How Insufficient Understanding of Web Applications Like Facebook / Twitter Can Free Criminals

I was astounded to read how Facebook has saved a potential robbery suspect from 25 year jail team. New York cops detained Rodney Bradford for 13 days after being accused of breaking into a Brooklyn residence with a gun. Is it a case of justice being finally served to an innocent or was a criminal let off scott free because of incorrect understanding of how Web Services like Facebook / Twitter operates.

Telegraph reports Facebook status update showed that he was at that time teasing his girlfriend for not having joined him to eat pancakes. Reportedly the status update at the time of crime was instrumental in dropping of all charges against Rodney Bradford.

Note: I do not know whether Rodney Bradford is innocent or guilty and the following paragraph in no way insinuates his guilt or otherwise. However I will show how Rodney or anyone could have easily faked it, while being at the scene of crime.

Simple Facts of Web Applications like Facebook / Twitter for lawyers / lawmakers:

• Facebook / Twitter statuses can be updated from anywhere with net access including mobile phones, computers and any net enabled devices.
• Facebook / Twitter uses either a standard login-password based authentication or OAuth or OpenID based authentication. Each of them can be shared with other users who can then impersonate a potential criminal and send status updates / messages while the actual criminal commits the crime.
• There are several applicatioons who can post delayed / future timed status updates on your behalf while you are doing something else. Most of them are free.
• What we don’t know is whether Justice department conclusively established that the IP behind the status update originated from the home of Rodney, which is really hard to do considering millions of update which come to these services every second, unless Facebook tracks the IP address behind each update or logs time and user information. Secondly it is hard to conclusively pinpoint an IP address to a definite location without help from ISP, provided he has kept the records.
• Even identifying the IP address and determining the exact location / computer which has that address at the time of an event is not sufficient to ensure the presence of the suspect at that location. He can either use a proxy server on his machine to send his update from a different location (which will appear as if he had updated from the location of the proxy server) or he can have an accomplice post the update on his behalf from his desired location.

In light of the above, I am truly surprised as how Kings County District Attorney’s Office could drop all the charges, which if proven could have resulted in 25 years of jail, solely based on Facebook status updates at that time, as has been reported.