Applications (PDPTA'03) conference, Las Vegas, June 2003.
- A. Apvrille, J. Hughes, V. Girier,Streamed or Detached Triple Integrity for a Time Stamped Secure Storage System, First International IEEE Security in Storage Workshop (SISW'2002), Greenbelt, Maryland, USA, December 2002, [pdf]
- A. Apvrille, V. Girier, XML Security Time Stamping Protocol, Information Security Solutions Europe conference (ISSE'02), Paris, October 2002, [pdf].
- A. Apvrille, J. Hughes, A Time Stamped Virtual WORM System, SEcurité de la Communication ur Internet workshop (SECI'02), Tunis, Tunisia, September 2002, [pdf].
Peer-Reviewed Journals
- A. Apvrille, L .Apvrille, SherlockDroid: a Research Assistant to Spot Unknown Malware in Android Marketplaces, Journal in Computer Virology and Hacking Techniques, vol. 11, no. 39, pages 1-11, 2015. [paper]. The final publication is available at Springer via DOI: [http://dx.doi.org/10.1007/s11416-015-0245-z]
- A. Apvrille, T. Strazzere, Reducing the window of opportunity for Android malware Gotta catch'em all, Journal in Computer Virology, 2012, DOI: 10.1007/s11416-012-0162-3
- A. Apvrille, Symbian worm Yxes: towards mobile botnets?, Journal in Computer Virology, 2012, DOI: 10.1007/s11416-012-0163-2
- L. Apvrille, P. de Saqui-Sannes, R. Pacalet et A. Apvrille, Un environnement de conception de systèmes distribués basé sur UML, Annals of Telecommunications, Vol. 61, n 11/12, pp. 1347-1368, Nov. 2006 [Abstract]
- A. Apvrille, M. Pourzandi, Secure Software Development by Example, IEEE Security & Privacy, vol. 3, no. 4, July/August, 2005, pp. 10-17. [Link]
- A. Apvrille, M. Pourzandi, XML Distributed Security Policy for Clusters, Computers & Security Journal (COSE91), Elsevier, vol. 23, no. 8, pp 649-658, December 2004 - [Abstract]
Workshop, trainings
Those are trainings I gave.- Junior CTF Install Party, Hack.Lu, October 2019. [slides]
- Android reverse engineering, Hack.Lu, October 2018: advanced [online]
- Android malware reverse engineering for the Brave, Virus Bulletin, October 2018: 1h30 with 2 tracks: beginners & advanced
- Hello, Android Malware Reversing! GreHack, November 2017: 2 hours, for beginners
- Say hello to Android malware reverse engineering XVeme Nuit du Hack, June 2017: 2 hours, for beginners
- Android malware reverse engineering, Insomni'hack, March 2017: 5 hours [slides]
- Android malware reverse engineering, Hack.lu, Luxembourg, October 2016: 3 hours [slides]
Technical magazines
- A. Apvrille, Piloter sa cafetière connectée, Hackable, numéro 33, April-June 2020 (in French) [shop]
- T. Goodspeed, A. Apvrille, NFC exploitation with the RF430RFL152 and 'TAL152, PoC || GTFO, 20:03, [Volume]
- A. Apvrille, Rancon sur téléphone mobile : les entrailles d'Android/Koler, MISC, no. 107, January-February 2020 - in French
- A. Apvrille, Analyse de la sécurité d'un capteur de glucose, MISC, no. 106, November-December 2019 - in French
- A. Apvrille, Does Malware Based on Spectre Exist? in Virus Bulletin, July 2018 [link to paper]
- A. Apvrille, Fabriquez votre T-shirt interactif avec un Lilypad Arduino, Hackable magazine, no. 21, p. 26, November-December 2017
- A. Apvrille, Rétrop-ingénierie d'applications Android avec Androguard, MISC, no. 92, July 2017, [link to paper] - in French
- A. Apvrille, Les objets connectés peuvent-ils être infectés? MISC - Hors Série numéro 15 : Sécurité des objets connectés, pp. 88 - 103, Mai 2017
- A. Apvrille, Analyse de la sécurité d'un bracelet sportif, MISC numéro 87, p. 76, Septembre-Octobre 2016
- A. Apvrille, L. Apvrille, Ventilation contrôlée par des framboises, Hackable magazine, no.11, p.32, Mars-Avril 2016
- A. Apvrille, L. Apvrille, Contrôler sa chaudière à distance avec un Raspberry Pi, Hackable magazine, no.8, p.60, Septembre-Octobre 2015
- A. Apvrille, Inside the iOS/AdThief malware, Virus Bulletin, August 2014 [pdf].
- A. Apvrille, R. Nigam, Obfuscation in Android malware and how to fight back, Virus Bulletin, July 2014 [pdf]. This was also presented at the 8th International CARO Workshop, May 15-16, Florida, USA.
- L. Apvrille, A. Apvrille, P. Bogossian, Retour d'expérience sur quelques épreuves de Hack.lu 2013 MISC numéro 73, p.50-86, Mai-Juin 2014
- A. Apvrille, Détenu virus mobile : nous avons les moyens de vous faire parler !, MISC Hors série numéro 5, p. 80, Avril - Mai 2012
- A. Apvrille, K. Yang, Defeating mTANs for Profit - part one, Virus Bulletin, pp. 6-10, March 2011
- A. Apvrille, Le virus Symbian RommWar à la loupe, MISC numéro 46, p.42-49, Novembre - Décembre 2009.
- A. Apvrille, La sécurité des Wikis, MISC numéro 44, p.76-82, Juillet - Août 2009.
