How serious is this hacking...

I noticed if I went to Delicious' https login page via my user page (http://delicious.com/[username]) then Firefox always gave a 'there is unencrypted content included in this https page' warning, and further that if I attempted to then log in the cursor jumps back up to the user name text box from the password box a few seconds after typing in my user name, which would normally result in the password being typed into the clear text user name box my being totally oblivious to the fact the cursor had backtracked on itself. This is standard hacking I am used to. Note though if I instead login via the Delicious home portal page (Delicious) then there is no such warning from Firefox and no evidence of any malware on the login page. [Edit: This seems to have fixed itself by the next day, the login page now opens without any content errors from my user page.]

Apart from my ruling out virtually all possible opportunity for installing malware on my computer with security measures etc. otherwise, I think the above is self evident in itself that this is a MITM attack, and specifically targeted at myself? (That is the main question of this post

I don't propose to describe the install, accept to say that I have various security measures in place (firewall, VM, etc., though not the level of security a network engineer could put in place unfortunately not being one myself), however without running Tor (i.e., using an encrypted vpn alone) I have found the browser is hacked quite quickly. (With Tor I have found in the past that as Tor changes servers any browser hacks clear, though having said that my current install with Tor seems to be keeping all browser hacks out, or at least so far.)

If anyone can make any sense of the above, or maybe point me in the direction of the log files to start studying, etc. I'd be truly grateful


G.

Library Web (UK) - Library Culture on the Web

---------- Post updated at 01:00 AM ---------- Previous update was at 12:55 AM ----------

LOL, that last post just posted itself without my pressing the submit button, I'm not sure whether to laugh or cry!!

---------- Post updated at 11:53 AM ---------- Previous update was at 01:00 AM ----------

Firefox has a policy of essentially not notifying of mixed content encrypted pages, the about:config settings to change this:

Code:

security.warn_viewing_mixed = true
security.warn_viewing_mixed.show_once = false

---------- Post updated at 12:13 PM ---------- Previous update was at 11:53 AM ----------

As I said above if I don't use Tor hacking very quickly (at some point later in the day) renders the browser virtually unbearably sluggish, text entered into text boxes is also changed as I am typing, etc. However using Tor I'm now at the point where I can note suspect behaviour of specific websites, ergo!:

1) the bit.ly page that renders when using their bookmarklet to shorten a webpage being viewed is corrupted: sometimes the row displaying the shortened URL is duplicated (i.e., there are two rows for the one bookmarklet), I've had also a corruption of the 'customise | copy text' to, e.g., 'customise |'; the bookmarklet works cleanly on a fresh install for a while before exhibiting this behaviour subsequently on each use; would a https bookmarklet fix this? [Edit: Page HTML attached.]

2) http://www.infosniper.net -- I've had an episode of sorry.google.com errors from infosniper's page with the google map not rendering subsequently (closing the browser tab fixes this, could do with a https site to do the same here I think) [Edit: Page HTML attached.]