Still on WeinerGate, with a twist - this not-too-techie post explains how Person A can drop a picture into Person B's Yfrog account simply by knowing their Yfrog address (no password required! But try getting that Yfrog address...). As a bonus feature, Yfrog (a public picture sharing service) can be set to automatically generate a Tweet when a picture is added, from any source.
The post author, Joseph Cannon, having done the cool research, then jumps overboard and assumes that only a political enemy of Weiner could have sent the infamous dic-pic to the Yfrog account, and from there to Twitter and the young coed. Nothing I read rules out the possibility that an impetuous staffer, a tasteless drinking buddy of Weiner's, or Weiner himself from an unlinked phone sent the pic. And since Weiner is lawyering up and doing everything to discourage an investigation while Dan Wolfe is calling for the cops to check him out, I am not so sure that Weiner is as pure as the driven snow here.
Well. I have no doubt that this quasi-hacking technique will be tested and verified promptly. I will volunteer my own Yfrog account as soon as I have one. [KEY UPDATE - I am not able to verify a critical bit of 'evidence' about a missing URL that was highlighted by J Cannon - see below.]
HERE WE GO: My Yfrog address is: Tom_Maguire.email@example.com
Let's see if anyone can plant some tasteful photos there and generate some tweets.
THAT WAS EASY (I THINK): OK, I have emailed myself a photo from an unlinked (and unliked) Gmail account. It has shown up nicely in Yfrog and seems to have generated a Tweet. I suppose if I had any followers at all I could see if the Tweet was actually broadcast...
If someone could check Tom_Maguire on Twitter that would be great, Or I may figure this out soon enough. [Here is the live Twitter stream from my account, nicely showing the planted pics. Very cool.
STILL POKING: OK, I sent a directed Tweet (via Yfrog, using the unlinked email account) to the one and only Mickey Kaus, and he received it.
I would feel even better if a Loyal Reader here tried the same trick, since there is the possibility that Yfrog is verifying the email account by way of a common IP address or something (Evil spirts?). But I think we have a real mini-breakthrough here.
HEADSCRATCHING: How might one get someone's Yfrog address? That may be the weak link in the theory that this was a malicious attack.
LET'S GET READY FOR SOME FOOTBALL: OK, someone placed a cool John Madden photo on my Yfrog account. It showed up in my Twitter feed, but was it broadcast? I don't know, yet. I now see a "Go, Bruins" Tweet as well. But the toaster is still loyal.
KEY UPDATE: J Cannon claims that pictures he uploads are displayed with a Yfrog URL, but outsider uploads lack the URL. The missing URL on the dic-pic "proves" it was uploaded by an outsider.
To which I say, hmm - every picture appearing in my account has a visible URL, even though they should all be outsider uploads. Maybe the Cannon result came from the interplay of different platforms and browsers. Well, "maybe" a lot of things - I am not the techie to explain this. But until we know exactly why the URL might or might not appear or disappear, that Cannon result does not look like "proof" of much.
Here is a screenshot with the non-missing URLs:
The only way to create a URL-free header is to have someone else send a pic to one's Yfrog address. Milowent did just that. You can see the result: The header now has a blank space beneath Dowson's name.
Why does Yfrog work that way? I don't know. Ask their programmers.
The important point is this: The anomaly in the header indicates that the image was not sent by Weiner. It had to have been sent by someone else.
We agree on "I don't know". Maybe Weiner using an unlinked phone would generate no URL; maybe different browsers get glitchy with the URL.
AND LOOKING AROUND... Caleb Howe at RedState has been on this like a cheap suit, and highlights the problems with the URL and with getting that Yfrog address. Jim Hoft crushes the whole theory.