Odd things are going on at the Climate Research Unit at the University of East Anglia.
Widely available data, existing in the public view for years, is now disappearing from public view.
For example this link to Keith Briffa’s Yamal data:
http://www.cru.uea.ac.uk/cru/people/briffa/yamal2009/
Now redirects to a generic page of UEA. Try it yourself.
Now here is what that page says:
Climatic Research Unit
Due to the present high volume of visitors to this page, you will shortly be directed to the latest news about CRU on the main University of East Anglia website, or you can go there immediately by clicking on this link.
The cached page at Google is still available here, though none of the links to data or papers works there either.
I’ll point out that if indeed “traffic” is a concern, redirecting to another page on the UEA server system doesn’t do much for the load, it just moves it around. The data files are mostly text, and not that large, they don’t have that much more impact that some wab pages with graphics.
The news page that you get redirected to hasn’t much to say, and has not been updated since December 3rd.
And it’s not just subfolders with data, it is the entire Climate Research Unit website that is shielded from public view. Try the main link which has been functional for years:
In the last press release issued by UEA we read:
Professor Edward Acton, Vice-Chancellor said: “The reputation and integrity of UEA is of the upmost importance to us all.
So now apparently, in this newly pledged period of “openness and transparency”, with the promise of releasing new data access, such as the Met office has done here:
http://www.metoffice.gov.uk/climatechange/science/monitoring/subsets.html
The access to important CRU data is simply denied?
That’s a hell of a way to build public trust.
Sponsored IT training links:
If you are not satisfied with 156-215.70 exam preparation then join 310-202 online training and complete LX0-101 certification in days guaranteed.
Discover more from Watts Up With That?
Subscribe to get the latest posts sent to your email.
Could this signal UEA movement of a certain climate scientist to the underside of a bus??
In other news Ireland, expected to pony up $1B or so in reparations, speaks out in the Times:
http://www.timesonline.co.uk/tol/news/world/ireland/article6954387.ece
This is another one gone missing….
CRU acknowledges earlier warm periods but doesn’t explain the lack of a CO2 link:
Climatic Research Unit: Information sheets: 3: UK Weather and Climate (CET/EWP)…seasonal and annual temperatures for the entire CET series…. show unprecedented warmth during the 1990s, but earlier decades such as the 1730s and 1820s are comparable.
http://www.google.com/cse?cx=017206723852458922445%3Ak-pi2er7fim&ie=UTF-8&sa=Search&q=information+sheet+3
The title is still there but all links now lead back to the main UEA info page…..
Coco (07:04:30) :
Bravo!
If our nation [and indeed, civilization] is to prosper, it needs many more teachers with your attitude.
OT but:
Saw this from a link at The Reference Frame:
Andy Revkin’s Last Day at NY Times: December 21
December 14, 2009
http://www.yaleclimatemediaforum.org/2009/12/andy-revkins-last-day/
They say more info later today.
(Mod feel free to snip if this has been noted already)
My take on this would just be that they finally figured out it was THEIR web server that was the source of the leak (and having had data leak from there a couple of times in the past…).
In the case of a ‘break in’ you shut down for a bit, grab tape of every server you can, do a basic “was it hosed or buggered” inspection and put the ‘good servers’ that pass inspection back up. Then you start digging. (I think we saw all that happen when the leak first happened and there was a short outage.) If you are good, you put a bunch of added monitoring and tripwires in place to see if the perp returns and catch ’em. I doubt they did that part.
THEN:
When you figure out where the break-in or leak came from, you scrub that box to an incredible degree. There are all sorts of “clever” things that can be hidden in places you don’t normally see, even as root / sysadmin. You can put ‘tools’ in what are marked as ‘bad blocks’ on the disk. You can hide things in plain sight by swapping binaries out. Etc.
So, depending on how much you care (and at this point, I’d guess they care a lot…) you might go so far as to start from “bare metal” and re-install every single thing. NOT a ‘restore from backups’ that might carry ‘tools’ back in. But a real, vetted all the way, new install. With new OS copy with newest patches, virus software, etc. Otherwise it is a long time to find where some odd bit of binary software had it’s permissions set just a bit different and lets someone hack in.
(On systems I ran, we did an “ls -l” long format listing of systems files and kept it in a “special place”. Periodically it was re-run and compared. ANY changes were cause for investigation. ALMOST always it was a slightly less then perfect systems admin – sometimes me. Sometimes it was an ‘inside engineer customer’ being cute. We were ‘tight enough’ that it never was an outsider… though they tried every single day… BTW, we also had a ‘bare metal instal’ golden master tape. If a machine were compromised, we didn’t have to re-create the whole install process, we already had a Secure Golden Master of it and could, in fact, just do a restore from tape. These things are much easier if you thought them out in advance… )
So my guess is that they are just recreating every single thing on that server from ‘first sources’. It’s what I would do (at least, without a Secure Golden Master to work from.)
