Thursday, June 02, 2011

Has Yfrog responded to yesterday's post?

Folks, if you check the comments for yesterday's post on l'affaire Weiner, you'll see that I've spent hours sparring with nitwits. This activity is not good for my disposition, so I'm going to take a bit of a rest. But one bit of important new news has come to my attention, thanks to reader milowent.

You may recall that he was the one who originally found the security flaw in Yfrog/Twitter -- a flaw that allows someone to upload a picture to someone else's Yfrog account without actually hacking into that account. The same flaw allows you to "spoof" Twitter messages, in order to make those messages seem to originate from someone else.

Apparently, Yfrog has figured out that a problem exists. Milowent attempted to post to Yfrog via email (as detailed in yesterday's post) and this is what he got:

Is this a temporary thing? Or are the folks behind Yfrog rethinking how they do business?

And if Yfrog is rethinking its policy, is it doing so in response to Weinergate?

I don't believe that they would change how they conduct their affairs based on my post -- even though that post got a lot of attention. It is possible that the security firm hired by Congressman Weiner contacted Yfrog. (Or should one say Imageshack? I believe Imageshack owns Yfrog.)

The point is this: If Yfrog filled the security hole at the request of Weiner's people, then my argument is proven. Yfrog would not have filled that hole unless that were the method by which someone loaded a photo onto Weiner's account.

Nobody can dispute that lots of people were able to replicate the experiment outlined in the previous post. My "gdowson153" account at Yfrog holds a lot of pictures now. I didn't put 'em there (except for the first two, as documented in previous posts). Nevertheless, those other images sure look like they came from me -- if you were to judge based on header information.

Similarly, there are a lot of tweets which look like they came from me -- yet I've never sent out a tweet to anyone in my life.

All of which proves that these folks at Gateway Pundit are silly billies. I've never seen such a hilarious attempt to bamboozle one's way past a problem.

They claim that my post was technically flawed. Check out their argument -- if you can call this an argument:
Yfrog, like every other service out there (including Twitter, WordPress, Flickr, Blogger, and Tumblr), has a photo upload service by email. If you are logged into your account, you have access to that email.
Uh...yeah. That was the freaking point, dude. (As noted above, Yfrog does not seem to have an upload service by email anymore. The interruption may or may not be temporary.)
Furthermore, if you authorize Yfrog to do so, you can post a picture to Twitter from the account using your secret email.
So. Congressman Weiner sent a picture of a dick to himself using a secret email account. Seems rather a complex way to go about it. Wouldn't it be easier to just, you know, look down?
When you sign into your yfrog account, you can do so with Twitter, which authorizes you to post to Twitter.
I will happily stipulate that signing in with Twitter authorizes one to post to Twitter.
It’s not a hack. It’s a security feature that requires you to be logged into Twitter to sign in, just like Facebook connect.
When did I say otherwise...?
If you go into your Twitter settings, you can find out if yfrog is authorized to post pictures to your account. It’s under Settings>Applications.
So? What does any of this have to do with the security hole that was the heart of yesterdays' post?

If the Gateway Punditeer is trying to argue that you can't post pictures to someone else's account using the trick mentioned yesterday -- then how the hell did all those outside pictures hop into my Yfrog account? Why are there so many tweets which seem to come from me, including tweets which look exactly like the one attributed to Weiner?

Gateway Pundit is trying to doubletalk his way out of a problem. Rest easy, Robert Preston -- we have a new Professor Harold Hill!

Oh, but it gets even funnier.
And Anthony Weiner tells us today that he has never even seen yfrog before that night.
This claim is bolstered by a quote from Wolf Blitzer's interview with Weiner. These are the allegedly damning words:
I mean, I’ll tell you what happened that night. I mean, I was literally there tweeting about hockey. For those of you who follow my Twitter, my bloody TiVo didn’t record enough time, so I missed the end of the Tampa Bay-Boston game. I’m a big hockey fan, and I tweet about hockey.

And I see this thing pop up. I immediately delete it. OK? I immediately delete the photo – I thought I deleted – I mean, I’m not a hundred percent sure – I deleted the photo and then this – this – without any password or anything, I was able to get into the account where this photograph was hosted somehow. And I deleted that and other photographs in there as well, although it was nothing very controversial in there. But I deleted everything, and I immediately tweeted “my system has been hacked.” You know, darn it.
At no point does Weiner say the words which GatewayPundit (and other rightists) have attributed to him. He does seem a bit hazy about the technology. That's not surprising.

