As a network engineer, I know of a few methods that have been used but for the most part have been unsuccessful. If you are paranoid about security, there are many programs which use encryption algorithms. On a forum, everything is available to the public eye. IP address can be obtained when you visit a website as a website is broadcast through a HTTP server, in most cases (since JTF is using a forum based on PHP) my guess is that it is running on a linux or unix based operating system that connects to a MYSQL database. It's also likely that since Unix or Linux is likely to be used, that the software used to broadcast the website is probably Apache. Apache keeps logs of people who visit the site. Anytime you visit a site your IP address is recorded. Even if it's not, your ISP has records of websites you visit, sometimes they will listen or monitor your packets. Packets are not always distinguishable to detect what you are posting or writing but sometimes if you are transmitting data, certain things can be decrypted via packets.
Packet sniffing isn't very complex at all.
Regarding cell phones, I've never heard of this before, I generally use smart phones that are unlocked and reprogram the firmware so I have no concerns about that. Now it is possible to hack phones with bluetooth if they are not secured with a password and the bluetooth is enabled. That is the only way I know of that someone could upload software. Sometimes cell phone companies put their own firmware on locked phones that you get via a contract and are able to automatically update your software. Certain cell phone companies using CDMA technology rather than GMS ( such as Verizon) are required by the FCC to add GPS on your phone for the new E-911 technology to comply with the law.
Overall, I think some of the members are being paranoid, I wouldn't worry too much about it. Just watch what you say, never threaten another persons life or admit to breaking the law. This is what will screw you over. In many cases the government is restricted on those records, however the most fullproof way to obtain records (such as when cops go after paedofiles and those who pirate video games, movies) is they obtain a subpoena for the host or the ISP and they match records to verify the persons IP address and packets match up. This is why it's important to secure your wireless network so you don't get blamed or convicted for somebody elses wrongdoing. The justice system is pretty screwed up, but last I checked, I thought eavesdropping doesn't hold up in court unless the other person is aware they are being recorded?
By the way, it's not possible to actually hide your IP address. You can use a proxy for web browsing and certain applications like messengers but that does not change or hide your IP address. A lot of times, I will use a proxy when at work or school to bypass blocked websites but if your doing something illegal, then you can still be tracked if the courts obtain a subpoena for the ISP who owns that IP address (though it's rather difficult if located in a foreign country). You also risk privacy with an open public proxy but there are closed proxy (they cost money though).
Even if a person knows your IP address, they can't actually trace you to your home address. At most, they can find out who your ISP is and perhaps where the ISP's datacenter is located. To go any further, one would have to look up customer records on who is using that IP address at that date and time.
If you are worried about being hacked, that is unlikely, hackers need some sort of trojan or exploit to access your system. Generally personal attacks are rare as most users have some sort of firewall or protection. My largest issue (running servers at work) is probably DDoS attacks (Denial Of Service) where a user will use multiple "hacked" servers to try to flood our network with bogus packets, we have hardware to dispense the bogus packets though it is a pain in the ass and even the largest corporations have had their websites taken down as a result. Most of these users generally use the hacked servers to send spam or packet competitors to hurt their business.