- A. Apvrille, Conception et architecture de la bibliothèque cryptographique d'OpenSSL, MISC numéro 32, p.52-60, Juillet - Août 2007.
- A. Apvrille, Protéger les messages applicatifs avec XML Security ou PKCS, MISC numéro 25, Mai - Juin 2006.
- A. Apvrille, D. Gordon, DigSig novelties, Libre Software Meeting, Security Topic, July 4-9 2005 [slides].
- A. Apvrille, Des erreurs dans mon code sécurisé où ca ?! MISC numéros 16-17, Novembre 2004-Janvier 2005.
- A. Apvrille, M. Pourzandi, Trusted Computing in Linux: status, Linux World magazine, Vol. 2, No. 12, December 2004.
- M. Pourzandi, A. Apvrille, Setting up Virtual Security Zones in a Linux Cluster, Linux Journal, issue 126, October 2004 [HTML].
- A. Apvrille, L'ASN.1 par l'exemple dans les certificats X.509, MISC numéro 15, septembre-octobre 2004.
- A. Apvrille, M. Pourzandi, D. Gordon, V. Roy, Stop Malicious Code Execution at Kernel-Level, Linux World magazine, Vol. 2, No. 1, January 2004.
- A. Apvrille, M. Pourzandi, Protéger un réseau de machines distribuées contre un débordement de buffer… d'un seul coup, MISC numéro 7, mai-juin 2003.
Miscellaneous presentations
- A. Apvrille, OpenBTS for dummies v0.5, April 2011 [pdf]
- Programmation sécurisée sous Java: retour d'expérience, RéSIST, Septembre 2002 [slides].
- L'horodatage sécurisé: état de l'art et applications, RéSIST, Juin 2002 [slides].
Blog Posts
2020:- Decrypting strings with a JEB script, December 17, 2020
- Unpacking an Android malware with Dexcalibur and JEB, December 16, 2020
- Customizing your Cowrie honeypot, November 3, 2020
- Into Android Meterpreter and how the malware launches it, part 2, Sept 25, 2020
- Locating the Trojan inside an infected COVID-19 contact tracing app, September 18, 2020
- CnC communication of a fake Aarogya Setup COVID-19 app, August 14, 2020
- Reversing V-Alert COVID-19 Android/BankBot and part 2, May 12, 2020
- Android malware targets diabetic patients, on Fortinet's blog, January 31, 2020
- A Mobile Bitcoin Miner? Really?, on Fortinet's blog, February 25, 2019
- Fortinet Discovers New Android Apps that Mine the Unminable, on Fortinet's blog, October 11, 2019
- An Android Package is no longer a ZIP, on Fortinet's blog, August 23, 2018
- Android/BondPath: a Mature Spyware, on Fortinet's blog, August 23, 2018
- Recent Security Research News, on Fortinet's blog, June 28, 2018
- You Will Fall For This One Day..., on Fortinet's blog, April 9, 2018
- Fortinet at Insomni'hack 2018, on Fortinet's blog, March 28, 2018
- Troopers Day 1, Day 2on Fortinet's blog, March 14-16, 2018
- Into the Implementation of Spectre, on Fortinet's blog, January 17, 2018
- Security Research News in Brief - November 2017 Edition, on Fortinet's blog, January 14, 2018
- Ph0wn: The 1st CTF of Smart Devices is Over!on Fortinet's blog, December 7, 2017
- Ph0wn: A CTF Dedicated to Smart Devices, on Fortinet's blog, November 27, 2017
- Security Research News in Brief - October 2017 Edition, on Fortinet's blog, November 9, 2017
- Security Research News in Brief - August 2017 Edition, on Fortinet's blog, October 19, 2017
- Blueborne: Technical Insight, on Fortinet's blog, September 19, 2017
- Security Research News in Brief - July 2017 Edition, on Fortinet's blog, September 7, 2017
- Analyzing Android malware using a FortiSandbox, on Fortinet's blog, August 17, 2017
- NSE Experts Academy CTF on Fortinet's blog,July 30, 2017
- SSTIC in a nutshell on Fortinet's blog, July 4, 2017
- Security Research News In Brief - May 2017 edition on Fortinet's blog, June 22, 2017
- Zero patch IoT environment on Fortinet's blog, May 17, 2017
- Security Research News In Brief - April 2017 edition on Fortinet's blog, May 10, 2017
- Security Research News In Brief - March 2017 edition on Fortinet's blog, Mar 24, 2017
- Teardown of a recent variant of Android/Ztorg part 1 and part 2, on Fortinet's blog, Mar 15, 2017
- You don't need to break my heart, on Fortinet's blog, Feb 27, 2017
- Reading your tracker's battery level with a standard Bluetooth 4.0 USB dongle, on Fortinet's blog, Dec 9, 2016
- Disassembling Linux/Mirai.B!worm on Fortinet's blog, Dec 8, 2016
- Hackathon Sophia Antipolis 2016, on Fortinet's blog, Nov 29, 2016
- DefCamp 2016, on Fortinet's blog, Nov 18, 2016
- Where I nearly won a connected coffee machine at DefCamp 2016, on Fortinet's blog, Nov 17, 2016
- IoT-based Linux/Mirai: Frequently Asked Questions, on Fortinet's blog, Oct 31, 2016
- Hack.Lu 2016 Wrap Up on Fortinet's blog, Oct 25, 2016
- IoT malware are coming. Will you listen to me know?, on Fortinet's blog, Oct 24, 2016
- Pebble Smartwatch Talk at Virus Bulletin 2016, on Fortinet's blog, Oct 14, 2016
- Risks or not behing Pokémon GO, on Fortinet's blog, August 11, 2016
- Pokémon GO Plus review through reverse engineering, on Fortinet's blog, August 11, 2016