Believe it or don't, the righties actually try to scry something sinister into the above quotation from Weiner! That's the biggest stretch since Reed Richards shook hands with Ralph Dibny.

I could go on. But -- as noted above -- I've already spent too many hours sparring with ninnies. You can see my retorts if you scan the comments appended to the previous post.

Alas, most of the righties won't read those retorts. They keep repeating the same nonsensical catch-phrases over and over. They're like Buddhists: Once they find a mantra, they keep chanting it.

(The Obots were pretty much the same way back throughout 2008. There was just no talking to those people.)

It's pretty obvious that the mindless mantra-chanters aren't going to read my responses. And if they aren't going to read what I have to say, why should I write? And why would they come here?

Nevertheless, I can't resist making a few final points:

1. Bella wins! As noted, a lot of people uploaded pics to the account of gdowson153. One of the images was pornographic; it was removed. Most of the others were funny. But the shot of my dog remains untoppable.

2. Was it illegal? Some people have said that Weiner must be guilty because he has not threatened to bring the "hacker" (who is not really a hacker) to justice. But I'm not at all sure that the exploitation of the Yfrog security hole was illegal. Technically, this act does not constitute "hacking," since the person framing Weiner did not guess the password and did not gain control of Weiner's account.

If you can cite a specific violation of the criminal code, please share with the rest of the class. I am all attention.

"But Weiner said he was hacked!" Roughly a gazillion rightists have shouted those words at me, as though they constitute some sort of really impressive argument. To which I answer: So? What else would he say? He didn't know about the security hole. Besides, he may define the term "hacking" more broadly than I would.

Could Weiner bring a civil suit? Conceivably. Hell, you can sue anyone over anything. But most lawyers would advise him not to sue for defamation or libel.

If Weiner's refusal to pursue a legal remedy constitutes an admission of guilt -- well, that logic cuts both ways, dunnit? I've said in public that I am positive that Dan Wolfe tried to frame a congressman. If Dan doesn't sue me, then he must be guilty...right?

A gazillion rightists have also told me: "Wolfe must be innocent. He has said that he welcomes an FBI investigation!" Well, jeez, what do you expect him to say? "I do not welcome an FBI investigation"?

The fact is, we're talking about a guy who hid his Twitter feed at almost the same moment he proclaimed that he has nothing to hide. He has given conflicting stories. He still can't explain why his browser cache doesn't have a 640x480 version of the crotch shot with the proper EXIF data.

And don't forget that this is also the guy whose behavior made poor Gennette so miserable.

3. Gennette's statement. Judging from the recent right-wing commentary, the righties now seem willing to take her statement at face value, as I always did. Well. Glad to hear that.

But if you accept that she is telling the truth, you can't pick and choose her words. She says that she never received an inappropriate communication from Weiner. Her story concurs with his statement that he sent her only boilerplate.

Are we really supposed to believe that a sitting congressman would send a picture of his crotch to a girl he has never met, never spoken to, and with whom he has never really communicated? A girl he knows nothing about? A girl whose photo he had never seen? A girl who (as far as he knew) might have been 78 years old?

Come off it. Even on IRC, people don't do that.

Let me guess what some of you are now dying to say: "Maybe she did send him a picture! Maybe they were in secret communication!"

If that's the way you think, then you're back to calling Gennette a liar, even though you have not one iota of evidence that she has lied about anything. In other words, you are victimizing her.

4. I thought Wolf Blitzer was pretty disgusting when he interviewed Weiner. He thinks that this sleazy attempt to smear the congressman gives him (Wolf) the right to ask if Weiner has ever in his life taken a photo of his own dick. Apparently, an attempted frame-up gives Wolf the right to go fishing. That's journalism?

I think the righties are pressing for a big-ass federal investigation because they want a fishing expedition. They like to fish. Remember Whitewater?

5. Cannonfire got huge traffic yesterday. That increase won't benefit me at all, since the site carries no paid advertising. (Except for the Adsense ads, which bring in maybe a hundred bucks a year. I keep the Adsense going mostly as a "thank you" to Google, the owner of Blogger.) The last time I got this kind of traffic was at the time of the "Bush bulge" controversy.

