Is it safe to hack email in a public wifi spot?

[123123]

my friend and I are having an ongoing debate. please settle it for good.

my friend concurs it is completely safe to hack an email account (yahoo, hotmail, etc) if you do so in a public wifi setting (like a coffee shop, library, etc). his point is that your ip address is public, and therefore your actions cannot be traced back to you. he even says you can download private images and documents directly to your laptop once you've logged onto another person's email account in a public wifi setting.

i contend that while your ip address is public and perhaps cannot be traced back to you, once you download files to your computer, that indeed can be traced by authorities, even in a public wifi setting.

please help us settle this for good. is it 100% safe to log into another person's email account in a public wifi setting? is there any chance of getting caught, etc?

[Zaffron]

nothing is 100% safe

[megatron40]

Someone can correct me if I am wrong. If I am I'll take the flame and learn something new for the day.

As long as you're connected to that public network on that IP address you can be traced. Once your off and on another network I think you're fine, but you definitely want to clean your computer up after that (cookies, web history, etc). Even then though, like Zaffron said, nothing is 100% safe. So best to be on the safe side and just not do it .

[123123]

Thanks for the reply but your answer didn't really clear anything up for me. Unless someone can explain otherwise, how can a computer be traced after it leaves said public wifi network that was used to log into another email account? What if said computer is only used in public wifi spots? If materials are downloaded to the computer using that public wifi network, how can it be traced back to that computer?

[plope0726]

Thanks for the reply but your answer didn't really clear anything up for me. Unless someone can explain otherwise, how can a computer be traced after it leaves said public wifi network that was used to log into another email account? What if said computer is only used in public wifi spots? If materials are downloaded to the computer using that public wifi network, how can it be traced back to that computer?

You can be traced regardless of being on a public network like that. First of all, every computer's network card has a mac address that is unique to that hardware. The hot spot you are connected to likely keeps logs of mac addresses that it gives ip addresses to. See on the wifi hot spot you have the public ip address of the access point you are connected to, then you have a private IP address that is assigned to your nic (like 192.168.1.5). So one can trace the connection to the wifi hot spot, then from there view the logs for the network and see what mac address had what ip at what time. If the computer is registered they can see who owns the computer which contains the nic that has that mac address. And if it's not registered than they can find out what store the computer was sold at and see who bought it since most computers are bought with credit cards there will be a paper trail. Of course a mac address can be spoofed.

Even if the mac address is spoofed they can determine through logs, when the attack took place and trace back to the wireless network it came from. Then one can go to that location, which likely has video and determine who was there at that time. Of course a person can be hiding outside the building and out of site of cameras.

Still, your computer sends much more information than this when it connects to another system, so these are just a few ways you can be tracked down even from a public wifi hot spot. In conclusion, you are not 100% safe from being tracked just because you are on a public wireless network. There are many many factors to consider and steps to take to "stealth" yourself. And chances are you will forget something or there will be something you didn't think of. So I would side with you on that argument.

[megatron40]

What plope said. And if you're curious, if you have a router at home, you should be able to log onto it and look at that log information so you can see what is logged when connected to a network and what other options for logging you have if you have them. It'll differ from model to model and from network device to network device.

*Take note of the post after this one
|
|
\ /

[plope0726]

What plope said. And if you're curious, if you have a router at home, you should be able to log onto it and look at that log information so you can see what is logged when connected to a network and what other options for logging you have if you have them. It'll differ from model to model and from network device to network device.

Keep in mind that a wireless ap used at a public hotspot is going to be a lot more robust that one you would use at home.

[koolpop0]

it is safer if your sure you can do it quitely and in under 30 minutes otherwise the fbi or cia (or w.e) will attack you in the public place.

if at home they will be able to find you no matter what...

i wouldn't bother doing it not worth jail time

[123123]

what exactly do you mean by "attack you"? attack your computer? or physically come to where you are located?

[plope0726]

what exactly do you mean by "attack you"? attack your computer? or physically come to where you are located?

Im not sure what he means by attack, but they won;t attack you. If they feel they had time to get to where you are at they may come to pick you up. Otherwise, in the event that the attack (what I mean by attack here is you breaking into another system whether it be email or files etc.) is traced back to your computer, they will try to locate you or the owner of the computer. That is of course if what you did is even worth making a case out of.

They will not however attack you physically unless you run from the cops, they will not try to hack your computer either. They will simply come find you and bring you in for questioning to try to build a case against you.

[123123]

plope0726,

thanks for the follow up. i don't understand what koolpop0 meant by attacking. first off, i can't imagine any law enforcement would approach a person or area they think is breaking into email accounts UNLESS they have been targeting someone for a long period of time, know specifically of malicious actions by this hacker, and have confidence they know exactly where this person is physically located.

here is a good follow up question that my friend is attempting to make: would law enforcement even bother to investigate a case where someone believes their email account has been hacked, but where they don't see or know of anything done to said account? it's one thing if someone alters someone's account by deleting emails, sending emails while hacked, etc (malicious behavior and intent). but what if the hacker does nothing while the hacking (aside from the actual hack and reading emails, etc)? this is what my friend is basing his argument on. authorities won't pursue cases unless the hacking on one account is repeated or malicious actively is taking place during the hacking.

thoughts?

[megatron40]

Might depend on who's account you're on. I mean if you're in Obama's email... well... I don't think it's a good idea.

[123123]

haha. for the sake of this argument, let's say it's not a government official or anyone in a position of "power". let's make this example be a normal person and their personal email account. nothing work related, government, secret and important documents, etc.

[koolpop0]

it is safer if your sure you can do it quitely and in under 30 minutes otherwise the fbi or cia (or w.e) will attack you in the public place.

if at home they will be able to find you no matter what...

i wouldn't bother doing it not worth jail time

attack - arrest

sorry was thinking about something else while typing :p

[123123]

you're telling me if someone hacks an email account in a public wifi setting that they will be arrested if they go under for more than 30 mins? i find that hard to believe. the person getting hacked would at least need to contact authorities first, etc. i'm guessing authorities would come into place only after they have been notified and can build their own case.