By charles the moderator
Rodin’s The Thinker at the Musée Rodin.
Author CJ. Licensed under Creative Commons.
I have a theory.
With the blogosphere all atwitter about the emails and data “stolen” from the Climatic Research Institute at the University of East Anglia, two theories have become dominant describing the origin of the incident.
- CRU was hacked and the data stolen by skilled hackers, perhaps an individual or more insidiously some sophisticated group, such as Russian agents.
- An insider leaked the information to the NSM (non-mainstream media)
Theory number one is the preferred explanation of the defenders of CRU. This allows them to portray CRU as victims of illegal acts. It allows them to scream bloody murder and call for an investigation of the crime. How can we take the fruits of hideous crime seriously? The end does not justify the means!
One of our favorite writers, Gavin Schmidt, has expanded on this theme with the report:
He [Gavin] said the breach at the University of East Anglia was discovered after hackers who had gained access to the correspondence sought Tuesday to hack into a different server supporting realclimate.org, a blog unrelated to NASA that he runs with several other scientists pressing the case that global warming is true.
The intruders sought to create a mock blog post there and to upload the full batch of files from Britain. That effort was thwarted, Dr. Schmidt said, and scientists immediately notified colleagues at the University of East Anglia’s Climatic Research Unit.
http://www.nytimes.com/2009/11/21/science/earth/21climate.html
I believe the above statement by Gavin to be a big bunch of hooey. I believe the “hack” was a posting of the same blog comment which was posted at The Air Vent
which was also submitted here at WUWT, but never was visible publicly, because all comments are moderated and publicly invisible until approved by an administrator or moderator. Many of you have already seen it:
We feel that climate science is, in the current situation, too important to be kept under wraps.
We hereby release a random selection of correspondence, code, and documents.
Hopefully it will give some insight into the science and the people behind it.
This is a limited time offer, download now:
http://ftp.tomcity.ru/incoming/free/FOI2009.zip
Sample:
0926010576.txt * Mann: working towards a common goal
1189722851.txt * Jones: “try and change the Received date!”
0924532891.txt * Mann vs. CRU
0847838200.txt * Briffa & Yamal 1996: “too much growth in recent years makes it difficult to derive a valid age/growth curve”
0926026654.txt * Jones: MBH dodgy ground
1225026120.txt * CRU’s truncated temperature curve
1059664704.txt * Mann: dirty laundry
1062189235.txt * Osborn: concerns with MBH uncertainty
0926947295.txt * IPCC scenarios not supposed to be realistic
0938018124.txt * Mann: “something else” causing discrepancies
0939154709.txt * Osborn: we usually stop the series in 1960
0933255789.txt * WWF report: beef up if possible
0998926751.txt * “Carefully constructed” model scenarios to get “distinguishable results”
0968705882.txt * CLA: “IPCC is not any more an assessment of published science but production of results”
1075403821.txt * Jones: Daly death “cheering news”
1029966978.txt * Briffa – last decades exceptional, or not?
1092167224.txt * Mann: “not necessarily wrong, but it makes a small difference” (factor 1.29)
1188557698.txt * Wigley: “Keenan has a valid point”
1118949061.txt * we’d like to do some experiments with different proxy combinations
1120593115.txt * I am reviewing a couple of papers on extremes, so that I can refer to them in the chapter for AR4
I was the first at WUWT to see the comment above and immediately embargoed it. After discussions and many phone calls, we finally began to refer to the information after, and only after, we saw that it was available elsewhere, such as The Air Vent, and also after we knew that CRU was aware that it was circulating on the web.
Gavin’s elaborate description of the hacking attempt at RC is, in my humble opinion, nothing more than an attempt to add meat to the hacking theory in order to increase the vilification of the theoretical hackers. Gavin has demonstrated this kind of misdirection in the past in the Mystery Man incident where he attempted to obfuscate his own involvement in a data correction to station files held by the British Antarctic Survey. In this new spirit of transparency Gavin, why don’t you send Anthony the log files that demonstrate this attempted break in at realclimate.org?
After all, this is a criminal act of vandalism and of harassment of a group of scientists that are only going about their business doing science. It represents a whole new escalation in the war on climate scientists who are only trying to get at the truth. Think — this was a very concerted and sophisticated hacker attack. …Or at the next level, since the forces of darkness have moved to illegal operations, will we all have to get bodyguards to do climate science?
Sigh…and sigh again.
Theory number two is the preferred explanation of, for want of a better term, the Skeptics Camp. It is a romantic thought. Some CRU employee, fed up with the machinations, deceit, and corruption of science witnessed around him or her, took the noble action of becoming whistle-blower to the world, bravely thrusting the concealed behavior and data into the light for all to see. This theory is attractive for all the right reasons. Personal risk, ethics, selflessness etc.