My ladyfriend tells me that the lesson is obvious: If you want a big public response, find a bulge to write about.

Traffic will settle into its normal pattern again very soon. Most bulges eventually go down.

16 comments:

Jotman said...

Are we really supposed to believe that a sitting congressman would send a picture of his crotch to a girl he has never met, never spoken to, and with whom he has never really communicated?

That's just plain common sense. Why doesn't the US media seem to have any of it?

The significance of this story isn't that some idiot tried to frame a congressman, but that a prank worthy of six-year-olds received the covered it has from supposedly "professional" news organizations.

Anonymous said...

Gosh love the closing line...and yes, many thought to ask Rep Weiner more intrusive questions. I have one for Breitbart; Why are you obsessed with other men's d@cks.

Your lady is correct eventually all thing go down, including unfounded gossip, and Breitbart did success in keeping the Clarence Thomas stories out of the news, paraphrasing Egalia; Media was consumed with Weiner's D@7*!

Woman Voter

Dinty said...

yFrog was dark and lights out at 11:00 this evening (I live a few blocks away). Maybe they offshore their engineering so it's not an issue, but if my app had such a big hole exposed today I'd be hacking right now.
h/t to Little Green Footballs for getting a start on the crack of their secret email algorithm:

http://littlegreenfootballs.com/page/248630_yfrog_secret_email_addresses_a

Dinty said...

Oh, and regarding the criminality of creating a tweet using the yFrog security hole, it probably violates a recently-enacted California law concerning impersonating someone over the internet.

If he wasn't such a blowhard and made his prediction a month ago accompanied by his immediate re-tweeting he could have pleaded ignorance stating he didn't know he was impersonating Weiner by sending an email to that address.

That said, the California law in question declares the crime a misdemeanor, so I doubt the criminal prosecution is going anywhere.

Anonymous said...

Wilimont (gosh I hope I got that right) posted this and yup, there is a bigger security issue here. Do place a screen shot on the current post.

yfrog 'secret' email addresses are easy to figure out http://lgf.bz/l9waum

Woman Voter

milowent said...

good work, cannon! glad i could help a little bit at least.

i was looking more into your notes about how patriot is obsessed weiner. - in fact, he has used word "Weiner" in tweets 571 times since January (over 2355 tweets currently extant). & "Antoinette" 37 times. WOW. many more of his tweets are about weiner with naming him, its truly insane.

this is worse than john hickley's obsession with jodie foster. speaking of which, taxi driver came out in 1976, and patriot's twitter name is patriotusa76!!! coincidence? I THINK NOT! :-)

Anonymous said...

Once again, congratulations on breaking the case and the story. And man, your patience is phenomenal. Most of us long since would have been replying to the trolls with a generic "Fuck off."

Okasha

Anonymous said...

"Are we really supposed to believe that a sitting congressman would send a picture of his crotch to a girl he has never met, never spoken to, and with whom he has never really communicated?"

Are you KIDDING? Millions of men do this around the world every minute of the day. Some act as if that's the reason the internet was invented. What you are really saying is that you just don't believe Anthony Weiner would do something so stupid because you are a fan of his too. That's not an argument. Whether or not this incident was "hacking" or not, illegal or only possibly illegal continues to sound like something authorities should be brought in to determine and either uncover or rule out. Weiner can get this over with pretty damn quickly if he just turns the matter over to said authorities. Until he does, sorry - but you're the one who sounds lame.

Alexander said...

This has GOT to be libel. If it isn't libel, I don't know what is, and Anthony should sue Dan for every penny he's got.

From Wikipedia:
"In common law jurisdictions, slander refers to a malicious, false,[2][not specific enough to verify] and defamatory spoken statement or report, while libel refers to any other form of communication such as written words or images.[3] Most jurisdictions allow legal actions, civil and/or criminal, to deter various kinds of defamation and retaliate against groundless criticism. Related to defamation is public disclosure of private facts, which arises where one person reveals information that is not of public concern, and the release of which would offend a reasonable person. "Unlike [with] libel, truth is not a defense for invasion of privacy."

This action is libel. Plain and simple. I don't know what the exact law in NY is, but in the common understanding, this is what libel is.

