FRONT PAGE CONTRIBUTOR
Case Closed? Leftblog Claims Definitive Proof Weiner Was Framed.
Case closed? Not so much. There is a post up at a the blog Cannonfire today titled: CASE CLOSED! CONGRESSMAN WEINER WAS FRAMED! Tweets of this article are blowing up on the #p2 hashtag on Twitter, and many blogs in the leftosphere are beginning to cite it, including Little Green Footballs and DailyKos diaries section.
The post claims to definitively prove that Rep. Weiner could not have sent the now infamous underwear photo that is causing him so much trouble this week.
It had to have been sent by someone else.
The problem is, they’re completely incorrect. Something I was able to actually prove with very little effort. But before I explain, here is the argument being made (click through to read more.)
If you have a yfrog account, you have an email address to which you can send photos and have them automatically post, both to your yfrog and to your Twitter feed. To do this, you attach the photo to an email, put your yfrog email address in the To: field, and the body of the tweet in the subject line or email body. You can even address it to someone by putting their twitter username in the subject line.
The problem, however, is that the email does NOT need to come from your registered email address.
Cannonfire, quoting a note from a reader, says this:
easiest way to pull off this as a hoax would be if you knew weiner’s yfrog email address. email a blackberry pic to that email address with (@subject) in text and you’d create exactly what happened here.
would require no password hacking (you wouldn’t even need to know his password to do it).
In other words, I could use my email to send a pic to your yfrog, and it would appear on your twitter feed, all without your intervention, all without hacking.
Sounds pretty bad right? Only, no. It isn’t. A yfrog email address is composed of your twitter username, a dot, and a randomly generated series of characters that look like made up words (although some of the ones I’ve seen today were actually just Latin words.)
So, for example, your email address for yfrog might be: MyTwitterHandle.firstname.lastname@example.org. Without that email address, you can’t send the pic.
Now, Cannonfire, still quoting a reader goes on to address this:
the chance that somewhere along the way that weiners yfrog address had been leaked? pretty damn high. it would happen if weiner or an aide simply forwarded a pic he emailed to his yfrog account to anyone else (thus showing the yfrog email address in the chain).
There is a reason the reader is emphasizing that the email address would have to have been leaked. The random word/letters after the . in the email address is tantamount to a password. You can’t just guess it. You have to know it or .. dah dah daaahhh … hack it.
Still, the blogger decided to test the process, and provided their own yfrog email address. Reader milowent, the same person quoted above, was able to send a pic through that address, thereby successfully posting to someone else’s yfrog account. Again, only because the address had been provided to him. I’m sure if I gave you the password to my yfrog account instead of the email address, you’d be equally successful.
In any case, the crux of the “proof” comes next.
If you click on that link, you may notice something important. By using this technique, milowent (or is it Tony?) was able to create a header that does not contain the URL of the image below the account holder’s name. As we’ve seen in previous posts, that URL does appear if the account holder uploads a picture. Apparently, it does not appear if someone else emails a picture to that account.
The screencap of Congressman Weiner’s page — the one featuring the infamous “crotch shot” — lacks the URL. As far as I can tell, the only way to create that anomaly is when someone other than the account holder places an image on Yfrog, using the simple strategy outlined above.
The comparison image given here should explain the situation to anyone I’ve accidentally confused. (Click on the image to enlarge — and I’m very embarrassed by the misspelled word.) The first header was taken from the Weiner screen cap as it appeared on Breitbart. Note the lack of a URL beneath “RepWeiner” — just blank space.
That’s very unusual. Under normal circumstances, Yfrog never puts blank space there.
I demonstrate those “normal circumstances” in the second example. This is what the header looked like when I uploaded a picture to my own Yfrog account. Note that the URL for the image appears right below my pseudonym. (As noted in an earlier post, I opened the account under the name “G. Dowson,” which happens to be the name of an illustrator whose work I like.)
The only way to create a URL-free header is to have someone else send a pic to one’s Yfrog address. Milowent did just that. You can see the result: The header now has a blank space beneath Dowson’s name.
Why does Yfrog work that way? I don’t know. Ask their programmers.
The important point is this: The anomaly in the header indicates that the image was not sent by Weiner. It had to have been sent by someone else.
Had. To. Have.
However, this is just simply not so. Check out this link: http://yfrog.com/gz4hkgzj, or see screenshot below.
I sent that photo to my own yfrog account from my own email, and it subsequently tweeted on my timeline. (I eventually deleted the tweet so as not to give away my big reveal before I could write my post.)
Again, the supposed nail in the coffin was that:
“The only way to create a URL-free header is to have someone else send a pic to one’s Yfrog address.”
So what does cannonfire prove definitively? That it is possible to post to someone else’s yfrog and twitter, assuming you know the email address of their account, and that sometimes, yfrog photos don’t have a URL visible under the name of the person who posted the image.
What does this mean for Rep. Weiner? Well … nothing as far as I can tell. It doesn’t point to his guilt or innocence. Could someone who knew his yfrog email address post the picture without his knowledge? Sure. So could someone who knows his password. Or someone who hacked into his accounts. But so far, there’s no evidence for any of these theories.
Case closed? Not by a long shot.
Thanks to Mediaite’s Tommy Christopher, who acted as a guinea pig in some of my yfrog testing for this post.
UPDATE: Astute DailyKos commenter Pico seems to have noticed the URL issue as well, and judging by the time stamp, before I posted this. Credit where due.