This lends cred to WUWT’s previous analysis done by our own Charles the moderator: The CRUtape Letters™, an Alternative Explanation,
Climate-Gate: Leaked
by Lance Levsen, Network Analyst – courtesy of Small Dead Animals
Some time starting in mid November 2009, ten million teletypes all started their deet-ditta-dot chatter reeling off the following headline: “Hackers broke into the University of East Anglia’s Climate Research Unit….”
I hate that. It annoys me because just like everything else about climate-gate it’s been ‘value-added’; simplified and distilled. The contents of FOIA2009.zip demand more attention to this detail and as someone once heard Professor Jones mutter darkly, “The devil is in the details…so average it out monthly using TMax!”
The details of the files tell a story that FOIA2009.zip was compiled internally and most likely released by an internal source.
The contents of the zip file hold one top-level directory, ./FOIA. Inside that it is broken into two main directories, ./mail and ./documents. Inside ./mail are 1073 text files ordered by date. The files are named in order with increasing but not sequential numbers. Each file holds the body and only the body of an email.
In comparison, ./documents is highly disorganized. MS Word documents, FORTRAN, IDL and other computer code, Adobe Acrobat PDF’s and data are sprinkled in the top directory and through several sub-directories. It’s the kind of thing that makes the co-workers disorganized desk look like the spit and polish of a boot camp floor.
What people are missing entirely is that these emails and files tell a story themselves.
Proponents of the hacker meme are saying that s/he broke into East Anglia’s network and took emails. Let’s entertain that idea and see where it goes.
There is no such thing as a private email. Collecting all of the incoming and outgoing email is simple in a mail server. Using: Postfix the configuration is always_bcc=<email address>, here are links on configuring the same for Sendmail, and for Exim. Those are the three main mail servers in use in the Unix environment. Two of them, Sendmail and Exim are or were in use as the external mail gateways and internal mail servers at the University of East Anglia (UEA).
When a mail server receives an email for someone@domain.net, it checks that it is authoritative for that domain. This means that a server for domain.net will not accept email for domain.ca. The mail server will usually then run checks on the email for spam, virus, and run other filters. It will then check to see whether to route the email to another server or to drop the email in a users mailbox on that server. In all examples examined in the released emails, the mail gateway forwarded the emails to another server.
The user then has a mail client that s/he uses to read email. Outlook Express, Eudora, Apple Mail, Outlook, Thunderbird, mutt, pine and many more are all mail clients.
Mail clients use one of two methods of reading email. The first is called POP and that stands for Post Office Protocol. A mail client reading email with POP logs into the mail server, downloads the email to the machine running the mail client and will then delete the original email from the users spool file on the mail server.
The second protocol is called IMAP, Internet Message Access Protocol. IMAP works by accessing the mailboxes on the mail server and doing most of the actions there. Nothing is actually downloaded onto the client machine. Only email that is deleted and purged by the mail client is gone. Either protocol allows the user the opportunity to delete the email completely.
Most email clients are setup for reading emails with POP by default and POP is more popular than IMAP for reading email.
The released emails are a gold mine for a system administrator or network administrator to map. While none of the emails released contained headers, several included replies that contained the headers of the original emails. An experienced administrator can create an accurate map of the email topography to and from the CRU over the time period in question, 1998 thru 2009.
Over the course time, UEA’s systems administrators made several changes to the way email flows through their systems. The users also made changes to the way they accessed and sent email.
The Users
Using a fairly simple grep1 we can see that from the start of the time-frame, 1999, until at least 2005 the CRU unit accessed their email on a server called pop.uea.ac.uk. Each user was assigned a username on that server. From the released emails, we can link username to people as such:
- Prof. Trevor Davies was user e022
- Dr. Timothy Osborn was user f055
- Prof. Phil Jones was user f028
- Prof. Mike Hulme was user f037
- Prof. Keith Briffa was user f023
In the previously referenced grep comes some more useful information. For instance, we know that Professor Davies was using QUALCOMM Windows Eudora Light Version 3.0.3 (32) in September of 1999. (ref Email: 0937153268.txt). If you look at the README.txt for that version you can see that it requires a POP account and doesn’t support IMAP.
