By charles the moderator
Rodin’s The Thinker at the Musée Rodin.
Author CJ. Licensed under Creative Commons.
I have a theory.
With the blogosphere all atwitter about the emails and data “stolen” from the Climatic Research Institute at the University of East Anglia, two theories have become dominant describing the origin of the incident.
- CRU was hacked and the data stolen by skilled hackers, perhaps an individual or more insidiously some sophisticated group, such as Russian agents.
- An insider leaked the information to the NSM (non-mainstream media)
Theory number one is the preferred explanation of the defenders of CRU. This allows them to portray CRU as victims of illegal acts. It allows them to scream bloody murder and call for an investigation of the crime. How can we take the fruits of hideous crime seriously? The end does not justify the means!
One of our favorite writers, Gavin Schmidt, has expanded on this theme with the report:
He [Gavin] said the breach at the University of East Anglia was discovered after hackers who had gained access to the correspondence sought Tuesday to hack into a different server supporting realclimate.org, a blog unrelated to NASA that he runs with several other scientists pressing the case that global warming is true.
The intruders sought to create a mock blog post there and to upload the full batch of files from Britain. That effort was thwarted, Dr. Schmidt said, and scientists immediately notified colleagues at the University of East Anglia’s Climatic Research Unit.
http://www.nytimes.com/2009/11/21/science/earth/21climate.html
I believe the above statement by Gavin to be a big bunch of hooey. I believe the “hack” was a posting of the same blog comment which was posted at The Air Vent
which was also submitted here at WUWT, but never was visible publicly, because all comments are moderated and publicly invisible until approved by an administrator or moderator. Many of you have already seen it:
We feel that climate science is, in the current situation, too important to be kept under wraps.
We hereby release a random selection of correspondence, code, and documents.
Hopefully it will give some insight into the science and the people behind it.
This is a limited time offer, download now:
http://ftp.tomcity.ru/incoming/free/FOI2009.zip
Sample:
0926010576.txt * Mann: working towards a common goal
1189722851.txt * Jones: “try and change the Received date!”
0924532891.txt * Mann vs. CRU
0847838200.txt * Briffa & Yamal 1996: “too much growth in recent years makes it difficult to derive a valid age/growth curve”
0926026654.txt * Jones: MBH dodgy ground
1225026120.txt * CRU’s truncated temperature curve
1059664704.txt * Mann: dirty laundry
1062189235.txt * Osborn: concerns with MBH uncertainty
0926947295.txt * IPCC scenarios not supposed to be realistic
0938018124.txt * Mann: “something else” causing discrepancies
0939154709.txt * Osborn: we usually stop the series in 1960
0933255789.txt * WWF report: beef up if possible
0998926751.txt * “Carefully constructed” model scenarios to get “distinguishable results”
0968705882.txt * CLA: “IPCC is not any more an assessment of published science but production of results”
1075403821.txt * Jones: Daly death “cheering news”
1029966978.txt * Briffa – last decades exceptional, or not?
1092167224.txt * Mann: “not necessarily wrong, but it makes a small difference” (factor 1.29)
1188557698.txt * Wigley: “Keenan has a valid point”
1118949061.txt * we’d like to do some experiments with different proxy combinations
1120593115.txt * I am reviewing a couple of papers on extremes, so that I can refer to them in the chapter for AR4
I was the first at WUWT to see the comment above and immediately embargoed it. After discussions and many phone calls, we finally began to refer to the information after, and only after, we saw that it was available elsewhere, such as The Air Vent, and also after we knew that CRU was aware that it was circulating on the web.
Gavin’s elaborate description of the hacking attempt at RC is, in my humble opinion, nothing more than an attempt to add meat to the hacking theory in order to increase the vilification of the theoretical hackers. Gavin has demonstrated this kind of misdirection in the past in the Mystery Man incident where he attempted to obfuscate his own involvement in a data correction to station files held by the British Antarctic Survey. In this new spirit of transparency Gavin, why don’t you send Anthony the log files that demonstrate this attempted break in at realclimate.org?
