Opinion

Anthony De Rosa

How Anthony Weiner’s Twitter account could have been hacked

Anthony De Rosa
Jun 2, 2011 14:56 UTC

Anthony Weiner is about as uncensored online as he is offline. But is he really bold enough to post a photo of himself sans pants over a Twitter account?

I’m less interested in the politics of the matter than the technical evidence that could show whether the congressman sent the photo himself or if it was sent by someone else. Over the weekend, I posted my analysis on the authenticity of the photo behind the scandal. Weiner’s friend and former “freeloading” roommate, Jon Stewart, used my post from the other day on The Daily Show to illustrate some of the methods for how the congressman could have had his account hacked. Let’s take a look at a few of them.

Every photo tells a story

Within just about every digital photo, there are clues left behind called “metadata” that identify the make and model of the camera used, the time the photo was taken and sometimes even the location the photo was taken at. I ran one of the earlier photos that Anthony Weiner had taken through several tools (here is one you can try yourself) that look at the “exif data” within the photo. Here was the result from this photo:

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

This tells us that the congressman usually shoots his Twitter images with a Blackberry 9650, with a pretty high resolution of 2,048 x 1,536. I then compared this data to the lewd image he was alleged to have sent to a young woman over Twitter.

Here’s the data I found for that image:

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Notice a lot of the data that appeared in the earlier photos is missing in the scandalous photo that has Weiner in hot water. There is no make or model listed, and the dimensions of the photo are much smaller. This could indicate a few things. The data could have been stripped at some point because it was uploaded to yfrog or through some other service; it could have been taken by a camera, uploaded to a computer and then uploaded to yfrog; or it simply could have been edited with any photo application. There are applications that will allow you to go in and modify the metadata for a photo.

Fear, loathing and apathy about digital security

Anthony De Rosa
Apr 27, 2011 17:19 UTC

Is Facebook just an elaborate direct marketer’s masterwork? Should I think twice before using my existing Twitter account to log into various services all around the web? Should I be worried about handing my credit card over to Sony? These and other perfectly valid and  simultaneously conspiracy theoretical ideas tend to float in and around my head from time to time. The big scare du-jour, is if Apple’s iPhone and Google’s mobile OS, Android, are tracking and archiving our every movement.

A journalistic tennis match on this topic took place over the course of the last few days. First, this is old news. Apple responded to congress regarding this almost a year ago. Digital forensics specialists have known you could track locations on iOS devices for some time, and have used the data to assist law enforcement. Alex Levinson, an RIT student, even published a research paper and subsequent book last December detailing data acquisition techniques for iOS products, like the iPhone and iPad. He says that Apple is not collecting the data.

The Wall Street Journal added Google to the mix, citing that Apple is not alone in the practice of collecting user information. Julia Angwin at the Journal claims that not only are Apple and Google collecting the data and storing it locally on the phone, but they actually regularly transmit their locations back to Apple and Google. The endgame? Angwin believes they’re racing to build a massive database of location information in order to tap the $2.9 billion market for location-based services. Today, Apple seemed to indicate that was part of their plan, as they revealed they’re building a crowd-sourced traffic service.

  •