As mentioned previously, POP deletes email on the server usually after it is downloaded. Modern POP clients do have an option to save the email on the server for some number of days, but Eudora Light 3.0.3 did not. We can say that Professor Davies’ emails were definitely removed from the server as soon as “Send/Recv” was finished.
This revelation leaves only two scenarios for the hacker:
- Professor Davies’ email was archived on a server and the hacker was able to crack into it, or
- Professor Davies kept all of his email from 1999 and he kept his computer when he was promoted to Pro-Vice Chancellor for Research and Knowledge Transfer in 2004 from his position as Dean of the School of Environmental Sciences.
The latter scenario requires that the hacker would have had to know how to break into Prof. Davies’ computer and would have had to get into that computer to retrieve those early emails. If that were true, then the hacker would have had to get into every other uea.ac.uk computer involved to retrieve the emails on those systems. Given that many mail clients use a binary format for email storage and given the number of machines the hacker would have to break into to collect all of the emails, I find this scenario very improbable.
Which means that the mail servers at uea.ac.uk were configured to collect all incoming and outgoing email into a single account. As that account built up, the administrator would naturally want to archive it off to a file server where it could be saved.
This is a simple evolution. You just run a crontab to start a shell-script that will stop the mail server, move the mail spool file into a file somewhere else, nulls the live spool and restart the mail server. The account would reside on the mail server, the file could be on any server.
Alternatively you could use a procmail recipe to process the email as it comes in, but that may be a bit too much processing power for a very busy account.
This also helps to explain the general order of the ./mail directory. Only a computer would be able to reliably export bodies of email into numbered files in the FOIA archive. As the numbers are in order not just numerically but also by date, the logical reasoning is that a computer program is numbering emails as they are processed for storage. This is extremely easy to do with Perl and the Mail::Box modules.
The Email Servers
I’ve created a Dia diagram2 of the network topography regarding email only as demonstrated in the released emails. Here’s a jpeg of it:
The first thing that springs to mind is that the admins did a lot of fiddling of their email servers over the course of ten years. 🙂 The second thing is the anomaly. Right in the middle of 2006-2009 there is a Microsoft Exchange Server. Normally, this wouldn’t be that big of an blip except we’ve already demonstrated that the servers at UEA were keeping a copy of all email in and out of the network. Admins familiar with MS Exchange know that it too is a mail server of sorts.
It is my opinion that the MS Exchange server was working in conjunction with ueams2.uea.ac.uk and I base this opinion on the fact that ueams2.uea.ac.uk appears both before and after the MS Exchange Server. It doesn’t change its IP address nor does it change the type of mail server that is installed on it. There is a minor version update from 4.51 to 4.69. You can see Debian’s changelog between the Exim versions here.
I’ve shown that the emails were collected from the servers rather than from the users accounts and workstations, but I haven’t shown which servers were doing the collection. There are two options, the mail gateway or the departmental mail servers.
As demonstrated above, I believe that the numbers of the filenames correspond to the order that the emails were archived. If so, the numbers that are missing, represent other emails not captured in FOIA2009.zip.
I wrote a short Bash program3 to calculate the variances between the numbering system of the email filenames. The result is staggering, that’s a lot of email outside of what was released. Here’s a graph of the variances in order as well as a graph with the variances numerically sorted . Graph info down below.
The first graph is a little hard to read, but that’s mostly because the first variance is 8,805,971. To see a little better, just lop off the first variance and rerun gnuplot. For simplicity, that graph is here. The mean of the variances is 402839.36 so the average amount of emails between each released email is 402,839. While not really applicable, but useful, the standard deviation is 736228.56 and you can visualize that from the second graph.
I realize that variance without reference is useless, in this instance the number of days between emails. Here is a grep of the emails with their dates of origin.
I do not see the administrators copying the email at the departmental level, but rather at the mail gateway level. This is logical for a few reasons:
- The machine name ueams2.uea.ac.uk implies that there are other departmental mail servers with the names like ueams1.uea.ac.uk, (or even ueams.uea.ac.uk), maybe a ueams3.uea.ac.uk. If true, then you would need to copy email from at least one other server with the same scripts. This duplication of effort is non-elegant.
- There is a second machine that you have to copy emails from and that is the MS Exchange server so you would need a third set of scripts to create a copy of email. Again, this would be unlike an Administrator.