- Android adware trying to deceive the analyst, on Fortinet's blog, May 20, 2016
- Your Gossip Is Public, on Fortinet's blog, April 22, 2016
- WhatsApp vs Telegram, on Fortinet's blog, April 15, 2016
- Insomni'hack 2016, on Fortinet's blog, March 25, 2016
- Bad Mirror: New Android Malware family spotted by SherlockDroid, on Fortinet's blog, March 7, 2016
- Hacktivity 2015 on Fortinet's blog October 14, 2015
- CryptoGirl on StageFright: A Detailed Explanation on Fortinet's blog August 25, 2015
- StageFright, Telegram Stage-Left & WhatsApp Stage-Right on Fortinet's blog August 14, 2015
- Locker, an Android ransomware full of surprises on Fortinet's blogAugust 11, 2015
- Want Everybody to Know You're Flirting? This App is For You! on Fortinet's blog July 25, 2015
- Insurance Fraud via Internet of Thingson Fortinet's blogJuly 9, 2015
- Nuit du Hack 2k15 on Fortinet's blog June 25, 2015
- Hack in Paris 2015 on Fortinet's blog June 24, 2015
- Android Security Report in Far Less Than 44 Pages on Fortinet's blog April 17, 2015
- InsomniDroid Part 2: Write Up on Fortinet's blog April 4, 2015
- Insomni'Hack iOS challenges on Fortinet's blog March 26, 2015
- Insomni'hack CTF write up on Fortinet's blog March 25, 2015
- Insomni'hack 2015 on Fortinet's blog March 23, 2015
- Investigating on PawnStorm for iPhone on Fortinet's blog February 13, 2015
- Aggressive Riskware Installation on Amazon Kindle (and Android)on Fortinet's blog January 12, 2015
- Inside Hack.Lu 2014, on Fortinet's blog November 10, 2014
- Android Emmental, Adding Cheese in Emmental Holes, on Fortinet's blog October 30, 2014
- Inside BlackHat Europe 2014, on Fortinet's blog October 29, 2014
- 0wning Emmental, on Fortinet's blog October 20, 2014
- Android Packers Talk at Hacktivity, on Fortinet's blog October 9, 2014
- My Day Unbricking a Friend's Phone, on Fortinet's blog September 17, 2014
- Want everybody to know you're flirting? this app is for you!, on Fortinet's blog July 25, 2014
- Clean for the phone, but not clean in the code, on Fortinet's blog July 7, 2014
- iOS Malware Does Exist on Fortinet's blog, June 9, 2014
- AngeCryption at Insomni'Hack on Fortinet's blog, March 31, 2014
- Mobile Advertisement Serving Fake Anti-Virus and App Over Billing on Spanish newspaper on Fortinet's blog, March 14, 2014
- New Drive By Download Android Malware on Fortinet's blog, February 17, 2014
- Malware or Spam Campaign on Internet of Things on Fortinet's blog, January 27, 2014
- Sophisticated DEX obfuscation or Proguard configuration issue? on Fortinet's blog, December 16, 2013
- RATP Android Application Privacy: Status on Fortinet's blog, December 2, 2013
- Alligator at GreHack on Fortinet's blog, November 14, 2013
- Hack.lu Capture The Flag (CTF) - RoboAuth on Fortinet's blog, October 29, 2013
- Hacktivity 2013: Keynotes on Fortinet's blog, October 17, 2013
- VB 2013 - Day 3 on Fortinet's blog, October 14, 2013
- VB 2013 - Day 2 on Fortinet's blog, October 11, 2013
- VB 2013 - Day 1 on Fortinet's blog, October 10, 2013
- iPhone 5S: Inside the Secure Enclave on Fortinet's blog, September 16, 2013
- NSA's (and GCHQ) Decryption Capabilities: Truth and Lies on Fortinet's blog, September 6, 2013
- Alligator detects GPS leaking adware on Fortinet's blog, August 2, 2013
- Mobile Malware Gets in the Top 10 Viruses on Fortinet's blog, July 29, 2013
- Millions of SIM cards vulnerable to remote compromise on Fortinet's blog, July 24, 2013
- Don't Send Your SMS Scam to an AntiVirus Analyst on Fortinet's blog, July 17, 2013
- I am Datarmined to secure my Facebook posts on Fortinet's blog, July 8, 2013
- An Anti-Virus Analyst's Day (or Hour) into Firefox OS on Fortinet's blog, June 20, 2013
- NSA Has Large Disks on Fortinet's blog, June 10, 2013
- 11M for a simple conference program application on Fortinet's blog, May 27, 2013
- 1,000 malicious Android samples per day on Fortinet's blog, May 13, 2013
- Finding Similarities and Differences at DEX level on Fortinet's blog, May 6, 2013
- EuroGrabber is Zitmo on FortiGuard's blog, December 7, 2012
- Hashdays Android Challenge: the Solution on FortiGuard's blog, November 23, 2012
- Hashdays Arduino Badge on FortiGuard's blog, November 9, 2012
- Hashdays 2012 wrap-up on FortiGuard's blog, November 7, 2012
- Advanced Tools for Android Reverse Engineering on FortiGuard's blog, November 5, 2012
- Hashdays Android Challenge: Win a FortiGate on FortiGuard's blog, October 29, 2012
- Hashdays challenge by Fortinet to begin on Oct 29, 2012, on FortiGuard's blog, October 23, 2012
- Android/Fakemart's end: authors has been identified on FortiGuard's blog, October 19th, 2012
- Android malware distributed by malicious SMS in France on FortiGuard's blog, September 21st, 2012.
