Man in the middle attack

Yup i know what you mean mate.

Luckily, this thing that i've possibly got isn't as harmful as that trojan you keep getting blocked.

lol didn't know i was mate ;d

I have got Firefox which is what i'm using at this very second

Cheers Phil

My virus checker - Bullguard- alerted me to some kind of cache poisoning, and said that this could be a man in the middle attack. So i switched to Firefox, and deleted the cache from there.

Perhaps an explaination of what a "Man in the middle" attack actually is would help.

It doesn't really refer to plain evesdropping, but to a third party (the man in the middle) impersonating the person each end believes that they are talking to.

Using the old cliche, Alice and Bob are two people communicating in some manner. Each believes that they are communicating directly with the other. Charlie is a bad person (often represented by the devil in textbooks). He gains acccess to a point in the communications network between Alice and Bob (postal sorting office, internet connection etc.) He can then start intercepting messages between them. Not only can he read messages, but he can also alter messages, remove them and create entirely new ones. Alice and Bob still believe that they are talking directly to each other.

One particular problem with this attack from the point of view of defending against it is that it is very difficult to detect. Since Charlie controls the network link, he can subvert any attempt to detect him. This means that attempts to detect the attack are very hit and miss, such as looking for unusual delays. This results in a high false alarm rate, so it is pretty unlikely that a warning means that someone is actually messing around with your communications traffic.

One thing which this attack never involves is your own computer, it always occurs on an external network over which you have no real control.

Yes, I do want a freeware, opensource browser.

(BTW it's Firefox, not FireFox)

You will always get people saying "I use IE and I've never had any problems" - you mean you've never *seen* any problems. If you surf around in Firefox you will often see warnings of tripe coming in from various websites you browse without a care in the world with IE.

Again usual stuff about being firewalled and AV'd when using Windows applies. And IMHO, someone who runs an insecure machine and hence passes around viruses has at least a slice of the blame, as well as the virus creators. If people ran their machines properly, viruses would have a much harder time getting about.

If you want to be the ultimate pedant, FireFox is a brand name for fire extinguishers, along with the Malaguti F15 scooter - I believe the D Stock may even have sported them at one stage (the extinguisher, not a lawnmower-engine). EDIT: no, not the D Stock, try the DLR Stock.

I beleive that the average time between a security flaw being identified in firefox and a patch being issued is a few days, with the longest being a couple of months. The average time ebtween a security flaw being identified in IE and a patch being issued is a few weeks or months, with the longest being about 2 years and counting.

Its your choice of course, but to me there is no contest between the two. Firefox is superior to IE at everything I want a browser to do and be, that it is free is also a major bonus.