IP address

[emmoe]

I recently did a test of creating a new email account to be used in accessing a automotive forum.  I did this at a public library that used a dynamic IP address scheme. 

When I returned home, I went to the new email server upon which I had created my new account (which I different from my normal home email server).  When I accessed the server for the first time from my home machine (which is hard wired to my ISP), it instantly pulled up my new email account.  Is this possible? 

I have also done a IPconfig/release and IPconfig/new on my machine.  Same result.

Any ideas?

[soybean]

So, when you accessed that new email from home for the first time, you entered your username (which might be your email address) and your password, right? 

[emmoe]

No.

That's what's freaking me out.  How would yahoo know about the account I created at the library?  I simply called up yahoo's address (www.yahoo.com) and it immediately came up with the user I had created at the library ([email protected])  This user I then used at the library to create a new LinkedIn account (I know I'm not supposed to do that, but it was part of my test).  With LinkedIn I used an alternate (but legal) phone number (land line).

So, the library's IP address was dynamically created for this session.  My IP address was assigned.  I released my home IP address and statically created a new after seeing my JC.Elias@yahoo come up (I also cleared my Java cache).  When I re-entered yahoo, it still knew my yahoo user!

[DaveLembke]

Just a heads up that its best not to share your e-mail address in clear text here.... it can be snagged up by a bot and then you get spammed.

[soybean]

If I correctly understand your scenario, it is perplexing.  I'm at a lose to figure out how that could happen.  Maybe someone else will have some ideas. 

[DaveLembke]

I have been keeping an eye on this one and I'm at a loss.

However, I feel the best test would be to start fresh with a computer they have never ever logged into before as for both systems could have been used in the past and somehow something is sticking around to reassociate user to account.

Slightly off subject, but I know that Facebook for example is using IP Address info to track people. A friend used my wifi at my home, had never gotten onto any of my computers, this friend was not friended with me on facebook. But because they had facebook traffic through my internet connection, all of a sudden in the "You might know this person" it showed them up that same day later when getting onto facebook. So somehow Facebook knew that they used my internet connection and put 2 and 2 together and was almost like a reminder of... hey... do you guys know your not friended on Facebook yet, yet you must be friends because you both connected through the same internet connection.

I havent caught Yahoo yet tracking peoples IP Addresses. But if they are doing anything like this, then I could see them associating you by location.

The other thing I dont like about this IP association/tracking is that my alias account that I have with Facebook under a bogus name that I use for being able to chat with people to talk about stuff that is none of family members business etc it shows up as ... you might know this person and it shows my alias account listed. I dont have any pictures on this account to make it stand out as my own, but it was an eye opener that Facebook is tracking IP Addresses and Associating people that way. I use to chat on my normal facebook account and it caused problems with people who like to invade your activity and tell the world ... do you know what he said or she said etc... so I pretty much dont use my normal facebook account anymore and am friended instead with a bunch of people that I never met, no pictures of me, fake location, and able to enjoy conversation and talk about whatever without troublemakers who love to spread whatever you shared because they joined up with a group to be able to copy paste whatever was said their outside of that group to be trouble. The content was a dark metal group on facebook and a band had some music up on there that I commented on what i liked about it and because a individual was able to see what groups I belonged to, they were able to get invited to that group from their account and then track down my activity there and then copy/paste this info to share with my religious parents and all he ll  broke loose questioning why i associate with those type of people etc... judgemental junk. So I am off the radar of family members on an alias because facebook doesnt have enough controls to keep what is said away from family members who like to judge. Anyone can see what groups you belong to and then get an invite and then look for your name and what you said etc, and copy/paste it out of there and say guess what i found on this or that person. Its a happier place in a group of unknown friends, like interests, and less problems. 

[Geek-9pm]

I am also watching this  thread.
There are special times when one needs to be almost anonymous.
A few articles on the Internet suggest that Yahoo has some kind of special way to find you.  Here is one that might be relevant.
By Mark Wilson - Published 3 years ago
Do Not Track: Stop using Yahoo if you're concerned about privacy

Do Not Track has been around for a few years now -- interestingly, Yahoo was one of the first companies to start using it -- and it makes it possible for users to prevent websites from monitoring their online activities. It's a feature that is supported by a number of browsers, either as a built in option, or one that can be added through the use of an extension, and it is something that has been welcomed by privacy groups all over the world.
Yahoo's justification for the change of heart is laughable:

The above idea is also found here:
How to Track the Original Location of an Email via its IP Address

Here’s a quick guide on how to track an email to its original location by figuring out the email’s IP address and looking it up. I have found this to be quite useful on many occasions for verification purposes since I receive lots of suspicious emails daily due to my blog. Tracking the IP address of an email sender does require looking at some technical details, so be ready to dig your heels in!

Is it really that easy   

[Salmon Trout]

I recently did a test of creating a new email account to be used in accessing a automotive forum.  I did this at a public library that used a dynamic IP address scheme. 

I went to the new email server upon which I had created my new account (which I different from my normal home email server).

I think you may be using the term "email server" in a non standard way. From all that I can gather, you created a new Yahoo email address. Yahoo email is web email (webmail). How did you create the address at the library? Using what Yahoo account? Your already existing one? If so, and you went home and browsed to Yahoo e.g. by clicking a bookmark link, and you are letting Yahoo store your login details on your home PC, then of course Yahoo knows what you have been doing. By the way, I reported the plain text email address. Possibly a mod will replace the part before the @ with some asterisks?

