(1) Let's say I create an anonymous hotmail account per personal use.
Can someone trace it to me?
(2) Let's say I make it a paid account. Hotmail has my real name.
Can someone ID me from that?

---

Request for Question Clarification by aht-ga on 01 Mar 2004 22:00 PST

ancientdragon-ga:

It depends on what you mean by "trace it to" you.

To learn more about this, I suggest you send yourself an e-mail from a
Hotmail.com account. Then, take a look at the header. You will see
that in the 'Received from:' field, Hotmail tracks the public IP
address of the machine from which the e-mail originated, along with
the time the e-mail was sent.

So, if the e-mail is implicated as part of a criminal investigation,
the appropriate court can issue a court order requiring the operator
of the network to which that IP address belongs, to reveal what PC or
device was assigned that address at the time of the message. With that
information, it may be possible to further trace the e-mail to you
(depending on who's computer you happen to be using to compose and
send the e-mail). There are most likely anonymizing techniques that
can block this from being easy, but generally it is possible to track
any Hotmail-originated e-mail back to the source IP address.

Furthermore, if you had a paid account, and again you e-mail address
is verified to be associated with criminal activity through an
investigation, then Hotmail's terms of service provide them the right
to provide your information to the appropriate authorities with a
court order.

If you are not involved in criminal activities, and as long as you are
not using a PC with a static public IP address that is traceable, then
it is difficult, but not impossible, to trace any e-mails you may send
from a Hotmail account.

Please let me know if this is the sort of answer you are seeking,and I
will post this as an Answer.

Regards,

aht-ga
Google Answers Researcher

---

Clarification of Question by ancientdragon-ga on 01 Mar 2004 22:30 PST

First of all this has nothing to do with any illegal activity. It is
about privacy and in particular privacy from offspring who are pretty
savvy when it comes to computers.
 Just because I can't look at an IP address and tell where it came
from doesn't mean they can't. I want to know if someone who knows my
regular accounts saw a message I sent under some other name, if they
could tell it was from me. I've heard it said that its practically
impossible to do anything privately on line any more and I want to
know if that is true. For instance can a person make out the
geographic location of an IP address and are there other locators or
fingerprints like which service provider you use or whatever.

---

Request for Question Clarification by aht-ga on 01 Mar 2004 22:54 PST

To best answer your concern about privacy, please check out:

http://www.geobytes.com/iplocator.htm

When you visit there, the service will display all of the traceable
information regarding your current IP address.

As well, if you go to a command prompt, and type:

ping -a <IP-address>

The name that comes back, is the name associated with your current IP
address by your ISP. It may or may not contain information that
further identifies you.

Finally, check out this other service from GeoBytes: SpamLocator

http://www.geobytes.com/SpamLocator.htm

Now, if someone were to happen across your 'anonymous' post, and could
link the IP address to another post with your real ID, then they'd be
able to draw a line linking you to the 'anonymous' post.

What are the chances of this happening? Low, unless someone truly
wants to track down the sender of an otherwise anonymous post.

Hope this helps shed some light on the topic for you!

aht-ga
Google Answers Researcher

---

Clarification of Question by ancientdragon-ga on 02 Mar 2004 20:47 PST

Doing good, aht. thank you.

If IPlocator gives back "We are currently unable to locate the address
<my address> at this time." does that mean there's no geography info.
around it? Someone told me he had traced a message from my household
to the city I live in and thought it was from me. I didn't tell him it
was from someone else in my family but I think he probably knew it.
How did he locate it?

I went to Start>Run and did "ping -a <IP-address>" and nothing
happened. Was that wrong?

Spamlocator is terrific.

---

Request for Question Clarification by aht-ga on 02 Mar 2004 21:49 PST

Sorry, the <IP address> bit is meant to be replaced by the actual IP
address you are querying. So, for example, if you are interested in
the IP address 131.107.1.10, you would type:

  ping -a 131.107.1.10

and what you would get back is something similar to:

 Pinging time-nw.nist.gov [131.107.1.10] with 32 bytes of data:

 Reply from 131.107.1.10: bytes=32 time=15ms TTL=54
 Reply from 131.107.1.10: bytes=32 time=15ms TTL=54
 Reply from 131.107.1.10: bytes=32 time=15ms TTL=54
 Reply from 131.107.1.10: bytes=32 time=15ms TTL=54
 
 Ping statistics for 131.107.1.10:
     Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
 Approximate round trip times in milli-seconds:
     Minimum = 15ms, Maximum =  15ms, Average =  15ms

The '-a' part tells the 'ping' command to give you the name of the
device, if known, that corresponds to the IP address. In this example,
the name is 'time-nw.nist.gov'; this is the National Institute of
Standards and Technology's Internet Time server located at the
Microsoft campus in Redmond, Washington.