Wait, come to think of it, they have yet to do things the way “I would do”… so maybe not… 😎
FWIW, we actually had a paper printer attached to the main systems console of a couple of our key machines and printed the console log. Why? One of the ‘key tricks’ when you ‘get root’ is to erase your ‘footprints’ in the console log on the disk… can’t do that with paper inside the locked computer room… Caught a couple of folks that way.
Sometimes it’s the simple things 😉
At any rate, I’d give them a few days. If it isn’t done by Friday and back up, then my thesis is probably wrong and they are scrubbing for a different kind of cleaning.
BTW, the Russian announcement that the “stuff” came through their site, but was not them, and they had something to share if folks didn’t stop tossing eggs at them: An anon re-server still has logs. It is only anon because the admin chooses not to talk or scrubs the logs. So my guess is that they did not have the machine set up to ‘not log’, but had chosen the ‘not talk’ option… then the Secret Police showed up 8-{
So Mother Russia ought to have a log of where the traffic originated. And given that they did not just say “It came from Latvia”, it has blackmail value. My further guess from this, especially since much of the Russian Spy Breakin thesis came from English sources, is that their logs say “Came from UEA itself”.
So far, our leaker has done a stellar job. Were I doing this, I’d have “washed” the file through at least 3 places. But one of my favorite ‘distractors’ is to make a fake file of the right size, wash it one way (so things look to originate from A ) then wash it back (so it looks like a ‘from B to C’ ) but in fact, to swap in ‘the real deal’ on B. That lets you claim that the real source, B, must have been hacked too and gives plausible deniability while pointing to A as the ultimate source. One can only hope our real leaker was as careful. (Though they did wash the date stamps so they were clearly thinking…)
Given this, and given that UEA web server went down a day or so of negotiations after the Russian “announcement”, I would further speculate that someone from England talked to the Russians, said they would ‘quiet the finger pointing’ but could a little bit of log file be shared over vodka?…
And the log pointed back to the web server.
Which would then force a full forensic audit and rebuild. Especially if our leaker was careful enough to leave all ‘back pointers’ pointing internally at dead ends. (If you get “inside”, you want to make it look like all traffic originated from inside. But you want the actual box used to be hard to spot. Things like a laptop with wireless login to a lab box, then use the lab box for all the transit and washing, and remove the remote login from the lab box log files… so investigation shows “Phil’s Lab!!!” and not laptop from the parking lot outside Phil’s window… ) Devious? Why, thank you!
The cop has to be at least as devious as the perp to catch him.
(God I miss the chase some times … I can feel the brain lighting up and the slight elevation of adrenaline just remembering it… )
RE: nominal (08:34:36) :
Jones, Wigley and Wright article in Nature circa 1986 – Global temperature variations between 1861 and 1984:
“Recent homogenized near-surface temperatures over the land and oceans of both hemispheres during the past 130 years are combined to produce the first comprehensive estimates of global mean temperature. The results show little trend in the nineteenth century, marked warming to 1940, relatively steady conditions to the mid-1970s and a subsequent rapid warming. The warmest 3 years have all occurred in the 1980s.”
http://www.nature.com/nature/journal/v322/n6078/pdf/322430a0.pdf
______________________________________________________
The 80’s were hotter than the 30’s? O RLY?
Seems like “the team” has been trying to make this argument for a while (80’s, 90’s, and now the noughties)
Had never seen that one before, thanks for the link!
How about an FOI request?
Dear UEA,
Please can you publish the website traffic figures to the CRU parts of your site for the last 3 weeks to substantiate the claim:
“Due to the present high volume of visitors to this page,” etc. etc,
We are [directing you to a page that essentially tells you, calm down there is nothing going on here]
If there is ANY reason to do this other than the one specified – high traffic – then it is a fraudulent statement.
Some posters seem naive to think that they have merely an isolated problem with just this section of the UEA site, come on, really.
I typed in the search term “History of the CRU” into google and got this:
History of the Climatic Research Unit:
In 1979, CRU hosted a remarkable, international, interdisciplinary conference ( Climate and History), a turning point for the future work on historical …
http://www.cru.uea.ac.uk/cru/about/history/ – Cached – Similar
When I tried to access it, my Opera browser came up with this, which I found quite amusing.
Server name http://www.cru.uea.ac.uk
This page may not be secure
The servers name does not match the certificate’s name *.uea.ac.uk
Somebody may be trying to eavesdrop on you
The certificate for “IPS SERVIDORES” is signed by the unknown certificate authority “IPS SERVIDORES” it is not possible to verify that this is a valid certificate.