After all, this is a criminal act of vandalism and of harassment of a group of scientists that are only going about their business doing science. It represents a whole new escalation in the war on climate scientists who are only trying to get at the truth. Think — this was a very concerted and sophisticated hacker attack. …Or at the next level, since the forces of darkness have moved to illegal operations, will we all have to get bodyguards to do climate science?
Sigh…and sigh again.
Theory number two is the preferred explanation of, for want of a better term, the Skeptics Camp. It is a romantic thought. Some CRU employee, fed up with the machinations, deceit, and corruption of science witnessed around him or her, took the noble action of becoming whistle-blower to the world, bravely thrusting the concealed behavior and data into the light for all to see. This theory is attractive for all the right reasons. Personal risk, ethics, selflessness etc.
I would like to offer a third possibility based on a bit of circumstantial evidence I noticed on the Web Saturday afternoon.
There’s an old adage, never assume malice when stupidity or incompetence will explain it.
A short time ago there was a previous leak of CRU data by an insider. In this case, Steve McIntyre acquired station data which he had been requesting for years, but someone inside CRU unofficially made the data available.
In this case, many commentators had various guesses as to the motivation or identity of the disgruntled mole even proposing that perhaps a disgruntled William Connelly was the perpetrator.
Of course it turned out the Phil Jones, director of CRU, himself had inadvertently left the data on an open FTP server.
Many have begun to think that the zip archive FOI2009.zip was prepared internally by CRU in response to Steve McIntyre’s FOI requests, in parallel with attempts to deny the request in case the ability to refuse was lost. There are many reasons to think this is valid and it is consistent with either of the two theories at the beginning of this post. Steve McIntyre’s FOI appeal was denied on November 13th and the last of the emails in the archive is from November 12th.
It would take a hacker massive amounts of work to parse through decades of emails and files but stealing or acquiring a single file is a distinct possibility and does not require massive conspiracy. The same constraints of time and effort would apply to any internal whistle blower. However, an ongoing process of internally collating this information for an FOI response is entirely consistent with what we find in the file.
In the past I have worked at organizations where the computer network grew organically in a disorganized fashion over time. Security policies often fail as users take advantage of shortcuts to simplify their day to day activities. One of these shortcuts is to share files using an FTP server. Casual shortcuts in these instances may lead to gaping security holes. This is not necessarily intentional, but a consequence of human nature to take a shortcut here and there. This casual internal sharing can also lead to unintentional sharing of files with the rest of the Internet as noted in the Phil Jones, CRU mole, example above. Often the FTP server for an organization may also be the organization’s external web server as the two functions are often combined on the same CPU or hardware box. When this occurs, if the organization does not lock down their network thoroughly, the security breaches which could happen by accident are far more likely to occur.
Since Friday November 20th a few users noticed this interesting notice on the CRU website.
This website is currently being served from the CRU Emergency Webserver.
Some pages may be out of date.
Normal service will be resumed as soon as possible.
Here is a screen grab for posterity.
So as part of the security crackdown at CRU they have taken down their external webserver? Network security professionals in the audience will be spitting up coffee all over their keyboards at this point.
So this is my theory is and this is only my theory:
A few people inside CRU possessed the archive of documents being held in reserve in case the FOI appeal decision was made in favor of Steve McIntyre. They shared it with others by putting it in an FTP directory which was on the same CPU as the external webserver, or even worse, was an on a shared drive somewhere to which the webserver had permissions to access. In other words, if you knew where to look, it was publicly available. Then, along comes our “hackers” who happened to find it, download it, and the rest is history unfolding before our eyes. So much for the cries of sophisticated hacking and victimization noted above.
If I had to bet money, I would guess that David Palmer, Information Policy & Compliance Manager, University of East Anglia, has an even chance of being the guilty party, but it would only be a guess.
To repeat the basic premise of this theory.
There’s an old adage, never assume malice when stupidity or incompetence will explain it.
™ CRUtape Letters, is a trademark of Moshpit Enterprises.