- Departmental machines can be outside the purview of Administration staff or allow non-Administrative staff access. This is not where you want to be placing copies of emails for the purposes of Institutional protection.
- As shown with the email number variances, and if they are representative of the email number as it passed through UEA’s email systems, that’s a lot of emails from a departmental mail server and more like an institutional mail gateway.
So given the assumptions listed above, the hacker would have to have access to the gateway mail server and/or the Administration file server where the emails were archived. This machine would most likely be an Administrative file server. It would not be optimal for an Administrator to clutter up a production server open to the Internet with sensitive archives.
The ./FOIA/documents directory is a complete mess. There are documents from Professor Hulme, Professor Briffa, the now famous HARRY_READ_ME.txt, and many others. There seems to be no order at all.
One file in particular, ./FOIA/documents/mkhadcrut is only three lines long and contains:
tail +13021 hadcrut-1851-1996.dat | head -n 359352 | ./twistglob > hadcrut.dat # nb. 1994- data is already dateline-aligned cat hadcrut-1994-2001.dat >> hadcrut.dat
Pretty simple stuff, get everything in hadcrut-1851-1996.dat starting at the 13021st line. From that get only the first 359352 lines and run that through a program called twistglob in this directory and dump the results into hadcrut.dat. Then dump all of the information in hadcrut-1994-2001.dat into the bottom of hadcrut.dat.
….Except there isn’t a program called twistglob in the ./FOIA/documents/ directory. Nor is there the resultant hadcrut.dat or the source files hadcrut-1851-1996.dat and hadcrut-1994-2001.dat.
This tells me that the collection of files and directories in ./documents isn’t so much a shared directory on a server, but a dump directory for someone who collected all of these files. The originals would be from shared folders, home directories, desktop machines, workstations, profiles and the like.
Remember the reason that the Freedom of Information requests were denied? In email 1106338806.txt, Jan 21, 2005 Professor Phil Jones states that he will be using IPR (Intellectual Property Rights) to shelter the data from Freedom of Information requests. In email 1219239172.txt, on August 20th 2008, Prof. Jones says “The FOI line we’re all using is this. IPCC is exempt from any countries FOI – the skeptics have been told this. Even though we (MOHC, CRU/UEA) possibly hold relevant info the IPCC is not part our remit (mission statement, aims etc) therefore we don’t have an obligation to pass it on.”
Is that why the data files, the result files and the ‘twistglob’ program aren’t in the ./documents directory? I think this is a likely possibility.
If Prof. Jones and the UEA FOI Officer used IPR and the IPCC to shelter certain things from the FOIA then it makes sense that things are missing from the ./documents directory. Secondly it supports the reason that ./documents is in such disarray is that it was a dump folder. A dump folder explicitly used to collect information for the purpose of release pursuant to a FOI request.
Conclusion
I suggest that it isn’t feasible for the emails in their tightly ordered format to have been kept at the departmental level or on the workstations of the parties. I suggest that the contents of ./documents didn’t originate from a single monolithic share, but from a compendium of various sources.
For the hacker to have collected all of this information s/he would have required extraordinary capabilities. The hacker would have to crack an Administrative file server to get to the emails and crack numerous workstations, desktops, and servers to get the documents. The hacker would have to map the complete UEA network to find out who was at what station and what services that station offered. S/he would have had to develop or implement exploits for each machine and operating system without knowing beforehand whether there was anything good on the machine worth collecting.
The only reasonable explanation for the archive being in this state is that the FOI Officer at the University was practising due diligence. The UEA was collecting data that couldn’t be sheltered and they created FOIA2009.zip.
It is most likely that the FOI Officer at the University put it on an anonymous ftp server or that it resided on a shared folder that many people had access to and some curious individual looked at it.
If as some say, this was a targeted crack, then the cracker would have had to have back-doors and access to every machine at UEA and not just the CRU. It simply isn’t reasonable for the FOI Officer to have kept the collection on a CRU system where CRU people had access, but rather used a UEA system.
Occam’s razor concludes that “the simplest explanation or strategy tends to be the best one”. The simplest explanation in this case is that someone at UEA found it and released it to the wild and the release of FOIA2009.zip wasn’t because of some hacker, but because of a leak from UEA by a person with scruples.
