Selling one S.T.A.L.K.E.R.: Call of Pripyat Steam activation key. - 1BTC or best offer.

There's not even any need to pull the disk. Without any encryption it is trivial to boot into the root account, change any password, collect any files, install any software, and put the passwords back when you're done if you want.

With home directory encryption your personal files would be safe, nobody is going to get access to those unless they have your password. Of course, if they have repeated physical access while it's in you possession they could boot into the root account and install a key-logger.

You don't have to browse shady things to be a potential target. For example, compromised ad servers can push attacks across many popular respectable sites.

There are no guarantees, just levels of confidence.

Yes to both.

FTFY

If they have the hashed password from the user database they verify it the same way the website does when you try to log in.

They run the guessed password through an algorithm and compare the output to the value from the database. If they match, the password will work to log into the website.

I don't understand half of the things you are saying at the end there but that ip address corresponds to the Boomerang for Gmail plugin. If you did install that plugin this would be expected behavior.

No, you would need to be the one sending for this problem to occur.