Saturday, June 4, 2011

Who Published Pictures on Congressman Anthony Weiner's Twitter Account

update: While Cannofire and others did discover an exploit on twitter/yfrog that could have been used, all that is moot at this point as Rep. Weiner has confessed.

Who Published Pictures on Congressman Anthony Weiner's Twitter Account. The Congressman says he did not. As of today there is absolutely no proof that the Congressman published any inappropriate pictures on his account. No proof. Lots of finger pointing, but no proof. If the Congressman's enemies are so sure they are right now is the perfect time to come forward and pride the knock-out punch to a Congressman that really cares about America. The kind of public servant right-wing Republicans hate.

The screencap of Congressman Weiner's page -- the one featuring the infamous "crotch shot" -- lacks the URL. As far as I can tell, the only way to create that anomaly is when someone other than the account holder places an image on Yfrog, using the simple strategy outlined above.

The comparison image given here should explain the situation to anyone I've accidentally confused. (Click on the image to enlarge -- and I'm very embarrassed by the misspelled word.) The first header was taken from the Weiner screen cap as it appeared on Breitbart. Note the lack of a URL beneath "RepWeiner" -- just blank space.

That's very unusual. Under normal circumstances, Yfrog never puts blank space there.

I demonstrate those "normal circumstances" in the second example. This is what the header looked like when I uploaded a picture to my own Yfrog account. Note that the URL for the image appears right below my pseudonym. (As noted in an earlier post, I opened the account under the name "G. Dowson," which happens to be the name of an illustrator whose work I like.)

The only way to create a URL-free header is to have someone else send a pic to one's Yfrog address. Milowent did just that. You can see the result: The header now has a blank space beneath Dowson's name.

Why does Yfrog work that way? I don't know. Ask their programmers.

The important point is this: The anomaly in the header indicates that the image was not sent by Weiner. It had to have been sent by someone else.

Not only that. Believe it or not, when an outsider sends a pic to someone else's Yfrog account in this fashion, the action creates a message in the "twitterstream." The message seems to originate with the Twitter account holder -- but it doesn't. It comes from somewhere else -- from someone mailing a picture to the account holder.

This is a serious security flaw in the design of Yfrog and Twitter. It allows a malicious outsider to "spoof" a tweet that seems to come from someone else.
Lots of technical details at the link. Yfrog was made aware of this gaping security hole - where anyone could post to someone else Twitter stream using e-mail. Apparently a user(maybe two users) conspired to place the photo on the Congressman Twitter page, New Forensic Details About Weinergate Photo

As the Anthony Weiner Twitter whodunit trundles on into almost a full week, it remains unclear where the now-infamous photo came from. To help shed some light on this, I contacted Hany Farid, a renowned expert in forensic photographic image analysis. (Farid was consulted by the Associated Press in debunking the fake Bin Laden death photos, and has also teamed up with Microsoft to develop anti-child-pornography software.) Using compression data and metadata from millions of photos, Farid and his colleagues at Dartmouth have developed a database that matches photos to the digital cameras that took them.

Anthony De Rosa of Reuters has already shown that the Weinergate photo’s metadata don’t match the metadata of another photo known to have come from the congressman’s Blackberry. I sent both photos to Farid, who analyzed them. Farid confirmed that the photo known to have come from Weiner’s camera was “inconsistent” with the controversial photo. In fact, Farid says, the photo appears not to have come from a Blackberry at all. But here’s the even stranger part: The controversial photo does not match any camera in Farid’s database, which consists of about 15,000 kinds of cameras, phones, and tablets.

What does this mean? One possibility is that the photo comes from a model so recent, it isn’t yet in Farid’s database. Judging from the photos on the congressman’s yfrog account, he does not own such a model. (The model of camera from which Weiner’s yfrog photos were taken would have led to a match in Farid’s database.) Another possibility is that something about the photo was tampered with, causing it not to match up with any model in the database.
All Andrew Breitbart, Dan Wolfe or any other right-wing Republican has to do is produce the photo with the correct metadata. No one can do that because the photo is a forgery. It does not matter whether people are happy with the exact wording of the Congressman's denial - there is no proof he posted the picture. Breitbart is now trying to wiggle out of responsibility and "Dan Wolfe" has disappeared.

Ryancare Versus Obamacare

Some commenters have asked a good question, albeit in a belligerent tone: how does the Ryan plan differ from the Affordable Care Act? After all, in both plans people are supposed to buy coverage from private insurers, with a subsidy from the government.

Well, the answer is that the ACA is specifically designed to ensure that insurance is affordable, whereas Ryancare just hands out vouchers and washes its hands. Specifically, the ACA subsidy system (pdf) sets a maximum percentage of income that families are expected to pay for insurance, on a sliding scale that rises with income. To the extent that the actual cost of a minimum acceptable policy exceeds that percentage of income, subsidies make up the difference.

Ryancare, by contrast, provides a fixed sum — end of story. And because this fixed sum would not grow with rising health care costs, it’s almost guaranteed to fall far short of the actual cost of insurance.

This is also why Ryancare is NOT premium support; it’s a voucher system. No matter how much they say it isn’t, that’s exactly what it is.