Geek stuff from a french geek and photographer
Recent Tweets @lhirlimann
Posts tagged "security"

Le 1er avril  (c’est à dire le 1er Avril 2014) prochain j’organise une séance de signature de clef pgp et d’assurance CACert dans les locaux de mozilla à Paris.

Afin de pouvoir gérer correctement cet évènement, je demande aux participants potentiels de s’inscrire via eventbrite pour ne pas exploser la capacité de la salle.

Venez nombreux se sera fun.

Always wanted to understand what cryptography is ? how to make your communications secured this guide explains everything very nicely.

A nice project, worth giving a few bucks at

Today I’ve received the following email in my inbox :

Received: from (LHLO (x.x.x.x) by with LMTP; Thu, 8 Mar 2012 17:14:03 -0800
Received: from ( [x.x.x.x])
	by (Postfix) with ESMTP id AF01B251C05A;
	Thu,  8 Mar 2012 17:14:02 -0800 (PST)
Received: from ( [])
	by (Postfix) with ESMTP id A03E34AEDD1;
	Thu,  8 Mar 2012 17:13:53 -0800 (PST)
Received: from ([]) by ([]) with SMTP;
	Thu, 08 Mar 2012 19:14:02 CST
Received: from localhost (localhost.localdomain [])
	by (Postfix) with ESMTP id D1E655C8D294;
	Fri,  9 Mar 2012 00:40:39 +0000 (GMT)
X-Virus-Scanned: amavisd-new at
Received: from ([])
	by localhost ( []) (amavisd-new, port 10024)
	with ESMTP id w-b-ioEMbIK1; Fri,  9 Mar 2012 00:40:39 +0000 (GMT)
Received: from [] (unknown [])
	by (Postfix) with ESMTPSA id 559D55C8D5A2;
	Fri,  9 Mar 2012 00:40:19 +0000 (GMT)
Content-Type: text/plain; charset="iso-8859-1"
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Content-Description: Mail message body
Subject: Dear E-Mail User
To: Recipients <>
From: "Webmail HelpDesk" <>
Date: Fri, 09 Mar 2012 01:39:54 +0100
X-Antivirus: avast! (VPS 120308-1, 03/08/2012), Outbound message
X-Antivirus-Status: Clean
Message-Id: <>
X-pstn-neptune: 11/1/0.09/61
X-pstn-levels:     (S: 2.44222/99.90000 CV:99.9000 FC:95.5390 LC:95.5390 R:95.9108 P:95.9108 M:97.0282 C:98.6951 )
X-pstn-dkim: 0 skipped:not-enabled

Dear E-Mail User.

Your Mail quota has reached limit, You might not be able to send or receive=
 new mail until you re-validate your mailbox .To re-validate your mailbox r=
eply to this mail and fill { Your E-Mail Address } { Username } { Password =

Technical Support

I almost replied - as I know I have a big usage on the mail server. What made me not reply was the password - I would probably have not send the mail seeing where it woud go. What prompted me - thinking this was legit was the fact that it was caught between two other legitimate emails about desktop support. And the IP address below the signature was also helpful for me not to reply at all.

This picture is shows websites that are tracking my browsing habits. I browsed four or 5 websites and got tracked by 20. Scary !

Want to try it for yourself , run Firefox and install the Collusion extension.


This evening I landed Bug 728429 on mozilla-central. Firefox will now refuse to load XPCOM component DLLs that do not implement ASLR. ASLR is an important defense-in-depth mechanism that makes it more difficult to successfully exploit a security vulnerability. Firefox has used ASLR on its…

This will probably hit any AV vendor or anybody adding toolbars (as many of them come with binary component). In Thunderbird land it probably means that some anti-spam extensions will have issue. This will affect only windows of course, but that’s what 95%+ computer user use.