1 See file ./popaccounts.txt
2 See file ./email_topography.dia
3 See file ./email_variance.sh
4 See file ./gnuplotcmds
Notes
Graphs created with gnuplot using a simple command file4 for input. I use a stripped down version of the variants_results_verbose.txt file, it’s the same, just stripped of comment and the filenames.. The second graph is a numerically sorted version, $> sort -n ./variance_results.txt > variance_sorted_numerically.txt.
Assigned Network Numbers for UAE from RIPE.NET
RIPE.NET has assigned 139.222.0.0 – 139.222.255.255,193.62.92.0 – 193.62.92.255, and 193.63.195.0 – 193.63.195.255 to the University of East Anglia for Internet IP addresses.
RIPE.NET Admin contact for the University of East Anglia: Peter Andrews, Msc, Bsc (hons) – Head of Networking at University of East Anglia. (Linked In, Peter isn’t in the UEA directory anymore so I assume he is no longer at UEA.)
RIPE.NET Tech Contact for the University of East Anglia: Andrew Paxton
Current Mail Servers at UEA
A dig for the MX record of uea.ac.uk (email servers responsible for the domain uea.ac.uk) results in the following:
$> dig mx uea.ac.uk ; <<>> DiG 9.6.1-P2 <<>> mx uea.ac.uk ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 737 ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 13, ADDITIONAL: 13 ;; QUESTION SECTION: ;uea.ac.uk. IN MX ;; ANSWER SECTION: uea.ac.uk. 50935 IN MX 2 ueamailgate01.uea.ac.uk. uea.ac.uk. 50935 IN MX 2 ueamailgate02.uea.ac.uk.
The IP addresses for the two UEA email servers are:
ueamailgate01.uea.ac.uk. 28000 IN A 139.222.131.184
ueamailgate02.uea.ac.uk. 28000 IN A 139.222.131.185
Test connections to UEA’s current mailservers:
$> telnet ueamailgate01.uea.ac.uk 25 Trying 139.222.131.184... Connected to ueamailgate01.uea.ac.uk. Escape character is '^]'. 220 ueamailgate01.uea.ac.uk ESMTP Sendmail 8.13.1/8.13.1; Mon, 7 Dec 2009 01:45:42 GMT quit 221 2.0.0 ueamailgate01.uea.ac.uk closing connection Connection closed by foreign host. $> telnet ueamailgate02.uea.ac.uk 25 Trying 139.222.131.185... Connected to ueamailgate02.uea.ac.uk. Escape character is '^]'. 220 ueamailgate02.uea.ac.uk ESMTP Sendmail 8.13.1/8.13.1; Mon, 7 Dec 2009 01:45:49 GMT quit 221 2.0.0 ueamailgate02.uea.ac.uk closing connection
I’ve been a Unix, Windows, OS X and Linux systems and network administrator for 15 years. I’ve compiled, configured, and maintained everything from mail servers to single-signon encrypted authentication systems. I run lines, build machines and tinker with code for fun. You can contact me via: lance@catprint.ca.
Lance Levsen,
December, 2009
Sponsored IT training links:
We offer 100% pass result in first attempt for all kind of IT exams including 70-685 and 70-271. Join 640-460 online course to save a big deal on real exam.
Discover more from Watts Up With That?
Subscribe to get the latest posts sent to your email.
Richard,
Yes, O3 seems more powerful than CH4, but not by a whole lot. Besides, H2O and CO2 account for over 95% of all greenhouse gas absorption of surface energy. The band around CH4 may absorb a little more, but there’s more than just CH4 acting on that part of the spectrum.
George
February 15, 1995 Kevin Mitnick was captured because a consultant to the company that previously employed me as MIS Manager noticed unusual activity on his Well account. Analysis showed large zip files being created in his directory and forwarded through the consultant’s account. A trace was set up and he was caught in the act of forwarding another such large zip file containing credit card information.
Around the same time I was asked to scrub our ERP server at another employer, a major software vendor. Hackers dialing in from unsecured sales office modems in the former Warsaw Pact markets were tarballing source of the latest secure OS on our ERP server.
Both cases above mirror the examples that Lance uses to make a case for the insider leak scenario for FOIA.zip and both were professional hack jobs.
The examples neither prove nor disprove either the leak or professional hacking scenario. In my experience they are consistent with the latter at least in the two with which I had some personal experience.