I would like to offer a third possibility based on a bit of circumstantial evidence I noticed on the Web Saturday afternoon.
There’s an old adage, never assume malice when stupidity or incompetence will explain it.
A short time ago there was a previous leak of CRU data by an insider. In this case, Steve McIntyre acquired station data which he had been requesting for years, but someone inside CRU unofficially made the data available.
In this case, many commentators had various guesses as to the motivation or identity of the disgruntled mole even proposing that perhaps a disgruntled William Connelly was the perpetrator.
Of course it turned out the Phil Jones, director of CRU, himself had inadvertently left the data on an open FTP server.
Many have begun to think that the zip archive FOI2009.zip was prepared internally by CRU in response to Steve McIntyre’s FOI requests, in parallel with attempts to deny the request in case the ability to refuse was lost. There are many reasons to think this is valid and it is consistent with either of the two theories at the beginning of this post. Steve McIntyre’s FOI appeal was denied on November 13th and the last of the emails in the archive is from November 12th.
It would take a hacker massive amounts of work to parse through decades of emails and files but stealing or acquiring a single file is a distinct possibility and does not require massive conspiracy. The same constraints of time and effort would apply to any internal whistle blower. However, an ongoing process of internally collating this information for an FOI response is entirely consistent with what we find in the file.
In the past I have worked at organizations where the computer network grew organically in a disorganized fashion over time. Security policies often fail as users take advantage of shortcuts to simplify their day to day activities. One of these shortcuts is to share files using an FTP server. Casual shortcuts in these instances may lead to gaping security holes. This is not necessarily intentional, but a consequence of human nature to take a shortcut here and there. This casual internal sharing can also lead to unintentional sharing of files with the rest of the Internet as noted in the Phil Jones, CRU mole, example above. Often the FTP server for an organization may also be the organization’s external web server as the two functions are often combined on the same CPU or hardware box. When this occurs, if the organization does not lock down their network thoroughly, the security breaches which could happen by accident are far more likely to occur.
Since Friday November 20th a few users noticed this interesting notice on the CRU website.
This website is currently being served from the CRU Emergency Webserver.
Some pages may be out of date.
Normal service will be resumed as soon as possible.
Here is a screen grab for posterity.
So as part of the security crackdown at CRU they have taken down their external webserver? Network security professionals in the audience will be spitting up coffee all over their keyboards at this point.
So this is my theory is and this is only my theory:
A few people inside CRU possessed the archive of documents being held in reserve in case the FOI appeal decision was made in favor of Steve McIntyre. They shared it with others by putting it in an FTP directory which was on the same CPU as the external webserver, or even worse, was an on a shared drive somewhere to which the webserver had permissions to access. In other words, if you knew where to look, it was publicly available. Then, along comes our “hackers” who happened to find it, download it, and the rest is history unfolding before our eyes. So much for the cries of sophisticated hacking and victimization noted above.
If I had to bet money, I would guess that David Palmer, Information Policy & Compliance Manager, University of East Anglia, has an even chance of being the guilty party, but it would only be a guess.
To repeat the basic premise of this theory.
There’s an old adage, never assume malice when stupidity or incompetence will explain it.
™ CRUtape Letters, is a trademark of Moshpit Enterprises.
From Phillip Stott: http://web.mac.com/sinfonia1/Clamour_Of_The_Times/Clamour_Of_The_Times/Entries/2009/11/21_Those_Hacked_E-mails.html
As the world and her mouse now know, a server used by the University of East Anglia’s Climatic Research Unit (CRU) has been hacked into*, and many files, including personal e-mail messages, published on a Russian web site on Thursday [see: here; and here;; and here; and here; and here; and here; and here; and here; among many other media outlets and blogs]. The story, and some of the key details, have travelled around the world’s blogosphere quicker than Puck in A Midsummer Night’s Dream (“I’ll put a girdle round about the earth in forty minutes”), leading to much febrile, and often ill-judged, hysteria from both sides of the more puerile end of the ‘global warming’ debate.