- Making money out of Android/Fakemart on FortiGuard's blog, September 3, 2012.
- Dalvik Executable (DEX) Embedded in another DEX! on FortiGuard's blog, August 23, 2012.
- Android byte-code obfuscation challenge on FortiGuard's blog, July 30th, 2012.
- Controlling Android/Zitmo by SMS commands on FortiGuard's blog, July 21st, 2012
- StarCraft culture to understand Android on FortiGuard's blog, June 19th, 2012
- Tracking Android/Foncy - on FortiGuard's blog, June 6th, 2012.
- Back from EICAR 2012 - on FortiGuard's blog, May 25th, 2012.
- DroidKungFu is getting smarter (hopefully, so am I) - on FortiGuard's blog, May 11th, 2012.
- Mobile Botnets: We Had Told You So - on FortiGuard's blog, April 20th, 2012.
- Analyzing CarrierIQ's defense - on Fortinet's blog, December 20th, 2011.
- Android/Foncy emanating and propagating in France on Fortinet's blog, December 15, 2011.
- CarrierIQ on Android - FAQon Fortinet's blog, December 13, 2011.
- Levitator: Root on your Android phoneon Fortinet's blog, November 25th, 2011.
- OpenBTS for Mobile Malware Analysis - on Fortinet's blog, November 17th, 2011.
- Symbian malware uses a 91-byte XOR key on Fortinet's blog, November 8th, 2011.
- Clarifying Android/DroidKungFu variants on Fortinet's blog, October 26th, 2011.
- VB 2011 talks, part 3 and end on Fortinet's blog, October 25th, 2011.
- VB 2011 talks, part 2 - on Fortinet's blog, October 18th, 2011.
- VB 2011 talks, part 1 - on Fortinet's blog, October 12th, 2011.
- QR code and mobile malware: it happened! - on Fortinet's blog, October 3rd, 2011.
- Spitmo gets on Android: mini-FAQ - on Fortinet's blog, September 16th, 2011.
- Android/Zitmo: an Update - on Fortinet's blog, July 18, 2011.
- Zitmo hits Android - on Fortinet's blog, July 8, 2011.
- Android/CruseWin carries a malicious kill switch - on Fortinet's blog, July 4, 2011.
- Android/DroidKungFu: attacking from a mobile device? - on Fortinet's blog, June 16, 2011.
- Android/DroidKungFu uses AES encryption - on Fortinet's blog, June 9, 2011.
- Android/Smspacem under the microscope - on Fortinet's blog, May 30, 2011.
- Airpush... pushes the envelope - on Fortinet's blog, May 17, 2011.
- iPhone Tracking - on Fortinet's blog, April 21, 2011.
- Mobile Malware Statistics - on Fortinet's blog, March 28, 2011.
- How Android/Fake10086 selectively blocks SMS - step by step - on Fortinet's blog, March 10, 2011.
- Android/DroidDream uses two vulnerabilities - on Fortinet's blog, March 3, 2011.
- Hacking Mobile Phone Statistics - on Fortinet's blog, March 1, 2011.
- What's new in Zitmo.B? - on Fortinet's blog, February 23, 2011.
- ShmooCon 2011 Debriefing - on Fortinet's blog, February 9, 2011.
- Mobile phishing related to Yxes - on Fortinet's blog, January 12, 2011.
- Hidden feature in Android spyware - on Fortinet's blog, November 12, 2010.
- Symbian malware and Internet Access Points - on Fortinet's blog, November 4, 2010.
- Zitmo Follow Up: From Spyware to Malware - on Fortinet's blog, September 28, 2010.
- Zeus In The Mobile (Zitmo): Online Banking's Two Factor Authentication Defeated - on Fortinet's blog, September 27, 2010
- You can't judge a book by its cover - on Fortinet's blog, September 7, 2010.
- iPhone 4 / iPad: the Keys Out of Prison - on Fortinet's blog, August 5, 2010.
- Mobile Malware Sends WAP Push SMS - on Fortinet's blog, August 3, 2010.
- Symbian Signed Mobile Malware: One Gang? - on Fortinet's blog, July 29, 2010.
- SymbOS/Album One Step Closer To Mobile Botnets - on Fortinet's blog, July 15, 2010.
- SymbOS/Album Follows the Path of SymbOS/Yxes - on Fortinet's blog, July 8, 2010.
- How to send an SMS - the geeky way - on Fortinet's blog, June 7, 2010.
- EICAR 2010: Presentation Round-Up - on Fortinet's blog, June 4, 2010.
- Airport flight schedule crash (unharmful) - on Fortinet's blog, May 25, 2010.
- WinCE/Terdial or impunity for dialers - on Fortinet's blog, May 17, 2010.
- No, the iPad is NOT hacked - on Fortinet's blog, May 3, 2010.
- Reversing the Symbian Enoriv malware - on Fortinet's blog, April 13th 2010.
- SymbOS/Yxes goes version 2 - on Fortinet's blog, March 4th 2010.
- 10 Predictions for Mobile Malware in 2010 - on Fortinet's blog, January 28th 2010.
- Malicious Transfer of IM3 funds: the Return - on Fortinet's blog, January 26th 2010.
- Duh's not malicious, dude! - on Fortinet's blog, December 10th 2009.
- Securing your jailbroken iPhone - on Fortinet's blog, December 2nd 2009.
- John Doe's Credentials - on Fortinet's blog, November 16th 2009.
- Targeted Spam: an Unfair Blow to Security - on Fortinet's blog, November 5th 2009.
