💣 Parsing JSON is a Minefield

Where I demonstrate that JSON apparent simplicity is just hidden complexity that can lead to software errors and security issues.

2016-10	First version of the article
2016-10	JSON Test Suite (GitHub)
2016-10	Presentation at Soft-Shake Conference, Geneva (slides)
2016-11	Article and comments in The Register
2016-11	Presentation at Black Alps Security Conference, Yverdon (slides)
2018-13	Parsing JSON Considered Harmful, Toulouse Hacking Conference (slides)
2016-07	A JSON Parser in Swift 3 compliant with RFC 7159 (GitHub)

✏️ Drawing with Computers

Where I explore various ways to draw on screen programmatically and create interesting code, images and data visualisations.

2012-04	Home Made Maps - Python scripts to generate "centered time-distance maps" (GitHub)
2012-06	efx-backtest - Backtest your eForex trading strategies (GitHub)
2012-07	MathPlotLibs Experiments (GitHub)
2013-01	draw_bytes.py - Draws any file as a picture considering its bytes as pixel colors (GitHub)
2016-01	STStrava - Experimental visualisation of runs using Swift and Strava API (GitHub)
2016-11	STMovingImages - Create .MOV and .GIF from NSImages in Swift 3 (GitHub)
2016-11	DevTeamActivity - Generates a picture summarising the activity of a dev team on one or several repositories (GitHub)
2016-11	Swift Data Visualization workshop, Swift Alps Conference (slides, GitHub)
2018-03	kovach_pycairo.py (gist) Reproducing Benjamin Kovach's art with pycairo
2018-11	BitmapCanvas - Bitmap offscreen drawing in Swift for OS X (GitHub)
2018-11	PulsarRuns - Pulsar-plot of Strava runs (GitHub)
2018-11	schotter.py (gist) Reproducing "Schotter" by Georg Nees with pycairo
2018-11	schotter_color.py (gist)
2018-11	rainbow_rain.py (gist)
2019-01	PyCairoVisualDoc - https://seriot.ch/pycairo/ Visual documentation generator for PyCairo. (GitHub)
2019-01	sq_logo_animated.gif (gist)
2020-12	maze.py - algorithm to draw a maze (gist)
2021-10	IsoRenderer - A 2D, Cairo-based isometric renderer in Python 3 (GitHub)
2021-12	Isometric - An isometric screensaver for macOS, written in Swift (GitHub)
2022-06	truchet.py (gist)
2022-09	Intertwined - Draw intertwined threads, knots and knitting figures with PyCairo (GitHub)
2022-09	circles.py gist, circles.ps gist
2022-09	schotter.ps gist
2022-09	Postscript Golfing writing a tiny Postscript program drawing Swissquote logo
2022-10	Intersecting Planes Reproducing an image with intersecting planes in Postscript
2022-10	Isometric Stairs Isometric stairs in minimal Postscript
2023-04	Les Tuiles de Wang Atelier de programmation pour enfants (code, sample image)

🦄 Unicode

Where I explore Unicode specifications, their implementation in various environments, edge cases and some security aspects.

2013-01	UniBinary, an efficient algorithm to encode/decode data into printable Unicode characters, (GitHub)
2014-10	Unicode Poster, (GitHub)
2014-10	I � Unicode, SoftShake 2014, (slides)
2014-11	Unicode Hacks, AppSec Forum 2014, (slides)

As a trail runner and Unicode enthusiast, I am a proud sponsor of characters:

🏃‍♂ U+1F3C3 U+200D U+2642 U+FE0F man runner
⛰ U+26F0 mountain
🏔 U+1F3D4 snow capped mountain

https://unicode.org/consortium/adopted-characters.html

🐣 Abusing Twitter API

Where I reverse engineer and document Twitter API, exploit vulnerabilities to automatise account creation and get access to user accounts.