My own observations about this internet ‘event’ are as follows:
(a)First, hacking* into a University server to seek institutional and personal data and material is illegal, especially when it involves the details of many third-party people. It is theft, and the fraud police should be brought in immediately. Whatever one’s position on climate change, this action cannot be condoned, and remember that what is sauce for the goose can all too easily become sauce for the gander. The University is thus right to have taken immediate action to remove the server in question from operation, to undertake “a thorough internal investigation”, and to “have involved the police in this inquiry”;
(b)Secondly, the amount of data released is very large (160MbB), and, although the hack has been confirmed in general terms by the University, and by some of the e-mailers concerned, there is no way that we can yet know whether all the material posted is accurate, and that it has not been doctored to some degree. Caution is thus required in taking what is presented at face value;
(c)Thirdly, caution should further be exercised because e-mails, and other such data, are often difficult to interpret fairly out-of-context and historical contingency. Furthermore, professions employ in-house jargon which does not always mean precisely the same as it does in common parlance, and, in the academic world, such banter is part of the norm;
(d) Nevertheless, all this being said, it does appear, superficially at least, that some of the leaked material may prove to be a tad embarrassing for some of the folk involved. Following a quick perusal of what has currently been circulated widely, and, assuming, of course, that the alleged documents are both accurate and undoctored by the hacker(s), the following issues could well raise serious concerns: ill-judged comments about other scientists; the reluctance to share data; the deletion of selected information and e-mails; the manipulation of data to produce a certain ‘scientific’ outcome; and attempts to change peer-review teams and journal status. If any of these alleged concerns do prove to have a foundation in fact, then answers will most certainly be demanded and required. [Update: see the excellent work at the ‘Bishop Hill’ blog, which has started to summarise the more significant files and e-mails, using the e-mail reference number. I have to say that, as an academic, I find some of these deeply disturbing];
(e)Above all, however, this episode has demonstrated, yet again, that ‘global warming’ exhibits all the characteristics of a classic post-modern grand narrative, a narrative that increasingly seems to have little to do with science. This should not surprise us. The rise of the grand narrative, as many readers will know, has been littered with deeply worrying statements, of which the following are perhaps some of the more notorious: “Unless we announce disasters, no one will listen” (Sir John Houghton); “To capture the public imagination we have to offer up some scary scenarios, make simplified dramatic statements and little mention of any doubts one might have. Each of us has to strike the right balance between being effective and being honest” (Dr. Stephen Schneider); and, the alleged (there is some debate about the validity and accuracy of this quotation, I understand): “We have to get rid of the Medieval Warm Period” (attributed to Professor John Overpeck). Sadly, it is not impossible that the newly-hacked material may add to this litany.
In the end, I fear that, if and when the ‘global warming’ grand narrative collapses, as I judge it surely must, it could well seriously damage trust in science itself, and that would be a most dreadful tragedy for all of us.
________________
* There have also been suggestions that the material may have been released, or leaked, directly from within UEA.
There are claims from spokespeople defending the criminal acts in this case:
Several have suggested that these criminal actions were the work of whistleblowers. These spokespeople suggest in fact, that the hacked file was prepared under a FOI (Freedom of Information) directive. If that is the case, then it opens up some intriguing possibilities:
A whistleblower is someone in an organization, that realizes that it is hiding or concealing information from legal authorities and decides to go directly to the legal authorities. Or alternatively, the whistleblower realizes the organization is publicly saying one thing, and internally has information saying significantly different. The second case is damaging, if opponents or critics don’t have access to the information. Typically the whistleblower in this case would go to the press.
In this case, apparently the emails were contained in a file that was assembled for a FOI demand in Britain. The British courts apparently turned down the request, likely because the information wasn’t material to use as requested by the applicants, i.e. it isn’t useful for scientific purposes.
Surely the attorneys for the applicants saw this information, so agents for the applicants did have private access to the emails. But the British courts said no to public disclosure.
It is possible that in order to get around the British courts, the emails were “hacked” and used for cyber sabotage. The hackers clearly knew to look for this file, and where to find it, if, in fact the file was hacked at all. It may just have been leaked.
If so, any legal defense of these criminal acts disappears. And in no way, can these acts be considered whistleblowing. Only if the information was illegally withheld from the British legal authorities, could whistleblowing be considered justified.
It appears possible, that the applicants didn’t like the decision by the British courts, and decided to do an illegal end run.
It also interesting to note, that some of the spokespeople defending these criminal acts, received the hacked files either before or contemporaneously with the cyber sabotage attack on RealClimate.
Only if the BBC lives in another dimension. On the Nov 13 perhaps, but no sooner.
The file contained emails up to and including Nov 12, 2009 (the most recent is 1258053464.txt) the day prior to the date on the letter refusing the appeal.
“Now, how to let these get out to the enemy without it being known as an intentional leak?” – Harold Morris
It may or may not germane, but as I’ve noted at CA, Gavin has posted that “the first comment posted on this subject was” a username link in a thread on CA. It strikes me as curious in the extreme that somebody – even someone with a climate scientists disdain for uncertainty – would not qualify this comment in terms like “the earliest comment we’ve yet discovered”.
This certainty is doubly curious as presumably Gavin had no idea then that the link had also been posted here but moderated.
Actually, the BBC is only claiming they saw similar e-mails or a subset in October.
“The “leak” was a quite deliberate camouflage job, to hide the equally deliberate destruction of seriously indictable material that was perceived to be vulnerable to FOI exposure
……….
“If this is right, we will see claims that the hacking caused extensive deletion of files.”