Lance’s analysis of email distribution show that these were few files out of many that were collated probably by a crawler of some kind similar to good old gopher. These files were selectively chosen and collected then zipped up for export in a professional fashion identical to the two proven professional break-ins I described.
PS:
For further evidence of the SOP of this hack please note the article by Robert Graham on Nov 24 detailing the use of open proxies
http://erratasec.blogspot.com/2009/11/climate-hack-used-open-proxies.html
A further link contained therein comments that
“At around 6.20am (EST) Nov 17th, somebody hacked into the RC server from an IP address associated with a computer somewhere in Turkey, disabled access from the legitimate users, and uploaded a file FOIA.zip to our server. ”
Using open proxies, disabling access, uploading … pretty standard Professional Hack SOP – not your usual wistleblower pattern.
It’s my understanding that the released data was first downloaded to an RC server, probably through the ftp user and password contained in one of the emails, and announced over an RC blog, with a link to the file on the RC ftp site. This happened about 3-4 weeks after the file was first revealed to a reporter, and subsequently buried as not being newsworthy.
That the transfer to RC originated from Turkey means nothing, as it’s relatively easy to use an anonymous proxy, especially if you already know an account and password.
HEY BERNIE , IT WASN’T A HACK ….. IT WAS A LEAK FOOL !
HEY co2isnotevil , IT WASN’T DOWNLOADED , IT WAS UPLOADED OUT OF THE CRU by someone INSIDE !!! Come on man ! Are you with the program???
The Climategate files were FOWARDED to the BBC 5 weeks before the leak at the CRU was detected !!! WAKE UP !
One thing that’s interesting, is that there’s overlap between attachments mentioned in the emails, and the files in the documents directory, for example, the marooned.jpg image and RulesOfTheGame.pdf file. It’s possible that the documents have been collected from the same repository that stored the emails. Raw email messages stored as text files always include binary attachments like jpeg images, as inline strings of printable characters encoding binary data, i.e. base-64 encoding, so it’s clear that attachments have been extracted. Some of the files in the documents directory may be decoded zip, gzip and tar files extracted from other email messages.
Hangtime,
The 5 week time line doesn’t seem right, since the last time stamp on a captured email was Nov 12 of this year, which was only 4 weeks ago, see the message in 1258053464.txt. It’s been public for about 3 weeks, which coincides with when the CRU acknowledged the theft, so if this was the case, then the BBC got something else. So I was wrong, it wasn’t 2-3 weeks, but only about 1 week where the BBC had it first. I had been thinking that the last email was in late October, but I just checked and it was November 12.
Also, I said the file was sent to RC, not CRU, but quickly removed. This was in response to the reference to the ‘hacked RC server’ on Nov 17 that Bernie referenced. The zip file then showed up on the Russian web site and shortly thereafter, it was everywhere.
George
Thank you for your sharring!!
co2isnotevil
On November 17th , a anonymous person left a comment at The Air Vent website . This comment read :
” . . . We feel that climate science is, in the current situation, too important to be kept under wraps.We hereby release a random selection of correspondence, code, and documents. Hopefully it will give some insight into the science and the people behind it. This is a limited time offer, download now . . . ”
He allegedly then continued with a link to a Russian anonymous FTP account.
On November 20th , Phil Jones at CRU was advised from administrators of RealClimate website that ‘hackers’ attempted to upload a file from CRU to RealClimate but administrators said they refused to accept it .
How RealClimate knew the files were not only from CRU but were also stolen still wasn’t clear to me until later I read that RealClimate did in fact have the files and told Phil Jones they would send it over to him , which they didn’t . This may account on how RealClimate knew the files were from the CRU.
RealClimate posted the files for a while then took them down off their site .
RealClimates statement :
” . . . We were made aware of the existence of this archive last Tuesday morning when the hackers attempted to upload it to RealClimate, and we notified CRU of their possible security breach later that day . . . ”
This statement from RealClimate was released November 20th , 3 days after the CRU files were leaked/hacked and verifies Jone’s statement of the files being taken ” three or four days ago ” .
The anonymous person then is said to had gone to The Blackboard site and posted its link to the files on the Russian Server . Here the files were examined a little closer and then were discovered to possibly be authenic . The link was then picked-up then by everyone interested and the more notable websites , The ClimateAudit and Watts Up With That . I understand the link on the russian server was up for 48 hours until it no longer worked .