- When Your Phone Becomes Your Worst Enemy - on Fortinet's blog, October 27th 2009.
- Keep your phone healthy: H1N1 vs. SymbOS/Yxes - on Fortinet's blog, October 13th 2009.
- Transmitter.C is not Yxes.E - on Fortinet's blog, August 26th 2009.
- Symbian Certificates or How SymbOS/Yxes got Signed - on Fortinet's blog, August 4th 2009.
- SymbOS/Yxes or downloading customized content - on Fortinet's blog, July 21st 2009.
- Detecting spyware for iPhones - on Fortinet's blog, July 16th 2009.
- 'Friendly' spam: A trick for managing unwanted emails from family, friends> - on Fortinet's blog, June 25 2009.
- June 9th, 2009, Trash CRC32
- April 21, 2009, 2D Codes: Lowering the "bar" for mobile threats ?
- April 13, 2009, Attacking stamps for fun and profit ?
- March 9, 2009, Flocker virus writer's name found via Google? Or privacy issue?
- February 23, 2009, A cryptographer's eye on antivirus analysis
Challenges
I am the lead organizer of Ph0wn CTF, a CTF dedicated to smart devices. The first edition was in 2017. The fourth edition will take place in 2020.I designed a few crackme if you feel like trying:
- Hashdays 2012 Android Challenge: [APK] [blog post 1 and blog post 2] [Solution]
- Insomni'hack 2012 CTF: [APK] [Solution]
- Basic Firefox OS CrackMe
- Insomni'hack CTF 2019: 23 (with mushd00m team)
- Hack.lu CTF 2018: 49
- Insomni'hack CTF 2017: 56
- Vulnerability identified at the IoT Village competition in DefCamp 2016 (to my knowledge, only 3 were identified by all competitors)
- Hack.lu CTF 2015: 83 (6th local team)
- SSTIC 2015: 3rd in 0-Rulez and our solution was mentioned as the most original ;)
- Insomni'hack CTF 2015: 30
- Hack.lu CTF 2014: 161 (5th 'local' team)
- Hack.lu CTF 2013: 97 (6th 'local' team)
- ... a long time ago (2003) challenge SecuriTech: 42
Podcasts
- Sécurité des objets connectés sur NoLimitSecu, October 30, 2016. In French.
Memberships
I am/was member of the Program Committee for:- Nullcon 2018 - 2019 - 2020
- GreHack 2016 - 2018. I am PC co-chair of GreHack 2019.
- Virus Bulletin conference 2016 - 2019 reviewer
- Virus Bulletin Advisory Board since 2018
- WiSec 2014 posters
- the Security Topic at LSM 2005. [Slides]
- IEEE ClusterSec'06 Workshop
Patents
I'm the inventor (or co-inventor) of those patents:- 2001 Data integrity check method using cumulative hash function [10/034706]
- 2001 Upgradeable time stamp mechanism [10/027341]
- 2001 Virtual worm method and system [10/034,055]
- 2001 Method and system for providing a secure time reference in a worm [10/034709]
- 2002 Method and system for timestamped virtual worm in a SAN [10/202,067]
- 2002 Secure E-mail Timestamping [10/184477]
- 2003 Method and computer system operated software application for digital signature [10/740484]
- 2005 Method and system for managing electronic data content [WO2007074232]
- 2005 Procédé et système d'analyse de page [FR2895817]