Pretty devious–not very English-like. OTOH, complicated schemes like this abound in Sherlock Holmes’s adventures, and other British mysteries, so who knows.
If the legal department or their CIO was to review the FOIA request, wouldn’t they have to assemble what possibly might be released before deciding to release it ?
Makes a great deal of sense, and will be doubly embarrassing if/when it is revealed to be the case.
http://www.climatereview.net
Regards
Re: above – mind you, it looks as if there is another GM who is an altogether tougher cookie on the detail!:
http://rankexploits.com/musings/2009/crack-investigative-reporting-at-the-guardian-uk/
Neo (15:24:44) :
Agreed: that has been my personal speculation of why this file was created.
Science news story on FOI issues
http://blogs.sciencemag.org/scienceinsider/2009/11/in-climate-hack.html#more
Scouse Pete (13:42:21) :
“From the Wall Street article posted earlier, this is exactly the kind of thing I was expecting. Other scientists who are actually believers in AGW shocked at the fact they didn’t imagine other scientists would be treated by a “Mafia” – These are the kind of level headed scientists in the Mainstream (of which I believe there are many) that will be crucial to the fall of the alarmists.”
Absolutely. The overall “mafia” pattern and mindset, not any particular act, is what is the most shocking and will carry the most weight, That’s what should be hammered on–not on whether any particular revelatory tidbit proves this or that. We should be cautious about the latter, but aggressive about the former. And we should be cautious about our remedy, merely calling for an impartial expert examination of the matter, given what’s at stake. We mustn’t make claims that the warmists can characterize as overstated, giving them grounds to dismiss them.
Pity Glenn Beck is considered by so many people to be a reactionary nutbar. I think it would probably be better for the full impact of the disclosure if he was not involved.
I just uploaded this video
Glenn Beck on “Climate Gate” Man-Made Global Warming Climate Scam-Actual Proven Conspiracy 11-23-09
“In June 2009, former Clinton Administration official Joe Romm defended a comment on his Climate Progress website warning skeptics would be strangled in their beds. “An entire generation will soon be ready to strangle you and your kind while you sleep in your beds,” stated the remarks, which Romm defended by calling them “not a threat, but a prediction.” ”
Remember Joe’s threat????
SCIENCE LOL!!!
http://blogs.sciencemag.org/scienceinsider/2009/11/in-climate-hack.html#more
Kaboom (15:03:06) :
You said: “This file was not prepared for a FOI disclosure – this file was prepared as a record of excised documents!
This would enable CRU to immediately comply with a successful FOI application, and be publicly seen to be doing the “right” thing.
However, it was necessary to keep a record of the “other” documents, which were being excised from the official disclosure. This is what our heroic hacker grabbed.”
Isn’t this a variant of the FOI reason for creating the file? This is the list and compilation of ‘hot’ documents. The list led Jones and FOI compliance officers to deny the FOI and stonewall Steve M. Speculation to be sure, but it does stand to reason.
Mr. Watts’ theory seems like one of the best so far. However, I can’t help but think that Phil Jones had inadvertently revealed his password, perhaps at a conference using insecure wifi. Certainly the “sophisticated hack” explanation is childish – especially coming from people whose supposedly would put the bar rather high for what would be considered sophisticated.
If the proposed theory is true, why are there documents in the FOI attachment that are completely unrelated to any FOI requests e.g. grant proposals, paper reviews etc.? That smacks more of a data scrape than of a careful collation of FOI relevant materials.
I like theory Number one it reminds me of some Warren Zevon lyrics:
I went home with the waitress
The way I always do
How was I to know
She was with the
Russians, too?
…..All right
Send lawyers, guns and money
Huh!
Sorry for going off topic briefly…..
Tried posting this to Gavin’s realclimate.org forum:
Quote
What’s scientific about this ?
“So, we can have a proper result, but only by including a load of garbage!”
From HARRY_READ_ME.txt……you’ll find it……
It’s time the community got it’s facts straight….with this kind of behaviour we’re no different than the damn bankers trying to skim their little percentages out of the worlds productive capacity…taxes pay subsidies, don’t they ?
Unquote
Took me a few days put after sweetening it a little it got published….and got censored without the last few lines…..have the pics to prove it….they know, frantically trying to control damage….this is gonna be sweet.
Monckton addresses this epic fraud by Big Science:
http://pajamasmedia.com/blog/viscount-monckton-on-global-warminggate-they-are-criminals-pjm-exclusive/
Glen Beck, he did make me laugh. “The University of East Anjeeela”.
Why can’t you Americans speak English ;).
Writer (15:33:30) :
Science news story on FOI issues
http://blogs.sciencemag.org/scienceinsider/2009/11/in-climate-hack.html#more
Dear Writer,
many thanks for the Science Mag link. That brief article reinforced much of my FOI connection speculation.