French security researcher. Worst nightmare of Oneplus, Wiko, UIDAI, Kimbho, Donald Daters and others. Not completely schizophrenic. Not related to USANetwork.
CVE-2019-11341 - https://twitter.com/fs0c131y/status/1115889065285562368
CVE-2019-11340 - https://matrix.org/blog/2019/04/18/security-update-sydent-1-0-2/
CVE-2019-6447 - https://github.com/fs0c131y/ESFileExplorerOpenPortVuln
CVE-2018-20555 - https://github.com/fs0c131y/CVE-2018-20555
Security flaw in French government messaging app exposed confidential conversations (Techcrunch) - https://techcrunch.com/2019/04/19/security-flaw-in-french-government-messaging-app-exposed-confidential-conversations
Un chercheur découvre une faille de sécurité sur Tchap, la messagerie sécurisée réservée aux services de l'Etat (franceinfo) - https://www.francetvinfo.fr/internet/un-chercheur-decouvre-une-faille-de-securite-sur-tchap-la-messagerie-securisee-du-gouvernement-et-de-l-elysee_3406071.html
Tchap : une première faille a déjà été détectée dans la messagerie souveraine de la France (Numerama) - https://www.numerama.com/tech/482507-tchap-premiere-faille-detectee-quelques-heures-apres-le-lancement-de-la-messagerie-souveraine-de-la-france.html
Comment une nébuleuse LREM instrumentalise les réseaux sociaux (Mediapart) - https://www.mediapart.fr/journal/france/090419/comment-une-nebuleuse-lrem-instrumentalise-les-reseaux-sociaux
Major Aadhaar data leak plugged: French security researcher (The Hindu) - https://www.thehindu.com/sci-tech/technology/major-aadhaar-data-leak-plugged-french-security-researcher/article26584981.ece
Pro-Trump app threatens expert for finding flaw in code (Fox News) - https://www.foxnews.com/tech/pro-trump-app-threatens-expert-for-finding-flaw-in-code
'Yelp for conservatives' MAGA app leaks users data (ZDNet) - https://www.zdnet.com/article/yelp-for-conservatives-maga-app-leaks-users-data
A French security expert reveals how trolls backing the BJP and Congress fuelled #BoycottSurfExcel (Quartz) - https://qz.com/india/1572073/did-bjp-congress-trolls-fuel-boycottsurfexcel-on-twitter-india
Twitter Test Reveals BJP’s Troll Army Pushed #BoycottSurfExcel (The Quint) - https://www.thequint.com/elections/social-dangal/twitter-test-reveals-bjps-troll-army-pushed-boycottsurfexcel
An Indian oil company left the biometric ID numbers of 6.7 million customers accessible on Google (Vice News) - https://news.vice.com/en_us/article/kzdgzz/biometric-id-numbers-india-aadhaar
India’s state gas company leaks millions of Aadhaar numbers (Techcrunch) - https://techcrunch.com/2019/02/18/aadhaar-indane-leak/
Aadhaar Leak On Indane Website Exposed Details of Millions Of Customers (HuffPost India) - https://www.huffingtonpost.in/entry/aadhaar-leak-on-indane-website-exposes-details-of-millions-of-customers-report_in_5c6b8761e4b0b9cc78ffb254
Indian state government leaks thousands of Aadhaar numbers (Techcrunch) - https://techcrunch.com/2019/01/31/aadhaar-data-leak/
Une application populaire auprès des «gilets jaunes» victime d'une faille de sécurité (Le Figaro) - http://www.lefigaro.fr/secteur/high-tech/2019/01/23/32001-20190123ARTFIG00149-une-application-populaire-aupres-des-gilets-jaunes-victime-d-une-faille-de-securite.php
A popular WordPress plugin leaked access tokens capable of hijacking Twitter accounts (Techcrunch) - https://techcrunch.com/2019/01/17/wordpress-plugin-leaked-twitter-account-access-tokens/
ES File Explorer : un célèbre explorateur de fichiers pour Android met en péril le contenu du smartphone (Numerama) - https://www.numerama.com/tech/456076-es-file-explorer-un-celebre-explorateur-de-fichiers-pour-android-met-en-peril-le-contenu-du-smartphone.html
ES File Explorer Flaws Put 100 Million Users' Data at Risk, Fix Promised (BleepingComputer) - https://www.bleepingcomputer.com/news/security/es-file-explorer-flaws-put-100-million-users-data-at-risk-fix-promised/
Researcher shows how popular app ES File Explorer exposes Android device data (Techcrunch) - https://techcrunch.com/2019/01/16/android-app-es-file-explorer-expose-data/
Researchers downplay role of fake news and bots in France’s Yellow Vest protests (VentureBeat) - https://venturebeat.com/2018/12/26/researchers-downplay-role-of-fake-news-and-bots-in-frances-yellow-vest-protests/
The co-opting of French unrest to spread disinformation (Wired) - https://www.wired.com/story/co-opting-french-unrest-spread-disinformation/
Gilets jaunes : soupçons d’ingérence en réseaux (Libération) - https://www.liberation.fr/france/2018/12/09/gilets-jaunes-soupcons-d-ingerence-en-reseaux_1697012
« Gilets jaunes » : soupçons de manipulation sur les réseaux sociaux (Le Monde) - https://www.lemonde.fr/pixels/article/2018/12/09/gilets-jaunes-soupcons-de-manipulation-sur-les-reseaux-sociaux_5394890_4408996.html