Your research on the dates of the files and the timeline of the transfer of the files could be explained .
Phil Jones was interviewed by Ian Wishart of Investigate magazine ( dated Nov 20,09 ) and in his interview he said :
“ . . . It was a hacker. We were aware of this about three or four days ago that someone had hacked into our system and taken and copied loads of data files and emails . . . ”
This statement is suspicious in itself . Jones said the data was ” taken AND copied ” ? Why wasn’t the files simply ‘ Taken ‘ or ‘ Copied ‘ ?
This tells me that the file , ( FOIA2009 ) ‘ obtained ‘ was possibly a folder that was created beforehand and updated as the ‘ insider ‘ saw fit , thus the word Taken refers to leaked or hacked while the word Copied refers to updated ?
To verify this one would have to compare the ClimateGate file that Paul Hudson from the BBC was forwarded on October 12 , 2009 . again , the word ‘ forwarded ‘ implies to the files being ‘ Copied ‘ , not Taken as Jones had stated to Invesigate Magazine .
This means that the ‘ anonymous person ‘ must be a ‘ insider ‘ within the Climate Research Unit , as he had opportunity to ‘ update ‘ the FOIA2009 folder from within until November 12th , 30 days after Hudson at the BBC possibly had an altermatum to either expose ClimateGate to the public OR the ‘ insider ‘ would leak the data him/her/them selfs .
That’s my assessment so far !
Hangtime,
This is relatively close to my understanding. The one difference is that I don’t think that it was RC that put the data on their site. I believe the whistleblower uploaded the file to their site and then linked to it from a post on RC. What possible use would RC have for this zipfile in the first place? The only think I can think of is that it was passed on with a question like, “Gavin, how much damage is the truth going to do to us?”.
George
Hangtime55, Now that you have been working on times and dates, tell me this, How did “indusieumgresium” get to post “Peer Review 1945” up to YouTube on the 19 november ??
xyzlatin :
I have NO IDEA what “indusieumgresium” is . And to tell you the truth , I don’t think it has anything to do with what we are discussing here . . . but i’ll take a look at it when I can .
Hangtime 55,
Mabe the date didn’t click, 19 November.
The movie clip has subtitles that directly reflect the contents of the emails from the CRU.
My view is that the whistleblower could be “indusieumgresium”
“indusieumgresium” is made up of 2 Latin words, indusieum and gresium.
“indusieumgresium” had to read thru 1079 text files, get the obscure video clip, put in the subtitles, and then post it to YouTube by the 19th. Mission Impossible, unless you know previously what was in the released emails.
Took me 2 days alone to get thru the text files, let alone find the damaging bits.
Go check out the clip “Peer review 1945” Google it. And then you may want to disguss it here.
BTW. I was on the site reading “An open letter climate change legislation” when it all happened. I’m in Australia and it was already the 20th here when it all broke out.
For a sense of the importance of climategate: take a look at Google Insights here:http://www.google.com/insights/search/#q=climategate%2Ctiger%20woods&date=today%201-m&cmpt=q
Now if the e-mails had hit a fire hydrant you might get some interest.
Guys: you are barking up the wrong tree with this insider meme. FOIA is an American term: in the UK it is called the FIA or the FOI Act. Don’t believe me: look at this. http://www.google.com/insights/search/#q=foia%2Cfia%2Cfoi&geo=GB&date=today%2012-m&cmpt=qhttp://www.google.com/insights/search/#q=foia%2Cfia%2Cfoi&geo=GB&date=today%2012-m&cmpt=qhttp://www.google.com/insights/search/#q=foia%2Cfia%2Cfoi&geo=GB&date=today%2012-m&cmpt=qhttp://www.google.com/insights/search/#q=foia%2Cfia%2Cfoi&geo=GB&date=today%2012-m&cmpt=q
That’s Google tendancies for FOIA, FIA and FOI in the UK. There’s no sign of FOIA. It was a hacker from the US. He might just have well signed it “Yankee Doodle Dandy.”
I also note that indusieumgresium claims to be in the USA. Busted!
That graph doesn’t tell me too much , afterall it’s Goggle presenting it .