- 2005 Method for creating a secure counter on an on-board computer system comprising a chip card [WO2007080289]
- 2005 Method for authenticating applications of a computer system [WO2007077362]
- 2006 Système et procédé de sécurisation de données [WO/2008/037895]
- 2006 Systèmes electroniques sécurisés, procédés de sécurisation et utilisations de tels systèmes [WO2008096076]
- 2008 Procédé de vérification de l'intégralité d'une mémoire EEPROM [FR2933791]
- 2016 Augmented reality visualization device for network security [US20180077200A1]
- 2019 - US2019/
Public key
-----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.4.11 (GNU/Linux) mQELBEIJLssBCADqAloR2Ad88AiN9K/lqu3Vbs4sWTg9OctRejFmhfr3igbm1IID QEZ14iKQ7sis7hurxYTURzxI1gKHpE85C231SZTMfWsu210YWtsg4OAlGPcHluYP aBrBPreipr2Zan+VBTbOJ9+j1RVIyfAM5kfNuFlTrTHbksLirphZZllnEhm2Bk6E wDQQbVs1f5oQa7Jt6gd01+MWx2fWe4Ramf1SFfrUcq4SBCgod6Js5PxW+qG9iGNC 1j/3yyGqCiZia6KYKuBD1vVwodUmmLLNSK4Rddcm/7yM7HcMbqYLWWDF8g/hjVEG n7+/J8tHxEUCbdNKV7H/a7I4QmFZTKCCvGv1AAYptD9BeGVsbGUgQXB2cmlsbGUg KFBlcnNvbmFsIEdudVBHIGtleSkgPGF4ZWxsZV9hcHZyaWxsZUB5YWhvby5mcj6J ATEEEwECABsFAkIJLssGCwkIBwMCAxUCAwMWAgECHgECF4AACgkQYo6iZgEZdl6x CwgAg65NLMcMmme7790AsEB89U7JuRw3uXrcG0Idp2+XflQRGF+wa9+NYi8M0B6v dlINMRghMZ+BpYA81Dh9G8EamYd6aZifXN4uFyoHBMOYpz2TBQE94pMTJNDW2u+V HaKPgiJhbd4s4oQqO0y/lpqdmDkS2ewNI4NYteL6+00ZTY+4bJeGHDVbhzlLLkni DPuMocxIclfXUPMChiSu+RFXN1bQygnOkezozU0wvGdks08m1KDUOGYO7+dxDdNq qYICjhbX+i2jEobiV8CuKVnTMj6MBHLp7rt2ikV55COQiRpDW+hmqc/6bKk8Cp9y n+L+yQ9+0bxnkBoY3UqwgwsEcIkBHAQTAQIABgUCQgoZqQAKCRBO3R1vynOXk8M6 B/0bs5xIrv9kSrzl873MVMYkGfgxlzd3prCk3X09SJ98G//f46O+aQYOhqpqYKgb 7rup6vb3qHfnXEeR1mmgOjYNO9Q+Z4cRhBIoo0HnNl0HhLMO0ZHC33CTw5pzRsJS I7ZLTnvlUZ+gjuUDjubEnUvTUrtUorX5tUMb4VCV5OyOto7Zb5NsflF4m+8cseo3 BCaNYsr7QG+QqOkvp2aZfmzXwJhgF2FTm2vdyDtdzg/+y7x3S+zL8fYzd1jMc99Z zcTwQOTJVRgRmDbv/lF2wMbcp9UKEbIfUgpJJGUmvAzZIVA0EWl9rWFQqjng38p6 g+wdjpl9a+ZqRWQVtcw92Tqn0cvUy9IBEAABAQAAAAAAAAAAAAAAAP/Y/+AAEEpG SUYAAQEBAEcARwAA/+EAFkV4aWYAAE1NACoAAAAIAAAAAAAA/9sAQwAFAwQEBAMF BAQEBQUFBgcMCAcHBwcPCwsJDBEPEhIRDxERExYcFxMUGhURERghGBodHR8fHxMX IiQiHiQcHh8e/9sAQwEFBQUHBgcOCAgOHhQRFB4eHh4eHh4eHh4eHh4eHh4eHh4e Hh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4e/8AAEQgAjwBvAwEiAAIRAQMR Af/EABwAAAEFAQEBAAAAAAAAAAAAAAMCBAUGBwABCP/EADoQAAIABQIDBAcGBgMB AAAAAAIDAAQFEiITMgEGQiNSYnIHERQzgpKiFSEkMcLwQWNxc9LyNENhsv/EABoB AAIDAQEAAAAAAAAAAAAAAAACAwQFAQb/xAAoEQACAgEDAwQBBQAAAAAAAAAAAgMS BBMiUhQjMgEFEUJiMTNBYfD/2gAMAwEAAhEDEQA/AExxFcu2Eky0vixjsrroYUUO XTuhXdxgeW6DKK4tsBwTaXwxxY29MEtxy2wol3FdaUB0GK/FCrSxGCCNowol247r oDgG0h6cfF1RxCV2OMEasS3DcUDyygATbaP+UdkPmhVuXdjiG4tsAAbRtES2xxCV vigxB4YS0DLZb6+qABrcLCIrYII94oGF27q7sEG0ihTpxWr2ljDf2q52mOowv5Y3 Q4aVwkVuIjHDcpy2LWSRcsWabNw49UZ+blyQrtBl7dgiGiRWkVrO6UPFDd/lDN6l tESLFm4SGFC2YWVuiLLeocYhxvdo5F7m1iFZOQ6xJm7KOtGG4vmBL/j/AFRwtcWJ S/1Ra6/H5DWUcW/6wMjSv3kwhZd3UygZLmH4jiJdMEbLLUkR0xuinJ7rGrVjFaTi