Phil Clarke (13:35:24) :
“Gavin’s elaborate description of the hacking attempt at RC is, in my humble opinion, nothing more than an attempt to add meat to the hacking theory in order to increase the vilification of the theoretical hackers.”
“Well, Dr Schmidt has provided some more [presuably in your world, fabricated] details, and also offered to share IP addresses with Steve M and Jeff Id.”
Sorry – as they say, too little, too late…
Does GS do anything at GISS besides blog??! We taxpayers deserve something for the money we pump into that organization…
How about an alternate theory?
You are under a great amount of pressure from outside and inside your organization to respond to a FOIA request.
You know that there are damning emails and data files on servers and backup systems that you probably cannot delete.
You know that your “PET” FOIA officer is going to find some way to refuse the latest request.
You suspect this will not stop the requestor.
You MUST find a way to divert everyone from the real issues and the very important files.
You assemble the LEAST damning emails and files, while making sure that some are inflamatory.
Now, how to let these get out to the enemy without it being known as an intentional leak?
You “HACK” you own system (fake it), find a way to post the info anonomously and make sure that the right people get it.
Now, you have :
Made yourself the victim.
made anyone who looks at or comments on the files guilty of “something”.
Freed your side to criticize all as crooks who make any good points regarding the info in these files.
made almost everyone assume that the MOST damning stuff is already “out there”
pretty much made everyone assume that future FOIAS are going to be fruitless.
pretty much drawn a blueprint for anyone still pushing FOIA to limit their requests and expectations to the known files.
Given yourself more time to get rid of the really damning stuff.
I believe that there is much more to be had and certainly this explains the “randomly selected” nature of the files.
I like this version as I do not believe the “incompetent” theory. I am much more inclined to believe that if something is too good to be true, then it is not true.
I see a few holes in this theory but it is at least as good as the others I have heard.
In my previous post I suggested a culprit is a disgruntled IT employee. I’ve looked at some of the released codes, it is obvious that all sections are carefully selected. I do occasionally a bit of simple Fortran programming and have a great deal of trouble later on to find a particular section or decipher my own coding. This is done by someone well versed in programs content, including the offending sections, which an average IT technician may not be able to do efficiently. This was done by a scientist fed up by continuous interfering from the top with requests for data massaging, even someone who is among quoted emails (in order to deflect suspicion), someone either with a friendly Russian connection or with a web space earlier setup for the purpose. Since BBC received files on 12th and did not respond for a week, he/she activated plan B.
Charles,
I think your analysis is correct – even studying the computer code and the hacks into those over time advertises incompetence – bureaucratic incompetence at its British best. No conspiracy, just people on the public payroll who don’t give too hoots about anything except appearing at work to justify their wages.
Most here would not realise that the UK is basically a socialist state in which the idea of individual responsibility has been purged. AGW seems, in this light, another instance of Lysenkoism, especially when Trenberth complains that there is something wrong with the data. Have these people ever considered the possibility that the theory might be wrong? But as they are trained in accepting the consensus, obviously the theory cannot be wrong, we all agree it has to be right.
This is pseudoscience, and this is the real problem which needs to be sorted out. And it is not surprising that the belief in AGW by the social democrats/liberals is so fervently held, the believe it to be true, but because of their cultural and philosophical conditioning in consensus, are intellectually unable to see the problem. This is the more frightening aspect of this climate change issue.
Roger Knights (09:18:30) :
Jamie (10:06:28) :
You might be wondering why an antisesquipedalian grammar n*zi like moi would not have leapt into the middle of the “alternate/alternative” controversy by now. Good question. Perhaps Dr Morbius ( Gary Hladik (12:26:47) : ) might help with the answer. He was the philologist on the Bellerophon expedition.
.
Another question and more germane to the thread is whether or not the underlying raw data sets have been altered by CRU, ala USHCN v2.
Here stateside, the USHCN v2 data set for Illinois has been heavily adjusted to show unambiguous warming. 27 of 34 station sets have their curves altered toward greater upward slope. Of the 7 others, 4 are ambiguous and only 3 are adjusted to reduce the slope.
