By charles the moderator
Rodin’s The Thinker at the Musée Rodin.
Author CJ. Licensed under Creative Commons.
I have a theory.
With the blogosphere all atwitter about the emails and data “stolen” from the Climatic Research Institute at the University of East Anglia, two theories have become dominant describing the origin of the incident.
- CRU was hacked and the data stolen by skilled hackers, perhaps an individual or more insidiously some sophisticated group, such as Russian agents.
- An insider leaked the information to the NSM (non-mainstream media)
Theory number one is the preferred explanation of the defenders of CRU. This allows them to portray CRU as victims of illegal acts. It allows them to scream bloody murder and call for an investigation of the crime. How can we take the fruits of hideous crime seriously? The end does not justify the means!
One of our favorite writers, Gavin Schmidt, has expanded on this theme with the report:
He [Gavin] said the breach at the University of East Anglia was discovered after hackers who had gained access to the correspondence sought Tuesday to hack into a different server supporting realclimate.org, a blog unrelated to NASA that he runs with several other scientists pressing the case that global warming is true.
The intruders sought to create a mock blog post there and to upload the full batch of files from Britain. That effort was thwarted, Dr. Schmidt said, and scientists immediately notified colleagues at the University of East Anglia’s Climatic Research Unit.
http://www.nytimes.com/2009/11/21/science/earth/21climate.html
I believe the above statement by Gavin to be a big bunch of hooey. I believe the “hack” was a posting of the same blog comment which was posted at The Air Vent
which was also submitted here at WUWT, but never was visible publicly, because all comments are moderated and publicly invisible until approved by an administrator or moderator. Many of you have already seen it:
We feel that climate science is, in the current situation, too important to be kept under wraps.
We hereby release a random selection of correspondence, code, and documents.
Hopefully it will give some insight into the science and the people behind it.
This is a limited time offer, download now:
http://ftp.tomcity.ru/incoming/free/FOI2009.zip
Sample:
0926010576.txt * Mann: working towards a common goal
1189722851.txt * Jones: “try and change the Received date!”
0924532891.txt * Mann vs. CRU
0847838200.txt * Briffa & Yamal 1996: “too much growth in recent years makes it difficult to derive a valid age/growth curve”
0926026654.txt * Jones: MBH dodgy ground
1225026120.txt * CRU’s truncated temperature curve
1059664704.txt * Mann: dirty laundry
1062189235.txt * Osborn: concerns with MBH uncertainty
0926947295.txt * IPCC scenarios not supposed to be realistic
0938018124.txt * Mann: “something else” causing discrepancies
0939154709.txt * Osborn: we usually stop the series in 1960
0933255789.txt * WWF report: beef up if possible
0998926751.txt * “Carefully constructed” model scenarios to get “distinguishable results”
0968705882.txt * CLA: “IPCC is not any more an assessment of published science but production of results”
1075403821.txt * Jones: Daly death “cheering news”
1029966978.txt * Briffa – last decades exceptional, or not?
1092167224.txt * Mann: “not necessarily wrong, but it makes a small difference” (factor 1.29)
1188557698.txt * Wigley: “Keenan has a valid point”
1118949061.txt * we’d like to do some experiments with different proxy combinations
1120593115.txt * I am reviewing a couple of papers on extremes, so that I can refer to them in the chapter for AR4
I was the first at WUWT to see the comment above and immediately embargoed it. After discussions and many phone calls, we finally began to refer to the information after, and only after, we saw that it was available elsewhere, such as The Air Vent, and also after we knew that CRU was aware that it was circulating on the web.
Gavin’s elaborate description of the hacking attempt at RC is, in my humble opinion, nothing more than an attempt to add meat to the hacking theory in order to increase the vilification of the theoretical hackers. Gavin has demonstrated this kind of misdirection in the past in the Mystery Man incident where he attempted to obfuscate his own involvement in a data correction to station files held by the British Antarctic Survey. In this new spirit of transparency Gavin, why don’t you send Anthony the log files that demonstrate this attempted break in at realclimate.org?
After all, this is a criminal act of vandalism and of harassment of a group of scientists that are only going about their business doing science. It represents a whole new escalation in the war on climate scientists who are only trying to get at the truth. Think — this was a very concerted and sophisticated hacker attack. …Or at the next level, since the forces of darkness have moved to illegal operations, will we all have to get bodyguards to do climate science?
Sigh…and sigh again.