2012-11	Abusing Twitter API, AppSec Forum 2012, (slides)
2009-04	TwitHunter - An experimental Twitter client with scoring for Mac OS X (GitHub)
2013-04	Abusing Twitter API and OAuth Implementation, Hack In The Box 2013, Amsterdam, (article, slides, video)
2013-10	Abusing Twitter API, One Year Later, AppSec Forum 2013, (slides, video)
2013-10	iOS / Twitter Integration, SoftShake 2013, (slides)
2014-05	STTwitter, CocoaHeads Lausanne, (slides)
2015-04	3 Nasty Twitter API Hacks, DahuCon, (redacted slides): Account Takeover, Automated Account Creation, SMS Abuse
2014-05	STTwitter - A stable, mature and comprehensive Objective-C library for Twitter REST API 1.1 (GitHub)

⏱ Time and Computers

Where I explore the various definitions of time, how time is managed by computers, and the troubles that can arise.

2015-10	Time and Computers, SoftShake 2015 (slides)

🧨 Error Handling

Where I discuss what is an error and various error handling strategies.

2016-04	Error Handling, AppBuilders, Zürich (slides)
2016-14	HTTPRequests - NSURLRequest extensions in Swift, demonstrating various error management strategies (GitHub)

🧠 From Brainfuck to Domino Computers

Where I explore computation, Turing completeness and esoteric programming languages.

2017-10	From Brainfuck to Domino Computers, SoftShake 2017 (slides)
2017-03	Brainfuck - A flexible Brainfuck interpreter in Swift 3.1 (GitHub)
2017-06	Wireworld - A simple Wireworld cellular automaton explorer in Swift (GitHub)
2017-06	ECAExplorer - ECAExplorer - A simple and interactive tool to explore Elementary Cellular Automata, in Swift (GitHub)
2017-07	Fluid simulation from 1D cellular automata (gist)
2017-11	Game of Life Visualization (gist 1, gist2)
2023-05	Simulating Turing Machines with Wang tiles (article, GitHub)
2023-05	A tiny Turing machine for 2-symbols Busy Beavers. No variable for state. Program is kept on input string. Gist
2023-12	bfps - a Brainfuck interpreter written in PostScript (GitHub, Hacker News comments)
2024-03	Programming in PostScript

⚔️ Mighty Bayard

Where I create a pseudo RPG for my kids.

An original and unique creative game that I've create with and for my kids.

The game will remain unpublished because it is using proprietary assets from 3rd parties.

Presentation: 20170126_mighty_bayard.pdf

🐜 Minimal Programs

Where I explore formats, tools and protocols by writings working programs with a minimal number of bytes.

2012-12	Hello Mach-O. Dissection of minimal Intel 32-bits, 204 bytes, Mach-O "Hello World" executable file.
2015-07	A Tiny NTP client in 79 characters

⚙️ Objective-C Runtime

Where I describe the design of the Objective-C Runtime, provide tools and several tips and tricks to ease debugging.

2008-2018	iOS and Mac OS X Obj-C Runtime Browser (GitHub)
2008-2018	Dumps of classes and methods from the Objective-C runtime. For iOS and macOS. (GitHub)
2011-03	Objective-C Runtime: Cocoa's Jewel in the Crown. (NSConference 2011, slides)
2011-07	Tries to find unused Objective-C methods by examining binary files (GitHub)
2013-01	Draws dependancies among classes out of an Objective-C code base (GitHub)

🥷 iPhone Privacy

Where I demonstrate that, despite Apple claims, a malicious iPhone app can harvest a user data without even using private APIs.

2009-12	iPhone Privacy, December 2nd, développeurs iPhone de Suisse Romande, Geneva Airport. SpyPhone Project on GitHub
2010-02	iPhone Privacy, February 3rd, Black Hat DC, Arlington, VA, USA, white paper, Black Hat slides, SpyPhone Project on github, 81 citations, Forbes, Wall Street Journal
2010-04	iPhone and AppStore: Security and Privacy. Workshop on mobile security, Federal Intelligence Service FIS, Reporting and Analysis Centre for Information Assurance MELANI, Bern.
2010-09	iOS 4 Privacy, Compass Security Event 2010.
2010-11	iOS 4 Privacy, DefCon Switzerland HashDays 2010 (video, slides)

📣 Talks in various iPhone developers user groups

2007-01	Django, a new Python web framework. Sen:te, Lausanne
2009-12	iPhone Unit Tests, CocoaHeads Lausanne
2009-12	What you can do with iPhone's Camera, Netinfluence iPhone Conference.
2010-05	Building a vertical tab bar controller for the iPad, macprofessionals.ch user group, Bern. (slides, GitHub)
2011-05	Subclassing UIControl using CoreAnimation. CocoaHeads, Swissquote Bank, Gland. (slides, GitHub)
2011-12	Growing iOS Projects. CocoaHeads Lausanne, (slides)

🕵️‍♂️ Criminal Intelligence out of Email Scams

Where I produce criminal intelligence out of a spams dataset.

