The R-rated revelation from Rep. Anthony Weiner (D-N.Y.) that may wreck his marriage, ruin his career and destroy his reputation appears to be the result of a one-letter typo: "@" instead of "D."
Weiner, who admitted Monday to posting a lewd photo of his bulging briefs on Twitter, is hardly a social media newbie. Dubbed a "technophile" by The New York Times, Weiner has been an avid tweeter: he posts to the social networking service multiple times a day, writes from his BlackBerry, makes generous use of hashtags to add color to his tweets, and frequently engages his followers in one-on-one conversations.
And that's exactly where his problems began. He committed a rookie mistake on the social networking service by fumbling Twitter's Direct Message (DM) feature -- used to send private messages between two Twitter users -- turning a private missive into a public tweet.
"Last Friday night, I tweeted a photograph of myself that I intended to send as a direct message as part of a joke to a woman in Seattle," Weiner admitted during a press conference Monday, adding he deeply regrets the way he has used Twitter to date.
He is hardly the first to fall victim to a "DM fail," as this type of error is known on Twitter: Economist Nouriel Roubini tweeted -- then deleted -- an insult that that was presumably meant for a DM conversation, saying of a reporter, "Off the record […] he is a loser and like all parasite losers he hopes for attention and traffic."
So if a social media savvy politician who's helped shape net neutrality legislation can't quite keep Twitter straight, what's everyone else to do? What can others learn from Weiner's Twitter troubles?
Privacy experts say that Weinergate underscores the importance of users understanding these social networking sites for what they are: social platforms meant to help people connect with one another, broadcast their ideas and create stores of personal information online. Services like Facebook, Twitter and YouTube are built for sharing, not secrets.
"Twitter was not really designed for privacy. If you do not want it public, don't put it on Twitter," said Chet Wisniewski, a security expert who writes for a blog run by Sophos, a software provider. "People shouldn't consider social networks a place to communicate private things. ... These services are designed to share, and privacy is a second consideration."
In Weiner's defense, it's extremely easy to slip-up and turn a private Twitter message into a public posting. Weiner apparently confused a DM with an "@ mention," a public Twitter post directed at a specific user but visible to anyone on the service.
To send a DM to a Twitter follower using TweetDeck, the Twitter application Weiner was reportedly using when he sent the fateful photo, a user prefaces a tweet with the letter D, followed by the Twitter username of the person he or she wants to communicate with privately (e.g. "D bbosker"). To send an @ mention, a user would preface a tweet with the @ symbol followed by the Twitter username of the person he or she wants to converse with in a targeted, but public, way (e.g. "@ bbosker").
Michael Fertik, CEO of Reputation.com, which helps people manage their online reputations, says the accidental exposure of messages that were meant to be private happens "millions of times a day."
Not only can human error lead to embarrassing disclosures, but technical troubles have been known to expose Twitter DMs in the past. For example, security flaws with third party Twitter applications, such as GroupTweet, have revealed users' direct messages on several occasions. And last year, Twitter settled Federal Trade Commission charges that it put its customers' privacy at risk -- and compromised "nonpublic user information" -- due to "lapses in the company's data security."
Weiner also got himself into trouble by using a a photo-sharing service, yFrog, that makes photos posted to the service public.
The National Journal explained:
yFrog (and other popular Twitter photo-sharing services, like Twitpic, for that matter) display photos in a timeline format. So anyone who ventured to this site (before Weiner deleted all of his photos) could have simply clicked through and seen all the photos he uploaded, regardless of whether or not they were publicly tweeted.
Among the other lapses in judgment of which Weiner stands accused, he might consider reflecting on one more: blaming hackers for his own mistake.
Weiner initially chalked up the crotch-shot photo to a "hacker," whom Weiner claimed had cracked his account. That accusation came on the heels of some of the most serious computer security breaches in history: Over 100 million customers had their personal information compromised after cyber attackers infiltrated Sony's PlayStation Network servers; Epsilon suffered an attack that revealed the names, email addresses, and more of millions of people; and just days after Weiner's underwear appeared, Gmail accounts belonging to hundreds of users -- among them senior U.S. officials -- were breached by hackers.
Weiner is the "boy who cried hack." His blame game is concerning to some security experts, who fear accusations of this kind could take attention away from the seriousness of the threat from cyber attackers.
"I personally thought it was distasteful," said Wisniewski of Weiner's hacker claims. "We have enough real cybercrime going on in today's world, we don't need to confuse it by blaming accidents, mistakes and security lapses with the real thing."