Today’s post is unlike any I ever wrote: a tribute to a dear friend, who, a few months ago, brutally passed away from a heart attack at the age of 28.
More than a close friend I’ve known for 10 years, Hadrien was a brilliant engineer, a software craftsman, a maker, and a hacker whom I highly regarded and learned so much from over the years. Anyone who met him can testify he was passionate about every single thing he did. This post is a tribute to him.
Let me start by telling the story of how we met, and of some impactful life events we shared together.
Before we met (2011)
In 2011, at just 16, Hadrien hooked up an Arduino to a bunch of electronic parts to create a “battery sorter”. Place a batteries in the top compartment, the machine then tests each battery and separates used batteries from charged ones.
He even won a pretty well-known French contest rewarding inventors of under 18 (“Innovez” of Science et Vie Junior).
The first years (2012-2013)
I first met Hadrien as we started studying at the Swiss Federal Institute of Technology (EPFL). I was only 17 and just moved out of my parents’ in what was for me a new country and a new life. Hadrien was sitting right behind me, and what started as a casual conversation ended up as a rare, long-standing friendship.
After a semester cramming through our exams, we teamed up for a Hackathon organized at EPFL by Facebook. Facebook was the hot tech company for us at the time, so while I was a lousy programmer, we were motivated to ship something remarkable to score an internship there.
We ended up building an interactive web application to stream music at parties, where attendees could vote from their phone for the songs they’d like to hear most.
To our great surprise, we ended up with the first place and won… an all-expense paid trip to London for a Hackathon at Facebook HQ! Which we didn’t win – but we left London very happy with our second place.
In late 2014, we had to pick our university courses from a large list. We were not happy about the lack of information available to students, so we built “CourseAdvisor” together. It would essentially scrape the school’s course curriculum and make available to all students a platform to review and post comments on their courses. Along the way, Hadrien helped me pick up the Laravel PHP framework and healthy testing practices.
At its peak, CourseAdvisor had 700+ registered students and 800+ course reviews. Unfortunately, in 2016, the school wasn’t happy and asked us to take down the website, threatening us to involve lawyers. (Daniel C., if you read these lines – 6 years later, I’m still mad at you for using your position to threaten with legal action 2 students who just wanted to make the studying experience better for everyone.) While in retrospect we should definitely not have complied, at the time we had other fish to fry.
Computer graphics bachelor project
As we were sitting in the “introduction to computer graphics” class, I watched – slightly dumbfounded – Hadrien do amazing things with Open GL, ray tracers, procedural modelling, and yet other terms that scare me to this day.
In the end, Hadrien made most of the work for the final course project, which the teacher thought was so amazing that he now shows it at the beginning of his class every year. See the video below – this is a randomly-generated world, that is unique at every run. It renders infinitely. It has lakes, snowy mountains, land, rocks, water reflection, and even clouds.
After completing his master’s degree, Hadrien worked as a software engineer at AppDynamics (now Cisco) and Datadog. On this board, many he worked with over the years left a message, a story, or a picture – I find these to be deeply touching.
Hadrien was a brilliant engineer who was passionate and had free time on his hands. It should not come as a surprise that he came up with an impressive list of side-projects, some of which I highlight below.
- The “fish feeder” is a device you could remotely control to feed Hadrien’s fish, Gaston. It was exposed to the Internet, behind authentication. At some point, he considered running an daily auction where the highest bidder would have the privilege of pressing the precious button.
- “Whistle Invaders” is a revisited version of Space Invaders, where you control the player by… whistling! Whistle with a higher pitch, your player moves up. Lower the pitch, and it moves down.
- The “Clapruptor” is a gadget Hadrien crafted from start to finish. Placed on a power outlet, it would turn power on and off based on you clapping your hands. He even produced a high-quality video walk-through of this project (available with English subtitles).
- “Turing Wars” is a game where each player writes a small assembly program, which then compete each other in an arena that’s actually a virtual machine!
- The “Cagificator” was a web-based tool that could take a picture of anyone as an input, and replace their face with the one of Nicolas Cage. As you can see in the write-up, it involved quite a bit of computer vision work.
“Leonardo Di Caggio”, output from the “Cagificator”
- “Fun With Types” might be one of the funniest talks I’ve seen. At JS Romandie, Hadrien spent 30 minutes proving that the Typescript type checking system was turing-complete, along with showing various Typescript wizardry.
A Security Champion
Hadrien wasn’t specializing in security, but he was damn good at it.
- He created an XSS worm in a web application of our university, after finding an XSS in the “my profile” feature. The payload would automatically self-propagate through the victim’s browser, updating their own profile with the “malicious” payload. This was just for fun, and the payload would not do anything beyond propagating.
- He reverse-engineered an Android game, “Fun Run”, and managed to bypass the anti-cheat system to repackage it with cheats. Blog post
- He wrote from scratch a self-hosted password manager, with client-side encryption. Vaultage
- He shed light on an interesting kind of web caching vulnerability (which he initially believed to be a vulnerability in Chrome) that can lead an attacker to being able to leak the value of an Authorization header cross-origin. Blog post
- He managed to exploit a buffer overflow vulnerability in a CTF before I did. The write-up he co-authored is actually the one that got me excited about binary exploitation and helped me get better at it.
- He exploited an XSS and CSRF vulnerability in the wild, then sent me a malicious link to replace my profile picture with a photo of Nicolas Cage.
The picture below is the last I have with Hadrien; on Saturday April 30th 2022, celebrating our birthdays, just 2 days after my daughter Juliette was born. Hadrien would pass away 3 days later.
I don’t regret anything. We spent an incredible number of high-quality moments together. He was there when I first met my now-wife; we travelled to multiple countries together; went to our first industry conference together; played in a band together; graduated together; ran races together; went skiing together countless times.
And yet, we had so many plans. There are so many questions I never got to ask him, and so many late night conversations we’ll never have. I feel grateful for having had Hadrien as a close friend for almost 10 years. And yet, I feel so angry. Hadrien definitely shaped me over the years and made me who I am now. Hadrien, you’ll always be in my heart!