Before Google took over YouTube last year , YouTube was a good site for finding information for whatever you were looking for . Since Google has taken over , Google has been either deleting videos or you get that old comment ” this video is unavailable at this time “, or ” posting comments on this video cannot be made at this time ” . Google has been ‘ censoring ‘ these files , for example , due to BS like videos having ‘ copyrighted ‘ sound tracks ?
When video’s of interests have a large ‘ hit ‘ count , people usually go to them , primarily because if that video had , say 500,000 hits then it must have been a video of some importance .
I’ve noticed that since Google had taken over , video’s that had , say a 500,000 hit count on them now are posted of having only 4,000 hits ?
Even on Google’s main search engines , there are many keywords , for example ‘ Climategate ‘ that when you type it in , you get no suggestions on what your looking for . You have to know what other keywords are in relation to the piece your searching . For the Layman who wants to get more information on a subject like ClimateGate without knowing anything about the subject is screwed .
A few years ago when Google was assisting Communist China increating a Google search engine , Google had said it will censor its search services in China in order to gain greater access to China’s fast-growing market . Google’s move in China came less than a week after it resisted efforts by the US Department of Justice to make it disclose data on what people were searching for.
So Googles ‘ insights ‘ aren’t that important to me .
As I have pointed out before, in one email Phil Jones lauds Ben Santor for having a directory called FOIA. Ben Santor is in US.
Here is a statement by the Prof Jones on email number 1233245601.txt dated 29th January 2009 From Phil Jones to Ben Santor at the Lawrence Livermore National Library in California, and he makes mention how funny that Ben has put information in a directory called FOIA.
So that means that there was a directory in the US named FOIA?
Perhaps the leak has come from a file on Ben’s computer in California?
The released emails as has been pointed out by others, were collated Jan 1st 2009.
> With free wifi in my room, I’ve just seen that M+M have
> submitted a paper to IJC on your H2 statistic – using more
> years, up to 2007. They have also found your PCMDI data –
> laughing at the directory name – FOIA? Also they make up
> statements saying you’ve done this following Obama’s
> statement about openness in government! Anyway you’ll likely
> get this for review, or poor Francis will. Best if both
> Francis and Myles did this. If I get an email from Glenn I’ll
By the way, I have been searching daily for Climategate on Google, and each day the numbers go down! Several days ago the count was 32,600,000. Now down to 28,200,000.
Phil JOnes mentions a FOIA directory in one email 1233245601.txt dated 29th January 2009
Turboblocke:WRITES
Turboblocke (09:26:15) :
¨Guys: you are barking up the wrong tree with this insider meme. FOIA is an American term: in the UK it is called the FIA or the FOI Act. Don’t believe me: look at this. http://www.google.com/insighGuys: you are barking up the wrong tree with this insider meme. FOIA is an American term: in the UK it is called the FIA or the FOI Act.¨
So in the UK, What is the acronym for Freedom of Information act.
I would think FOIA is pretty close?
¨I also note that indusieumgresium claims to be in the USA. Busted!¨
That´s if he IS involved and submitted his correct details.
Still begs the question, how did anyone get the video up on YouTube on the 19th.
There just isn’t enough time.
When the emails hit the fan, it was the 20th here.
Remember FOIA said
This is a limited time offer, download now: http://ftp.tomcity.ru/incoming/free/FOI2009.zip
That link worked for only a matter of hours, and you guys were all asleep, it was posted at 9:57 PM on the 17th.
So indusieumgresium would have to been one of the very lucky few who down loaded the zip file, and then I doubt if there was enough time to get the video clip together.
The next download site that went up, Megaupload, was on the 20 Nov. at 12:59 AM.
Remember also at this time ClimateAudit server went down, see the thread on the Air Vent
” Ok it’s blown wide open
Posted by Jeff Id on November 19, 2009″
But still, with all this going on, indusieumgresium, got the video up on the 19th.
Did anyone check out the Latin meanings of the 2 words, they are all connected with biology, trees and ferns, a grey protective layer, protecting the sorus (George Soros ? ), a Chinese Paperbark Maple, (tree rings, a big problem over the temp. stations in China). and it goes on.
indusieum gresium could not have chosen a better name to describe what was going on.
You seem to have your ‘ indusieumgresium ‘ issue in order . I’ve never heard of it and I don’t have time to divert my attention from other matters i’ve been on for the last 5 weeks , so good luck with your indeavors .