Donald Daters, a dating app for Trump supporters, leaked its users’ data (Techcrunch) - https://techcrunch.com/2018/10/15/donald-daters-a-dating-app-for-trump-supporters-leaked-its-users-data/
'Donald Daters' the New Dating App for Trump Supporters Leaked Its Users' Data on Launch Day (Time) - http://time.com/5426460/donald-daters-app-leak/
A strange phone number crept into Indian contact lists, and no one knew why (The Verge) - https://www.theverge.com/2018/8/3/17648738/india-phone-number-unknown-privacy-data-contacts-uidai
Hacker Steals Customers' Text Messages from Android Spyware Company (Motherboard) - https://motherboard.vice.com/en_us/article/qvm44m/hacker-steals-text-messages-android-spyware-company-spyhuman
Terri, Regina, Pearl : d’où viennent ces « bots » pornographiques qui envahissent Twitter ? (Le Monde) - https://www.lemonde.fr/pixels/article/2018/02/22/terri-regina-pearl-d-ou-viennent-ces-bots-pornographiques-qui-envahissent-twitter_5260996_4408996.html
TRAI chief shares Aadhaar number on Twitter with a dare, personal details leaked (India Today) - https://www.indiatoday.in/india/story/twitterati-respond-to-trai-chief-s-aadhaar-dare-1299213-2018-07-29
India PM Modi app sparks social media furore (BBC News) - https://www.bbc.com/news/world-asia-india-43538178
Baba Ramdev: India guru's 'WhatsApp killer' app mocked over flaws (BBC News) - https://www.bbc.com/news/world-asia-india-44326816
Protection des données : «Ce n’est pas en arrêtant les chercheurs que l’on va sécuriser les sites» (Libération) - https://www.liberation.fr/planete/2018/03/29/protection-des-donnees-ce-n-est-pas-en-arretant-les-chercheurs-que-l-on-va-securiser-les-sites_1639884
Security researcher reported vulnerability on India Post server (Medianama) - https://www.medianama.com/2018/03/223-security-researcher-reported-vulnerability-on-india-post-server
French tech wizard hacked BSNL database of 47,000 staff (The Times of India) - https://timesofindia.indiatimes.com/city/hyderabad/french-tech-wizard-hacked-bsnl-database-of-47000-staff/articleshow/63164435.cms
Sécurité : la série noire des smartphones Wiko continue (01net) - https://www.01net.com/actualites/securite-la-serie-noire-des-smartphones-wiko-continue-1314593.html
Elliot 'fs0c131y' Alderson reveals: Everyone is spying (AndroidPit) - https://www.androidpit.com/elliot-fs0c131y-alderson-interview
OnePlus Phones Were Shipped With a Hidden Backdoor (Motherboard) - https://motherboard.vice.com/en_us/article/59y4vz/oneplus-backdoor-engineer-mode
OnePlus phones have an unfortunate backdoor built in (Wired) - https://www.wired.com/story/oneplus-phones-have-an-unfortunate-backdoor-built-in/
India: Fake News and Agitprop (Al Jazeera) - https://www.aljazeera.com/programmes/peopleandpower/2019/04/india-fake-news-agitprop-190416054316199.html
Elliot Alderson on Aadhaar leaks, Is your Aadhaar data safe? (Mirror Now) - https://youtu.be/82X28ilEZSc
Un lanceur d'alerte français traque les sites et applications abusifs (RT France) - https://youtu.be/28NJf53apI4
Rencontre avec le hacker français qui fait trembler l’Inde (Quotidien) - https://www.tf1.fr/tmc/quotidien-avec-yann-barthes/videos/rencontre-hacker-francais-fait-trembler-l-inde.html
Tchap: The super (not) secure app of the French government - https://medium.com/@fs0c131y/tchap-the-super-not-secure-app-of-the-french-government-84b31517d144
Indane leaked Aadhaar numbers: 6,700,000 Aadhaar numbers - https://medium.com/@fs0c131y/indane-leaked-aadhaar-numbers-6-700-000-aadhaar-numbers-3948135239f6
How I became a member of the Illuminati on Twitter - https://medium.com/@fs0c131y/how-i-became-a-member-of-the-illuminati-on-twitter-aa9e1c4c95de
Reverse Engineering of the Anubis Malware — Part 1 - https://medium.com/@fs0c131y/reverse-engineering-of-the-anubis-malware-part-1-741e12f5a6bd
How I “found” the database of the Donald Daters App - https://medium.com/@fs0c131y/how-i-found-the-database-of-the-donald-daters-app-af88b06e39ad
Can I hack your Android app, please? (GDG Toulouse s03e07) - https://youtu.be/JyVzp7vQLcc
Votre vie privée contre des services? (TEDx Centrale Lyon 2019) - Coming
Interview with Robert Baptiste aka Elliot Alderson by Antriksh Shah (NullCon Goa 2019) - https://youtu.be/8qB1PMH0rD8
Episode 124: The Twitter Accounts Pushing French Protests (Security Ledger) - https://securityledger.com/2018/12/episode-124-the-twitter-accounts-pushing-french-protests-and-social-engineering-the-software-supply-chain/
GitHub - https://github.com/fs0c131y
Twitter - https://twitter.com/fs0c131y
Keybase - https://keybase.io/fs0c131y
Medium - https://medium.com/@fs0c131y
Youtube - https://www.youtube.com/channel/UCeW9xo2vZXPMEtOyRpeoiIw
PayPal - https://www.paypal.me/fs0c131y
Bitcoin - 3BToAehWHeyGcHDtQLFL3YMUbnWTcLzjzX