Theory number two is the preferred explanation of, for want of a better term, the Skeptics Camp. It is a romantic thought. Some CRU employee, fed up with the machinations, deceit, and corruption of science witnessed around him or her, took the noble action of becoming whistle-blower to the world, bravely thrusting the concealed behavior and data into the light for all to see. This theory is attractive for all the right reasons. Personal risk, ethics, selflessness etc.
I would like to offer a third possibility based on a bit of circumstantial evidence I noticed on the Web Saturday afternoon.
There’s an old adage, never assume malice when stupidity or incompetence will explain it.
A short time ago there was a previous leak of CRU data by an insider. In this case, Steve McIntyre acquired station data which he had been requesting for years, but someone inside CRU unofficially made the data available.
In this case, many commentators had various guesses as to the motivation or identity of the disgruntled mole even proposing that perhaps a disgruntled William Connelly was the perpetrator.
Of course it turned out the Phil Jones, director of CRU, himself had inadvertently left the data on an open FTP server.
Many have begun to think that the zip archive FOI2009.zip was prepared internally by CRU in response to Steve McIntyre’s FOI requests, in parallel with attempts to deny the request in case the ability to refuse was lost. There are many reasons to think this is valid and it is consistent with either of the two theories at the beginning of this post. Steve McIntyre’s FOI appeal was denied on November 13th and the last of the emails in the archive is from November 12th.
It would take a hacker massive amounts of work to parse through decades of emails and files but stealing or acquiring a single file is a distinct possibility and does not require massive conspiracy. The same constraints of time and effort would apply to any internal whistle blower. However, an ongoing process of internally collating this information for an FOI response is entirely consistent with what we find in the file.
In the past I have worked at organizations where the computer network grew organically in a disorganized fashion over time. Security policies often fail as users take advantage of shortcuts to simplify their day to day activities. One of these shortcuts is to share files using an FTP server. Casual shortcuts in these instances may lead to gaping security holes. This is not necessarily intentional, but a consequence of human nature to take a shortcut here and there. This casual internal sharing can also lead to unintentional sharing of files with the rest of the Internet as noted in the Phil Jones, CRU mole, example above. Often the FTP server for an organization may also be the organization’s external web server as the two functions are often combined on the same CPU or hardware box. When this occurs, if the organization does not lock down their network thoroughly, the security breaches which could happen by accident are far more likely to occur.
Since Friday November 20th a few users noticed this interesting notice on the CRU website.
This website is currently being served from the CRU Emergency Webserver.
Some pages may be out of date.
Normal service will be resumed as soon as possible.
Here is a screen grab for posterity.
So as part of the security crackdown at CRU they have taken down their external webserver? Network security professionals in the audience will be spitting up coffee all over their keyboards at this point.
So this is my theory is and this is only my theory:
A few people inside CRU possessed the archive of documents being held in reserve in case the FOI appeal decision was made in favor of Steve McIntyre. They shared it with others by putting it in an FTP directory which was on the same CPU as the external webserver, or even worse, was an on a shared drive somewhere to which the webserver had permissions to access. In other words, if you knew where to look, it was publicly available. Then, along comes our “hackers” who happened to find it, download it, and the rest is history unfolding before our eyes. So much for the cries of sophisticated hacking and victimization noted above.
If I had to bet money, I would guess that David Palmer, Information Policy & Compliance Manager, University of East Anglia, has an even chance of being the guilty party, but it would only be a guess.
To repeat the basic premise of this theory.
There’s an old adage, never assume malice when stupidity or incompetence will explain it.
™ CRUtape Letters, is a trademark of Moshpit Enterprises.
Discover more from Watts Up With That?
Subscribe to get the latest posts sent to your email.
Trick or Cheat
Dear Moderator slightly of post but it is response to the use of the word Tribalism at CA to describe the behaviour of the Not so Real Climate Scientists. They pass all tests for group think. Our Gavs a lovely boy but he just wont let me post see?
I dislike the word Tribalism it to me represents an unthinking loyalty I would think cohorts in cahoots or better still Groupthink.
I think the broken Hockey Stick boys pass all the following tests with flying colours and should not hide their light under a bushel?
To make groupthink testable, Irving Janis devised eight symptoms indicative of groupthink (1977).
1.Illusions of invulnerability creating excessive optimism and encouraging risk taking.
2.Rationalizing warnings that might challenge the group’s assumptions.
3.Unquestioned belief in the morality of the group, causing members to ignore the consequences of their actions.