If the Geobytes tool was not able to track down the IP address, it is
a good sign, but not necessarily a sign that you are safe. It simply
means that, at the time you tried out IPLocator, the IP address did
not resolve to a known location in the Geobytes database. This can
easily change, since all public IP addresses are eventually traceable.
Privacy just can't be taken for granted, even on the 'faceless'
Internet! Even highly-skilled individuals who know how to use backdoor
programs, etc., to set up a series of IP relays around the world to
hide their true location, are eventually found out. Its just a matter
of time and resources, really. If the reason for wanting to track down
the source is great enough, then the time and resources can be
justified.

Regards,

aht-ga
Google Answers Researcher

---

Clarification of Question by ancientdragon-ga on 02 Mar 2004 23:33 PST

Your answer is complete, aht.  Plesae post.

Thanks for the opportunity to help shed light on this topic for you!

I will summarize our conversation to make it easier for others who may
come across this Answer to follow along.

You asked how it might be possible to track down the source location
of an e-mail, if said e-mail was sent from a Hotmail account.

In the clarification requests above, I mentioned:

---
To learn more about this, I suggest you send yourself an e-mail from a
Hotmail.com account. Then, take a look at the header. You will see
that in the 'Received from:' field, Hotmail tracks the public IP
address of the machine from which the e-mail originated, along with
the time the e-mail was sent.
---

To best answer your concern about privacy, please check out:

http://www.geobytes.com/iplocator.htm

When you visit there, the service will display all of the traceable
information regarding your current IP address.

As well, if you go to a command prompt, and type:

ping -a <IP-address>

The name that comes back, is the name associated with your current IP
address by your ISP. It may or may not contain information that
further identifies you.

Finally, check out this other service from GeoBytes: SpamLocator

http://www.geobytes.com/SpamLocator.htm

Now, if someone were to happen across your 'anonymous' post, and could
link the IP address to another post with your real ID, then they'd be
able to draw a line linking you to the 'anonymous' post.
---

So, for example, if you are interested in
the IP address 131.107.1.10, you would type:

  ping -a 131.107.1.10

and what you would get back is something similar to:

 Pinging time-nw.nist.gov [131.107.1.10] with 32 bytes of data:

 Reply from 131.107.1.10: bytes=32 time=15ms TTL=54
 Reply from 131.107.1.10: bytes=32 time=15ms TTL=54
 Reply from 131.107.1.10: bytes=32 time=15ms TTL=54
 Reply from 131.107.1.10: bytes=32 time=15ms TTL=54
 
 Ping statistics for 131.107.1.10:
     Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
 Approximate round trip times in milli-seconds:
     Minimum = 15ms, Maximum =  15ms, Average =  15ms

The '-a' part tells the 'ping' command to give you the name of the
device, if known, that corresponds to the IP address. In this example,
the name is 'time-nw.nist.gov'; this is the National Institute of
Standards and Technology's Internet Time server located at the
Microsoft campus in Redmond, Washington.

If the Geobytes tool was not able to track down the IP address, it is
a good sign, but not necessarily a sign that you are safe. It simply
means that, at the time you tried out IPLocator, the IP address did
not resolve to a known location in the Geobytes database. This can
easily change, since all public IP addresses are eventually traceable.
Privacy just can't be taken for granted, even on the 'faceless'
Internet! Even highly-skilled individuals who know how to use backdoor
programs, etc., to set up a series of IP relays around the world to
hide their true location, are eventually found out. Its just a matter
of time and resources, really. If the reason for wanting to track down
the source is great enough, then the time and resources can be
justified.
---

I hope that this helped. In particular, the Geobytes tools are good
ones to bookmark for future reference. Safe surfing!

Regards,

aht-ga
Google Answers Researcher

Good work, aht, very helpful.

Thanks for the generous tip! Good luck, and safe surfing!