Some of the stations have had their early reading lowered by 1 to as much as 2½ whole degrees. If the rest of the US states have as much adjustment, GISS won’t need to homogenize the station data to show “unprecedented warming.”
Mark
Good observation. A hacker wouldn’t bother hiding anything, much less email addresses.
Theory number one is the preferred explanation of the defenders of CRU. This allows them to portray CRU as victims of illegal acts. It allows them to scream bloody murder and call for an investigation of the crime. How can we take the fruits of hideous crime seriously? The end does not justify the means!
One of our favorite writers, Gavin Schmidt, has expanded on this theme with the report:
He [Gavin] said the breach at the University of East Anglia was discovered after hackers who had gained access to the correspondence sought Tuesday to hack into a different server supporting realclimate.org, a blog unrelated to NASA that he runs with several other scientists pressing the case that global warming is true.
The intruders sought to create a mock blog post there and to upload the full batch of files from Britain. That effort was thwarted, Dr. Schmidt said, and scientists immediately notified colleagues at the University of East Anglia’s Climatic Research Unit.
http://www.nytimes.com/2009/11/21/science/earth/21climate.html
I believe the above statement by Gavin to be a big bunch of hooey. I believe the “hack” was a posting of the same blog comment which was posted at The Air Vent
I take a different view since on wednesday morning RealClimate was down for some time and an unusual message was up from ‘webfaction.com’ saying ‘Site Not Configured’. Clearly something unusual was going on, consistent with Gavin’s account.
Phil.
Possible, but right now Gavin has to contend with “Boy Who Cried Wolf” syndrome.
You really need to change the word in title of this from “Alternate” to “Alternative”. Two different words, two different meanings. It stabs me in the brain when I see it. 😛
Reply: Just for you, I shall make it happen. ~ ctm
Indiana Bones (10:42:30) : Horner also alluded to “a total of 165Mb of data,” 65 released and another 100Mb to come. ”
The zip file is 64,936,854 bytes). When unzipped, it is 164,687,567 bytes.
Presto. There’s your 100Mbytes to come.
=======================
I was leaning towards what the head post calls “theory #2”. But it looked like an awful lot of work had been done to remove the persona “pick up a loaf of bread on the way home” sort of e-mails.
Theory #3, that the file FOIA2009.zip was prepared as part of the process of responding to a FOI request is very reasonable.
I hold out, though, for theory #2.5. The file was prepared for potential release per FOIA, but aftef the FOI request was rejected, somebody inside decided to release it anyway.
Artikel kommentieren{nocache:fb9275d73c455411d249d76f3db89414#0}
Bitte geben Sie den rechts eingeblendeten Code ein:
PIK (Stefan Rahmstorfs “clima lounge”)
IS 1st Time comletaly down!
No comments to do, hmmm?
Lost their jobs allready?
Thinking about damage?
O yea, you i love this criminals hanging! Sorry, but the way they wanted to rule the world is realy one of the worst capitles sawn in history, almost like the nazis, again sorry, but i do not find any better explenation.
Mark (14:07:21) :
can anyone shed light on why the only things redacted from the emails is the 2nd half of all the email addresses? Why would a hacker bother to do this? Is there some FOIA requirement that the second half of email addresses be redacted?
This is being done by those who have enabled searching of the emails, or who are otherwise publicizing them. The full email addresses are in the original file that was “leaked.”
Mark (14:07:21) : “can anyone shed light on why the only things redacted from the emails is the 2nd half of all the email addresses? Why would a hacker bother to do this? Is there some FOIA requirement that the second half of email addresses be redacted?”
The full e-mail addresses are in the FOIA2009.zip file. Any redaction that you are seeing was done by the blogger or the person running the searchable server.
OK< Glenn Beck on 'Settled Science'; coming up next.
TL
Question Time!!!!1111
Please…. this is starting to look a little silly. The idea that they’d “hack” their own system is, frankly, absurd! Let’s retain a little perspective, otherwise we just make ourselves look like a bunch of neurotic conspiracy theorists.