2010-05	Thèse de master Master LCE, 12ème colloque de l'Association Internationale des Criminologues de langue Française, Université de Fribourg, (résumé, slides)

💼 Open Banking Opportunities for Swissquote

Where I explore open banking and provide business development recommendations for Swissquote.

2020-10	EPFL EMBA Thesis, (Executive Summary, redacted). Keywords: open banking, fintech, payments, strategic management, open innovation.

🦅 Videos

2017-06	Lavaux
2021-10	Dent du Bourgo et Tsermon
2020-11	Villars-Tiercelin

⚒ Other miscellaneous tools, talks, pieces of software

2024

• StravaBook - Create a book based on your Strava activities
• Strava Neural Network - Train a neural network with your Strava activities to predict runs durations
• midascii.py - Listen to ASCII strings as MIDI notes (pi.mid)
• PSTicTacToe - Play TicTacToe against your PostScript printer
• PSChess A Chess Engine in PostScript - GitHub repo, Hacker News, Hackaday

2023

• Strategic Decision Making for Engineers - Friday Tech Talk at Swissquote, public version

2021

• Mowgli - Generate a static website from Markdown files with <150 lines of Python.
• kaa.py - Upload files modified since some date onto FTP server.
• Yuh - A Text User Interface over the Yuh neo-bank (undocumented) API
• Swissquote - A Text User Interface over Swissquote Bank (undocumented) Mobile API
• Urwid Examples - Urwid Examples

2020

• MNIST - Measuring the accuracy of a trivial approach to the MNIST digits classification problem.

2016

• EasterEggs - A social game that consists in catching QR-codes

2015

• ShapefileReader - A shapefile reader in Swift
• BinUtils - Swift functions to ease working with binary file formats
• ScreenTime - Captures your screen every minute. Creates movies.
• CrashReports - Symbolicate iOS Crash Reports

2014

• AntennasAssignment - An optimisation problem, solved and implemented graphically in Cocoa
• swiss_topo_tiles - Contents removed after a cease and desist letter from Swisstopo / Swiss DoD
• gmap_tiles - Download Google Maps tiles
• filters - Python script to restore filters on photos imported from iOS 8
• osx_frameworks - Generate a .dot file of OS X frameworks dependencies

2013

• phpMyFlatSite - A minimal PHP framework to run a classic, single user, dynamic web site

2012

• pmlogs_to_ical - Display Mac OS X user sessions in iCal

2011

• STHTTPRequest - A NSURLSession wrapper for humans
• objc_strings - Helps Cocoa applications localization by detecting unused and missing keys in '.strings' files
• UTIsExplorer - Find OS X UTIs, build up the inheritance tree, save it as a Graphviz graph
• MobileSignal - Measure and display the kind of cell phone signal (Edge or 3G) on a map
• BatteryChart - Measure and display the battery charge of iOS devices

2010

• Twitter-Saver - Backup all your tweets. Because you never know.

2009

• FSWalker - A File System Browser for iOS

2008

• Quickies - Lightweight, indexed, searcheable notes database in PHP/MySQL. Runs quickies.seriot.ch
• SwissSMS - A Cocoa Mac OS X front-end to SMS operators services
• nsarray-functional - An Obj-C category to add Python like map, filter and reduce methods to Cocoa NSArray

2007

• iCalReport - Report the time spent on projects by reading iCal events
• CocoaSlideShow - a simple, fast image viewer for Mac OS X
• SpotLook - An innovative Mac OS X search tool based on Spotlight

2006

• HEIG-VD - A few projects from my time at engineering school HEIG-VD (EIVD)

2005

• Boggle - A Python solver for the Boggle board game

2004

• JavaDoc - A legacy OS X Dashboard widget to access Java documentation
• newsmemory - Django web app to scrap, store and browse pieces of news