DE9UuzcJeUoII+WFIYsiYtZCWiWmWPVbd+qFWl826NaBrLYmbaJaI3bsu7CbRt+/ b0wTSISIrvqgZ3ceBDd1RIcI8SJg44wZQ5QESIh3dXVBB95uhTobG7L6oG8ZgmCT MliNowZREQw+0hIRHpjH92krGu0VmatRiJLLcy3p2wZTZe63Uh0MssiErcocKlk2 jcPzR5/tsQDHVl7veDChZLkWLlxJFIy57tOBlSJcu78sGnHyE3DUSSP/AGDAZpgs HErih82iy/SQw1bRcsWMHylDRRxq1rBb8RIjcIlHEOVpEMD+z5xXu5gi/uZQNTJp TLWJu8Qx6aDPhrX9CZZFYMQ3DChG3Hp8scNpLhRCQjjjGgSkOgbh7sGERIdsBQJL tuyh0OTOkoDrChxX0lExSpEppPZsESHvdUQ4423DE9y00riIchu3RR9xVWj3FiCN WbcOCpVQEbhSt3lK2EjLTi91PZ8OUWqWO8Ryu+GHFvVpjb5YwWxI2+pI2JGUki0/ eS7xL+2UKF6brbiEvLF0JQkO2G75WXZuWsi8QwvRKL0S8iqi1cKFq9uMWApSXXd+ HX8ow3eqmkWUqsYj6ReQdFxYh9Ue8MBe2XESIu0YOQiMShDJhkmVX8UNZ7RFJYrW RCUdixVtUOgqtmYr4iQry3FcVowQOPqH1ld98cJXRx3EWQ4x7GJarUqkOgsR7pfT DoRtx/1gcsN1o7rRicGisZSZeeSwi1XaZLt2/u2GVQIcR823uw6p72SjiIfdluGO nECp2nut/wDrq+q6G5ERdWMQyxrItWJI2ZWspfKLUJd68WEReGJi5dvvPmGMlbV5 ORymJxCSEsbmRoXJM8mtU/Ul54XMErSG6MuTHaPxLitYlryG3tIG1veg05LMlUk6 YHTFe4iIYCiRKbG5YkQljcNsV2WRfqTLXkNXvWVwxHvt3WldDzmOlOptPZOMmEWr yISK0oqv2my20mDAuJK31JNaJSa1UrWRF0xB1CZJriK7GBvaxvvCx80D27bY0MLC 02sxRycnU2qex40rer5o7qESjj3RqlIj5Zmkxbkl2iyEhi/UyeT9jsWlYpYwtRiW D7siyx8MRPKdFXo+2TBCwSxFfdit88U2vNqEnMUlb5payFbvEIjcXd8Xyx1o2WM5 +41VGfP/ADjTae4peTX7VOF7zujbtuLvRnczWuYK07RW4lrItqezEfijbJblCkql WM+z1+0OXuYvIWEOWUZ7VeWagK5quUcWex3EQpYOLhHEiHuxTkWRlsppYzRr5ELS qVLyfbOtmHd4umNQ9C04sK0ynutJcykht8Q5D+qM7pE2moJuXaLB3L7pRYOU5sqf zNIzA3dm4cfijNWTubjRkjtG3oXj081N1P5JZT8nLm+zWJFkNuX6YnvQ7IzVM9H9 NWUwt2usWDbkQ3DGU+m6vlU+cmSosFknIYrEdpF1FGoUWvJpnopk6lLsXqaIrSP8 zb9OXyxoMy1MqrbVX7Ff9MFaGcmioa8loL8QXeLu/DGXkielHCylzTE27hJlw/LE lMtY1zHMYTGEVxMLcRQxnpxMjKlMOIRt/dsZupI0nybGlGsdQiOcZiRmNGqS4kJF kSxtKLlLTKZtK3JK5bBuEoweZnnTk4xznEWoW7uxono0qTCIpNzLls2+aNKKRl2s Zc8CstlL59PihN1xbo4cYVaQj0xdM4TJ1WepjJeYYn8GghK0cRIvFFo5Xq5VOkjN SorJjGZWlday7KI/mNHt1BXSZPTJj1iu5xWkK9xfLFNbTKx6O6SuXk3e0C+aWxjC 6RG7GOtZbcTq1ZeLFw5lmnK5iX7Ol8wy21yUuxISK3b0wmZ5vkZmkzFNkZOZTOEk kpQ5e0i6fLuhv6Pp6nqlZyYc4VzhMu1GbRG7HL4omH0Zb64mqahS5CWIiI2kNt11 3mgT5ZbKLG3p9vQwvmOi1DlCtJc7IXDczTG0S8sTgsv03JLxCUPPTJWibUJOkz0q sRUWoTrd3TaPhERiHU3sxt+mMfNVVk2noMRmaPcV2ptYbGE4iJmpkUWqi1qabynJ 0lxfh5ZzGJ+L9lFXq6i+1CER96V1vmGJaW7CXFIliMLM3bryFx4u4zcR4+ZWhetM MEVjkMUevVNlRmssUr2jD7mOsJ0ylbbiIvliv3FdcUNjQ1WzEkjWaoQcR7sT3LU4 yWmlsErSEror926JClF+IEosN4h/BuUi32mVW7vDBhLK0hhrQyupsuRYiSxxKHnF YjwHq/8AIuKeffyKHVeap6TryUy9sxOLXqLFmQ3F+rqh9V+b6lzHI6cxLlJsW7U6 iEum2K3ydIjV/SVMLmiIloXku63HHGNeqfL9FVRWS8qS12pItQulhW7vFiULVmXy GlatVUqPLjVqqkq53aS+oLC+WNKnK5S1yZTUxMCvTXqFa63vW/FiWPljIxIUOXJp cTNMhuYwbdQYrvN9cl2iUqlbRXcWpawrWFFXFdo1Zf7Dc0irUiefaqNX5onJxbGM WTLVkwsrYectTxNX7K4u0EcfEMVloCIwqnk5cwtyS7QWbYWddRTeiqql2nkCc8uY LpXbbEHzDVdC5KbdTvd2E1esaSySkrmENpM7sVu64tRmV3iivHDbcwNJXaoSWlpi enFpl1lMTDitER6oNPSrqfOOlZgRFyStIbosnLnOzqOlcvT6PTVksbdYk3MZ5iiH 5lqDKq5k85Ircz3lvVFyxCtiNUVw+GJKlW62URcmJEsvNEtSvfCMEniTRmzcudpR ZO673I7okBxKI/lzKiytpbViMSVnr++78vDFpfEwZPJjK+R6mNP9JU4JFcyZtWtZ MFYkXiLuxtD1TX2W5zk/jCK3TTaQiRbSy7t1sfM3NhMRWVPSXHhxMR9XHhx2kMWL k7neoHWZDhUpwilhcN58OHHiXAdv+MR6lVLGnqMpo9ck0oqEnJilkxMEy5jCLIh6 rYunMfK9LqFFYPs6iWxOI7f2UMJiVRVqhJzirkOle0WX3ROzdQBMpwB9xceH58eP Dhx9UUbbfyJIkkWRrf70Plmqr9mnnS5blsJfywxKZJVwrxIolqyhj6zNt4F6+BuI uHHj/HKGU1TWCREHHhaJfw+6LCKXGk+owIiIso4IcKpjVERMbcP9IdS9PM/zIeES iqw1llkJXQqeK5IjEomQMAHjxL1cNvq4R6UhqXCXru/rCDWUipNfYkUS1MUWtqdM eJlOKRtDhw4xL0mV4sG6y3p/OFZbBqVUvVPnJiUptNGXl2OWy3WtHaNwj+qJKk1X jOzLOPBZy6xSLVg0bWcLiISuH4R+aGt9SlpaURJrHiHFP38eNv3ZD+m6Az87XESn ErE6nEw9XAePqx9R+v8ATFpfExZNzH//2YkBNAQTAQIAHgUCQgocGQIbDwYLCQgH AwIDFQIDAxYCAQIeAQIXgAAKCRBijqJmARl2XsUKCACnsoy4/Y4walQ+qH4/Ults o8VwwU81Tx7LNWlRU2yPSefxZkwUrQTeHIPMvAIPCq80MzPvIGxcJOEegX85EpyG ksG0iclJodB0JIZLS0tdVfe2MUtqsUeQZDA4Zkg1UJRbNUReTqqRTpsFdwxpx1bv i7SZ1d8Xahz3NhG87eNxVCH1qXkgeDxV57mhzFiOOf24Zblz27JUKv+j0QlbDOgI SkmDgzqR5+GHbfc1VJf7EauDqBP8OkdpnqaQdtMW3RDYLJKN7oLYEkCboSC3qPgu cKrihDL87IXJ/aKNY2hxVoIghuwBObXwdMStZleI0O9vmWNxbEuXRm0mS7SvfJfa iQEcBBMBAgAGBQJCChzqAAoJEE7dHW/Kc5eTLxgH/A2oYBhevhN45L5uSmvWL9ax HUKIETo3A3GTa5wCC5mntgQ3sv6eal1qhUJbgZ+itkN+Yk7V8Gfs0jtnMrOZ6jY3 OQSmv+g4RUpsqM9Vj0nhPv0QZ+ch2quj2p8N8NJZSVZHm7Hmg89q2714fWK67T3g LLdgXgkJRA19R6G+FEeQqajcvH3G6j61hML/rH/4c2W91sjCuE800l0uMi7qJVRk A2p/iQMtwHQiiWNi4Q4giPHad41FoC4HZzgUizo7YdW+pFDmCBR5YVoBDW3KJaXW 7sw0lVJz2CvHvZ5+w+8/4nMdEVohCoLVFArNjYWTkzLd/eXYyFajf/XhZOEiL060 K0F4ZWxsZSBBcHZyaWxsZSA8YXhlbGxlLmFwdnJpbGxlQGdtYWlsLmNvbT6JATYE EwECACAFAkbqd5ACGw8GCwkIBwMCBBUCCAMEFgIDAQIeAQIXgAAKCRBijqJmARl2 XpA8B/oCLxx244LhGaUebu++XxsdJ3cQhUQupz9SyKzsX+Ggcu5/HsrcaRg6Iv+Y fi0LTLTqKuP8mFqFI4q8hPHByQEhKUBpuLfz9NAEpv9LijkBn8Dvqr2TzTOivOhP bhslWTp1inJ5N5B1HHn8N0yWKqTCFySPYRvDwdHFLW6igT4eN9OcuQfDWJpL9+4Z uYQJGWzTevo5Avt0uj7ZvqFr8RZPsSE+912Yd1ctZkzHmcwrENr7hEGC0OGijd5m RO3tvV99wWKY7qEEYNzXDlucPWQcaUPOPch5uYb6JVbet0E59eA7f244CnLws1iQ xxE87E93VYbvzG3kPEPIhKYB0bXMtClBeGVsbGUgQXB2cmlsbGUgPGF4ZWxsZUBw cml2YXRkZW1haWwubmV0PokBOAQTAQIAIgUCUjyw3gIbDwYLCQgHAwIGFQgCCQoL BBYCAwECHgECF4AACgkQYo6iZgEZdl6IVAf/YicmzU9udI4RWepbjMnx+D9yPbAP UBUlY6JGy9yLw8/OJPW7DComUy/qoD0hzd3zpWlyW2Jit3WwUowj99OSuicLEEp9 52yDbmFgt0+NoHowlbQJ+7jDgzr6wiJY1V3eoCTCblI2MpiucsrLs/opwCDegnsz gTJf3MohrCy4PUki0tWhcL2jWG11nuIppUQ6w+hHZEzxwhvBHzAKVv2Mxm8eBDGK +mzUmIoDof5wWZ5WLNFcp/t266HE4yvgYFFCaPkDO1WRB/lOb/vAWZGMf2YN0qKU BAnjInoHzdCCfneJkZzRkLHokJAk5WNXw2rx84E2LLZ9U5TuHZzXTSvZW7QeQXhl bGxlIEFwdnJpbGxlIDxhYXB2QGdteC5jb20+iQE4BBMBAgAiBQJSjO2PAhsPBgsJ CAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRBijqJmARl2XvuHB/9nRU6pC3wx9yaX iNc2kQ8P8cZBXDmQ9xpuy0fHzzBkLr2xVOD7i0IOdU+mjuNpBqZC8qUQlHN1xt7g c03mDK2FXO98/FJZOe6rHGClJvR93OAqwyWJf7q30vw5hO/wjeVOkA+3q95La/Ly ituLsiRhVW/ZapkqLuWhPFqCFgySNhrXrEa4AqJ+FkljclwOnjHuama/ho/eGL9s 4Uzzqb+yuuopuK1J0o78CCDbWgY9YreTPATUuC3YCDTtIpRtH9VP80Tnm/kEcel+ tYcGwsp2tmOROgG8GgLOcEa7BVF/ehD+aV6FiJDB9yPWyLT/l+a1+bHt8YfyUsLy EYl6Ek1h =HAlk -----END PGP PUBLIC KEY BLOCK-----