I’m way behind on the reading of this thread, so forgive me if this has already come up.
IMHO, the users deleted these items after they were were told of the pending FOI request. Whoever gathered them had the access and knowledge to gather up the items that had been “deleted” but before the database had been packed (or whatever term is used on a system such as theirs). That would have been a very efficient way to pick up incriminating materials with minimal effort.
I believe it is an inside job…by someone with the remnants of a conscience.
Oh man – Beck by far is the best coverage!!!
“StuartR (13:52:46) :
Wow. Have a look at George Monbiot about this leak on CiF
http://www.guardian.co.uk/commentisfree/cif-green/2009/nov/23/global-warming-leaked-email-climate-scientists
Fair enough he makes the point it isnt the nail in the coffin of AGW theory , but then he says
“There appears to be evidence here of attempts to prevent scientific data from being released, and even to destroy material that was subject to a freedom of information request.”
Also:
” Phil Jones, should now resign. ”
And in one reply to a poster called Sabraguy who asks:
” But now I suggest you review your file of correspondence and articles, and figure out who you need to apologize to.”
He replies:
“I apologise. I was too trusting of some of those who provided the evidence I championed. I would have been a better journalist if I had investigated their claims more closely.”
All in apparent sincerity, I am quite gobsmacked.”
I have been following agw as a sceptic for several years now and I can honestly say that George Monbiot saying this is without doubt the most stunning and amazing thing I have heard. It truly is a shattering blow to the warmists. It is extremely significant.
David
I don’t think UK law makes a distinction between access to a password protected server or an a unprotected server. Both are considered hacking in the eyes of the law.
http://www.liutilities.com/articles/uk-wifi-leeching-leads-to-police-arrests/
Unless they don’t keep any access records at all, they should be able to least determine the IP address of who downloaded the files.
OTOH, the UK has tough Defamation laws and I suspect that some of the people mentioned in the emails could sue even though there was no intent to publish the emails. Being called an idiot is a matter of opinion, but the journal editor that was sacked might be a different matter.
Charles–
Just saw on the CA Mirror site Steve M’s posting about the November 13th denial of his FOI appeal, that he filed July 24th. That timing makes compelling some of our speculation that this file was put together by CRU crewmembers for review by Jones and the FOI officials. Occam’s Razor tells me that someone, probably on the FOI office, was unhappy with the FOI decision to stonewall Steve M. and not let this information see the light of day, despite the obvious right the public had to see the info. This was no outside hacker, this was someone who was involved to some degree in the FOI disclosure debate and took matters into their own hands. This is authentic documentation; the fact that all these code comments, data manipulation and these emails happened is a scandal, and the bigger scandal — as always– is the FOI cover-up. Unforgiveable.
Monbiot response to guardian commenters
Sabraguy:
But now I suggest you review your file of correspondence and articles, and figure out who you need to apologize to.
Monbiot
I apologise. I was too trusting of some of those who provided the evidence I championed. I would have been a better journalist if I had investigated their claims more closely.
In another comment
contrarian2:
But if the science is that “settled,” why refuse to disclose the data? If global warming so obvious and incontrovertible, why be in such a panic about FOI, why talk openly about re-defining “peer review”, why threaten to (or actually) delete data?
I agree. It is exactly for those reasons that Phil Jones should resign. There’s a word for his lack of openness and control of the data: unscientific.
___________________________
Something is changing don’t you think?
A pat on the back for Andrew Revkin.
Ok, here were GB points;
Trenberg; ‘travesty’
‘Hide the decline’
‘redefine peer review’
‘Delete AR4 emails’
‘ Steve McIntyre…his blog…Beck and their ilk’
Revkin in NYT; ‘won’t publish private emails’
It seemed coherent and relatively clear, but I’m not even singly blinded…
TL
sandcarioca (11:31:16) :
Said an Italian political experience (Giulio Andreotti): think ill of someone or something is a sin, but many times you guess.
What in the bloody hell is THAT suppose to mean !?!
Revkin said he won’t public any documents.