4.Stereotyping those who are opposed to the group as weak, evil, biased, spiteful, disfigured, impotent, or stupid.
5.Direct pressure to conform placed on any member who questions the group, couched in terms of “disloyalty”.
6.Self censorship of ideas that deviate from the apparent group consensus.
7.Illusions of unanimity among group members, silence is viewed as agreement.
8.Mind guards — self-appointed members who shield the group from dissenting information.
http://en.wikipedia.org/wiki/Groupthink
CRU has an interesting problem. Their ineffective security has resulted in the release of personal and private information of several leading skeptics. Those skeptics now have a cause of action against CRU. Surely this must be the definition of karma.
I can buy the idea that the files were assembled into a convenient package in response to a FOI request. But the timing after that, and the knowledge of where to forward the these documents conveniently within hours of the FOI request denial, does not sound like run of the mill hackers.
Charles,
Your insights as to the creation of the ZIP archive FOI2009.zip are absolutely correct. The file FOI2009.zip was created by the CRU itself. No self-respecting computer hacker would be that neat. If you open FOI2009.zip with a GUI tool such as StuffIt all of the date/time stamps and directory structures are absolutely consistent with a ZIP archive which was created in place from data organized for the possibility of external export.
After FOI2009.zip was created by the CRU, it found its way to the Internet. I had the privilege of working with John Daly on several investigations. In one case John documented just how incredible sloppy the CRU really was. From the grave read John’s indictment of CRU quality control
Two Coolings Make One Warming
http://www.john-daly.com/press/press-01b.htm#cru
Quality Control, CRU Style
http://www.john-daly.com/cru/index.htm
Quality Control – CRU Style – Update
http://www.john-daly.com/cru/emails.htm
If I might be allowed the honor of having John Daly’s proxy, I cast two votes for stupidity.
John Daly’s ghost is still haunting Phil Jones. Way to go John; up the rebels!
Michael Ronayne
Nutley, New Jersey
I would say that some files in the archive (for example the image marooned.jpg) don’t look like it was put into the archive for a FOI request. Or the other way round: if these are the files and mails they are willing to give out, its almost unthinkable what might still be hidden there.
Apologies if someone has already said this but surely the next step is a new FOI request.
If Anthony is right (and I think he is), what we have got has been cherry picked. The real smoking guns are still to be found. A new FOI could be filed on those very grounds.
But this raises a troubling question, could independent officials at Met have looked at this file, with all the references to deleting data etc, and conclude that there was nothing afoul? It staggers the mind.
Was not Jones informed by an IT person to not delete emails in response to FOI, but only if it is a standard practice? Pure speculation, but could he have been caught deleting material and therefore had put IT people in jeopardy of covering or covering up crimes?
Anonymous is legion. They do not forgive, they do not forget.
All your CRU moles are belong to Anonymous.
I think someone in IT was given list of files and told to erase them after the ‘lost data affair’. Any IT employee would know that is an illegal request, so for his/her own protection ‘zipped’ whole lot on 12th November. Either same person or someone with a grudge came across unprotected file and released it.
Definitely an inside job.
Someone had posted this on another site I frequent and found it poignant:
Problem foreseen 48 years ago:
“Partly because of the huge costs involved, a government contract becomes virtually a substitute for intellectual curiosity…The prospect of domination of the nation’s scholars by Federal employment, project allocations, and the power of money is ever present – and is gravely to be regarded.”
~Dwight Eisenhower (from his Farewell Address, 17 January 1961, better known as his Military Industrial Complex Speech)
It is certainly unlikely a hacker had the time to find all those documents/emails and package them all together so neatly.
But all I really care about is their authenticity. Since CRU says these documents are taken out of context, will they now release everything so we can put them into context? Or have they already lost or destroyed the rest?
To follow on, Gavin’s defense has in many ways been remarkably slick. If the ‘hacked’ file had been carefully cherry picked (just enough to look authentic, but also open to plausible counter-arguments) the surely a counter defense would have been prepared in parallel? They may be without ethics but dumb they ain’t. Do we know who the chess player is on the team?
Oh, I admit my ignorance in these matters, but speculating about an IT insider angry at being put in a precarious position– could the CRU scientist realize that attacking an angry insider would not be a wise course of action because said person perhaps has evidence of file purge attempts?
I agree that this probably isn’t a “hacking” and someone probably had free access to a file they shouldn’t have and made some hay while the sun was shining. That seems to me to be the most likely scenario.