[emmoe]

By new email server I meant yahoo.  Never used it before.

I write lots of controversial op eds.  I fear that I may be under surveillance.  The fact that I had never used yahoo as a email server I think now proves that.

[Geek-9pm]

Emmoe,
You have a right to privacy. But when you place thoughts  for others to see,  that right reduced. At the present time governments take the position that they can observe and listen to anybody.

Now about online privacy. You can do a Google search:
Internet Privacy
and find tips about how to protect yourself.
You will find this among other things:

Internet privacy involves the right or mandate of personal privacy concerning the storing, repurposing, provision to third parties, and displaying of information pertaining to oneself via of the Internet. Internet privacy is a subset of data privacy.

 

Presently in the USA it is a political topic. Do not expect the forum to take any political stand .

[BC_Programmer]

I write lots of controversial op eds.  I fear that I may be under surveillance.  The fact that I had never used yahoo as a email server I think now proves that.

So just to clarify the sequence of events.

You logged in, for the first time, to yahoo on a library system, having never used or logged into yahoo previously on your home machine, and having done nothing to associate it with your home account such as using firefox sync.

When you went to yahoo on your home system, it filled in the same login information you had signed up with at the library.

Is my understanding of this sequence of events correct?

If so, could you perhaps go more in-depth in how your login information being filled in automatically suggests you are "under surveillance"? I'm having trouble understanding that connection.

[emmoe]

Sequence of events:

1. Went to public library.
2. Got a library card (my first time using my counties' library system)
3. Logged on to library system using my brand new library card.
4. went to www.yahoo.com.
5. Created a new email address in no way associated to my other email accounts.
6. Went to www.linkedin.com.
7. Created a new fictitious profile associating the profile to the new address and a bogus phone number.
8. Signed out of library system.
9. Went home.
10. Accessed www.yahoo.com
11. Yahoo home screen came up.  My alias for my email profile I set for my new yahoo email account showed on the right hand side next to the email icon.
12. FREAKED OUT!

I do not understand how this could happen?

[Geek-9pm]

1. Went to public library.
2. Got a library card (my first time using my counties' library system)
3. Logged on to library system using my brand new library card.

what information did you give to the Library?
A bogus ID? Or a real ID?
Phone number?
Street address?
Your old yahoo email?

Maybe yahoo asks the library for information on people who use the library system. That would be reasonable.

Does your Library have a privacy policy?

All records pertaining to the use of Kings County Library materials by a Library patron shall remain confidential other than records relating to fines imposed on borrowers and, in accordance with Government Code section 6254(j), such confidential records will not be disclosed in response to requests under the Public Records Act (Government Code sections 6250 and following). "Records" includes all forms of communication related to public business, except as noted above, including any writing, picture, sound, or symbol, whether paper, fiber, magnetic, or other media. No employee or volunteer shall make information regarding such records or a customer's use of the Library's materials, equipment or facilities (including the Library Meeting Room) available to any third party except in accordance with the court or other orders or search warrants described in this Policy. Records relating to fines imposed on borrowers must be disclosed when properly requested under the Public Records Act, as must rental agreements for use of the Library Meeting Room which are disclosable public contracts.

http://www.kingscountylibrary.org/confidentiality-of-library-records
Sounds good.
However, notice what this Library says:
https://multcolib.org/privacy-and-confidentiality-library-records
The above link has some rather detailed points about what they do give out.

The library will not collect or retain your private and personally identifiable information without your consent. Individuals may choose to submit their names, email addresses, postal addresses or telephone numbers in order to receive library services, such as registering for library cards, ordering materials, receiving personal responses to questions or being added to specific mailing lists. If you consent to give us your personally identifiable information, we will keep it confidential and will not sell, license or disclose it to any third party, except those working under contract to the library, or except as required by law. For information about the ways third parties may use or disclose your information see the Third Party Vendor Services section below.

Which would imply that they did or the might if needed. You would have to read the whole thing carefully to get  where they do share your information in some cases.
So, does that answer your question? 

[emmoe]

SO,
1. Real ID
2. Real Phone and mailing address
3. Real gmail address
4. Never ever accessed yahoo for anything
5. Yes the library has a privacy policy

I would think that personal information would not allow an entity, like yahoo, to reverse engineer my system's IP address.  My ISP does not have this information.  Another family member owns the account.  I also would think that Google would not share my gmail data?

When questioned, the library says they only use my account data to attach to my browsing history.  They say they do not save cookies.

Any other thoughts on where this could be coming from other than physical surveillance?  I think my questions have blown any possibility of using this library to further test.

[BC_Programmer]

Yahoo and Yahoo Mail are separate, similar to how Google and Gmail are "separate"; you can sign in to Google and if you have a Gmail account, it is visible there. If I create a Gmail account while signed in to Google, for example, it would be assocated with my Google account.

Automatic logins do not occur on the website side. They do not recognize IP addresses or other client information and log people in- that is client side and handled by the browser, via saved cookies on the local system or local logins saved by the browser.

While I have no explanation based specifically on how you've laid out the events, I find "Physical Surveillance" to be a rather unlikely origin. It doesn't make a lot of sense for them to watch you, get your username and password for the new account, and then break into your house and log in with that account on your home computer. I find that far less believable than having misremembered the sequence of events and having been signed in to Yahoo when creating the new Yahoo Mail account.