If you looked at the political blogosphere today you likely noticed that the prevailing RepWeiner tweet theory of the day is coming from a blog called Cannonfire. The theory is that Congressman Weiner's account was spoofed through yfrog's mobile e-mail upload system. You've probably seen this feature on other services as well, it's not uncommon, but in case you're not familiar, the idea is that you can send an e-mail to your online account and it'll automatically turn that e-mail's subject line into a tweet. And if you have an image attached to the mail, it'll upload the image for you and add the link to the tweet as well.
Anyone who knows your secret e-mail address can send messages through your account this way. So the theory goes that someone figured out the congressman's secret address and essentially impersonated him, sending the now-infamous photo of dubious work safety to that poor gal near Seattle.
The question I had, then, was how difficult it was to know someone else's secret e-mail account. It turns out yfrog had already reserved an account for me by virtue of the fact that I have a Twitter account. Logging into the account with your Twitter login provides you with an automatically generated secret e-mail address. From the general discussion of the theory we've learned that the format is TwitterName.*****@yfrog.com - with the ***** being some combination of
randomly not-so-randomly generated letters (sometimes five four, sometimes more). Try as I might with my own example, I couldn't find any external indication of that random combination of letters.
But of course, generating random letter combinations with a little computer program is pretty elemental - something Friend-Of-Maddow-Show @Sarking pointed out as she watched me scratching my virtual head. And sending e-mails with randomly generated characters.... well, ever heard of spam?
She figured out other Friend-Of-Maddow-Show @roomerholmes's yfrog e-mail name and Weinered him. Or is it Weinered me? Aaaanyway, you get the idea. Not too hard.
IMPORTANT CONSIDERATIONS: The participants in this experiment are buds and willingly involved.
Also, @roomerholmes had given us a clue about his secret letter combination already so @sarking didn't need a script (a program); she just did it manually. But doing it with a script would be like switching to a calculator from long hand. Not much different, still not hard.
Oops, one more consideration: None of this is meant to say anything conclusive about Congressman Weiner's case. There's no proof of the spoof in this. It was just to play with the idea of posting to someone else's Twitter through their yfrog account.
**updated 6/2 with new info from the comments.
*** 6/6: Looks like this turned out to be a purely academic exercise.