If the file was created for release as the result of an FOI request, One wonders if the file was edited for content BEFORE it was “published”. There are many gems in this file that demonstrate what was going on, but it looks to me like this is not every single email and attachment. I’m wondering if Dr. Phil and Co. removed the worst offending email and files and hoped that the remnants would satisfy the deniers among us. Or perhaps the more incriminating information was removed by the lady or gentleman that performed the operation. One wonders if s/he has more info that will be released. (sits back, reaches for the popcorn)
So Gavin now claims that “trick” means “a good way to deal with a problem.” That’s odd. Back in a November 9, 2006 post entitled “Cuckoo Science” criticizing Christopher Moncton, “trick” meant “absurdities that occasionally pass for serious ’science’ on the web and in the media” and “concepts are being mangled, logic is being thrown to the winds, and completetly unjustified conclusions are being drawn.”
Gavin said in November 2006 that:
See http://www.realclimate.org/index.php/archives/2006/11/cuckoo-science/
OK, I’ll ask:
Was the reason that ‘incompetence’ was spelled incorrectly in BOTH of the quotes in the post a clever (perhaps too clever) device? If so, many of your readers and I suspect all of your detractors will not get it, or worse, use it to diminish your argument.
Reply: Just an ironic mistake, enhanced by a cut and paste. But I like your theory. Maybe I’ll leave it as is. ~ charles the contrite moderator
Reply 2: Naw. I’ve decided to fix it.
While I have no idea who provided the files and could care less , I really like the notion that this stuff was labeled FOI as a precursor to its being deleted – just in case . It would fit in perfectly with the apparent incompetence at CRU . Maybe the gang just couldn’t shoot straight .
Someone may have commented on this already…a typo…
It’s incompetence, not “incopetence”….
It seems that at least some of the files was “out” already oct 12th
And this from a BBC site!
http://www.bbc.co.uk/blogs/paulhudson/2009/11/climategate-cru-hacked-into-an.shtml#comments
“I was forwarded the chain of e-mails on the 12th October, which are comments from some of the worlds leading climate scientists written as a direct result of my article ‘whatever happened to global warming’. The e-mails released on the internet as a result of CRU being hacked into are identical to the ones I was forwarded and read at the time and so, as far as l can see, they are authentic.”
I belive there will be more files available soon.
Either of UEA “investigation” Or by this whistleblower.
I belive “our” Man will give UEA a chance to settle things. If not will more files be released.
Charles,
I have to disagree with you on this one. I’m more in agreement with this line of thought:
“chainpin (09:18:31) :
Interesting theory.
But why would the file contain such damning evidence?
If CRU had themselves prepared it for the FOI request, surely you don’t belive they would have handed over such files to SM, given what we now know?
Something doesn’t add up.”
I highly doubt that someone would have captured those specific emails as part of anticipating an FOI fullfillment request. I also doubt that someone was “browsing” through CRUs FTP server and just happened to see the zip file there so grabbed it, opened it, analyzed it, and then decided to release it with the accompanied statement.
There are just way too many things “off” with that scenario.
I put my money on the inside person who’s been witnessing this for some time, who knows the history, and who also found out the request was denied.
I think they had possibly been accumulating files for sometime, or maybe not, but knew where to look to get the more damning emails and data sources, and as an extra poke in the eye to The Team, named the zip file FOI.zip, as if to say “You’re all guilty, and the way the process is supposed to work, THIS is part of the information that SHOULD have been released, based on the request. I’ve just shortened the timeline.”
No hackers, no schizophrenic Dr. Jones…just plain and simple someone inside CRU wanting to do what they felt was the right thing.
JimB
Said an Italian political experience (Giulio Andreotti): think ill of someone or something is a sin, but many times you guess.
New info.
Paul Hudson of the BBC posts on his blog this afternoon that someone forwarded the chain of emails to him on October 12th.
http://www.bbc.co.uk/blogs/paulhudson/2009/11/climategate-cru-hacked-into-an.shtml
So, this has been in the works for awhile now. There are emails post-Oct 12th so someone might have had access to the email record for some time now.
It just keeps on giving:
This email:
939154709.txt (from Oct 1999) gives, at the end, a data series for temps from 1402 – 1994
– plot it & you will see no hockey-stick, and 1994 temps lower than the 1940s…
– I can only assume that the perpetrators of such a travesty were sacked!
Dr Tim Balls says CRU has acknowledged the authenticity of the files:
http://www.climatechangefraud.com/climate-reports/5641-the-death-blow-to-climate-science