in simple words, in theory, http, and email are not safe at all. https (not http) and encrypted email (not regular emai) are encrypted, in theory, they are relatively safe because the message are encrypted, and the hackers have to take time to decrypt it.

IP is not a private information. we all know your ip belongs to which ISP company. but only your ISP knows that they assign that IP to you.

most cases, they are not under requirements to protect this information to highest level. More like even you didn't list your phone number on the phone book, many staff from the phone company will have access to know your unlisted phone number is for which address.

Thank you very much first.

and, OMG, so, for example, you can know my IP, xw can know my IP, etc..... if anybody want it......

such as email, all these email software were just add some layers on the backbone function of the email function in unix.

the backbone function of the email, of course will tell it is from which machine which account, but it depends on you to tell your name (which machine and which account is not a secret, your real name is you claimed to be). so with many other internet applications.

bad person can pretend to be others easily. and at the same time, for good person your machine/account information is not a secret in the whole path.

first assignment of my internet course in computer school 13 years ago was writing an email software. only 10-20 lines very simple codes. and i put these codes in a dead loop by accident. simple like that, i created a powerful virus. (regular people with 10 minutes training can write these codes). if nobody tries to stop the running of this code, it will just continue to send billions of billions emails out in the loop from 13 years ago to now, it will be powerful enough to crash millions of millions mail boxes.

So you can see in internet world, to be a bad guy is easy to be a good guy fighting with bad guy is very difficult.