>but, can you please tell me if they can find out exactly where one lives
>by one's " headers" for example ?
Usually not exactly. The geolocation info provided by most ISPs is typically limited to the location of their servers, so the location "they" would find would be the other end of the wire from you. Still, that can be unnervingly close, a few blocks to several miles off.
>and, can anyone hack into our mail with what i have heard called
There are a variety of methods one might use to gain access to your email account. Three broad classes of attack include phishing, compromising your computer, and compromising your connection.
Phishing is the simplist. They send you an email or lure you to a web site pretending to be Yahoo (or the email service of your choice) and trick you into giving them your account ID and password.
Compromising your computer can be done by way of a Trojan Horse email, something you open thinking it is beneficial but instead it contains malware. Or a malicious web site can deliver malware to your computer. Sometimes their software can access your computer directly (a computer "worm") and insert malware.
The malware itself can take many forms, including things that secretly record every thing you type (a "keystroke logger") or may access files on your computer to discover your passwords or other info.
Compromising your connection is also possible, particularly if you ever sign in to Yahoo while using an open (not secured) Wi-Fi "hotspot". There are techniques whereby someone can access your Yahoo account because you have signed in. They didn't need to learn your password, they just "borrowed" your session.
>how would one prevent these two things ?
I'm not sure. I'm not sure anyone is sure. Not for all forms of attack anyway.