It's closer to libel than the Shirley Sherrod case. Brietbart can and will argue that he did not know of full statement that Sherrod made. He will probably be successful. If we have a full investigation of this incedent, Dan wil have no such cover. He deliberately sought to create a false impression of Anthony's character. That is the definition of defamation and libel.

Furthermore, although this may not technically be a hack, it is certainly a full-on defamation of character for political gain. If its not criminally illegal to do this, it ought to be. I'm all for playing hardball politics, but the game should still have rules.

Alexander said...

This is libel. Libel is defamation of character via a falsehood. Anthony should sue or file a criminal case, whichever is applicable.

Anonymous said...

The below story via GuerillaWomenTN has a mention of the Rachel Maddow blog-->yup your on it. Go take a look see.

Cannonfire Solves It: Congressman Weiner Was Framed
http://guerillawomentn.blogspot.com/2011/06/cannonfire-solves-it-congressman-weiner.html

Woman Voter (Oh, I hadn't mentioned it, but GOOD ON YA!)

Anonymous said...

The NY Times v Sullivan case established a very high bar for a public figure to succeed in a libel, slander, or defamation suit.

Proof is required of deliberate malice aforethought, and/or maybe reckless disregard.

With that bar so high, most potential plaintiffs in this cohort pass on legal action, since it is unlikely to succeed, and instead simply publicize the smear more widely.

XI

milowent said...

Cannon: Another interesting fact, I think, see:

http://milowent.blogspot.com/2011/06/weiners-tweet-history-never-tweeted.html

Anonymous said...

"Are we really supposed to believe that a sitting congressman would send a picture of his crotch to a girl he has never met, never spoken to, and with whom he has never really communicated?"

Are you KIDDING? Millions of men do this around the world every minute of the day.

===========

Millions of men are not Congressmen, have not recently married an aide to Hillary, did not have Bill Clinton preside at their wedding.

Also, Wiener isn't even a Republican.

(bemused_leftist can't sign in)

Joseph Cannon said...

Millions of men do not send pictures of their penises to women with whom they have not chatted and whose reactions cannot be predicted.

Lots of people DO send images of their private parts, but only after some sort of sexualized conversation (however brief) has taken place.

Gennette says that she never received a single inappropriate word from the congressman. So that is that is that is THAT. (Unless you want to call her a liar.)

Look, it has been a LONG time since I did the IRC thing. But I bethca that I could hop back on the dating channels, turn on the old Cannon charm, and within three minutes collect a shot of some nice young lady's cleavage. Perhaps something even more revealing.

But you know what? That sexy young lady knows full well that her real identity is private. Granted, her sense of "privacy" may be an illusion. But as long as she FEELS protected by a cloak of anonymity, she will be much more likely to show her rack. (If I may use that crude erminology.)

Sign her real name (and address and other info) to that image and -- well, she definitely wouldn't give it out within three minutes. There would have to be an awful lot of online romancing first. Days. Weeks. Maybe months.

Now imagine that the lady in question held a political office...

"But men are different!" No they aren't.

"All men are BEASTS!" No we're not.

"But before he was married, Weiner was a known womanizer!" I'm not sure how you define the term. In the modern world, a woman who dates a lot is considered a liberated spirit, while a man who dates a lot is considered a monster.

Let us presume that Weiner was not a virgin when he married. Let us presume that he had bedded a number of women. Let us presume, for the sake of argument, that he was GOOD at talking women into going to bed. (It must have been the words that did the job, because the looks ain't much.)

Okay. That means he knows something about female psychology.

A "Barney Stinson" type isn't going to send out a crotch shot to a woman he knows nothing about (as far as Weiner knew, Gennette might have been 93) and whose reaction cannot be gauged.

Even the proverbial sidewalk flasher (do those guys even exist anymore?) would not open his trenchcoat if his real name and street address were written in large letters on an ID tag covering the front pocket.

Now imagine a sidewalk flasher who, as he opens the trenchcoat in front of a total stranger, shouts: "My name is Anthony Weiner and I'm in Congress!"

That's what the righties are saying happened here.

Come off it. In the real world, that scenario is not possible.

Anonymous said...

Sarah Palin uses yFrog and Twitter, right? Would have been nice to prove the point by doing the same thing to her (making it obvious it was a third-party, of course) while you had the chance. I guess the trick would be getting some sort of yFrog email? Would you just spam a bunch of guesses or something, or would you have to be in her "inner circle"?