Holder *.uea.ac.uk, University of East Anglia
Issuer: ipsCA CLASEA1 Certification authority
I suspected there was no significance to this so I authorised the page and went to….. guess where, same place as everything else, the main info page for the University.
The website was running just fine before they took it down also – I don’t believe it was overloaded in the least bit.
CRU could avoid a lot of suspicion by announcing what parts of the web site are now unavailable, for how long, and above all, why. Has CRU made such an announcement?
In the absence of a public explanation, suspicion is inevitable.
As Larey noted above as well as E. M. Smith, this is probably far less insidious than it seems.
I noted in the CruTape Letters™, that the CRU network is probably a haphazard mess and leaky as a sieve.
As a consequence of this UEA have probably called in IT consultants/Security experts to complete rewire their network topology. It’s also likely these guys looked in the rack room and starting swearing, finding nothing labeled and heaps of dangling CAT5 spanish moss.
They are probably charging UEA exorbitant rates and can dictate whatever infrastructure they decide to put in as they have UEA by the short hairs during this crisis.
For those who were wishing to correct my interpretation of the Belgrano, I made no claims about legitimacy or otherwise of the sinking, the point I made was about how the Govt Establishment was lying to Parliament and was exposed as doing so.
I know that there WAS a conspiracy inside MOD to cover up the lying to Parliament because Ponting was present to it and that was the reason he leaked to Parliament.
If you read the book he published after being acquitted at the Old Bailey you will see it.
My view on the whole episode was that of Denis Thatcher in the Private Eye column Dear Bill: ‘what the hell is war about if not torpedoing a bunch of Argies before they do the same to our boys?’
The Russians already know where the files came from, and likely so does CRU. Was it Briffa that leaked them? And why does the bold text below sound like a threat directed at somebody? There are curiosities everywhere.
“By 2007, when the IPCC produced its fourth report, McIntyre had become aware of the manipulation of the Briffa data and Briffa himself, as shown at the start of this article, continued to have serious qualms…”
“Now, it has emerged that IT experts specialising in hacking techniques were brought in by the Russian authorities following this newspaper’s exposure of the Tomsk link. … ‘We are not prepared to release details, but we might if the false claims about the FSB’s involvement do not stop,’ he said. ‘The emails were uploaded to the Tomsk server but we are sure this was done from outside Russia.'”
http://www.dailymail.co.uk/news/article-1235395/SPECIAL-INVESTIGATION-Climate-change-emails-row-deepens–Russians-admit-DID-send-them.html
http://web.archive.org/web/20061018065125/www.cru.uea.ac.uk/cru/data/
I pointed out recently that those thinking they can use the wayback machine to investigate what happened in the past need to realize that where it is important, the internet archive is about as reliable as CRU.
Case in point.
http://web.archive.org/web/*/http://www.cru.uea.ac.uk/cru/people/briffa/yamal2009/
Though it seems we do get a result for their home page.
http://web.archive.org/web/*/http://www.cru.uea.ac.uk/
I don’t know how long it will take for them to plug that bottle, but for now you may still be able to serve yourself.
They haven’t gotten to erasing the “text only” version, yet.
http://web.archive.org/web/20080113212447/www.cru.uea.ac.uk/home/text.htm
Maybe even this might be useful?
http://web.archive.org/web/20080103111415/www.cru.uea.ac.uk/cru/data/
I haven’t tried the other links, though wayback may work on some of them, as well, for now.
Happy hunting.
Its that damn dog again…
“What[‘s going on?”
Experiencing technical difficulty?
When I use the wayback machine to go here.
http://web.archive.org/web/20080421195708/http://cru.uea.ac.uk/robots.txt
I get this message.
“500 Can’t connect to cru.uea.ac.uk:80 (Bad hostname ‘cru.uea.ac.uk’“
Is that just another way of saying, it’s down the “memory hole?”
Perhaps they should change their message to read, “Due to the present high volume of visitors to this page, [WHICH NO LONGER EXISTS] . . . “
“What IS going on?”, indeed!
Looks to me like they are all in on it. Because “a staged crime scene is an admission of guilt.” (forget where I heard that, but it has helped me spot the phonies on a number of occaisions).
Could the CRU be cleaning the crime scene?
If they ‘clean’ the data enough, maybe they can make the models work? I doubt it, but they can try.
Let’s see how long the data is gone, but not forgotten.
To me, it seems as though the data (not just CRU’s) was very weak to begin with and it just keeps getting weaker.
Yes, ctm and E M Smith – I smell a per-hour consultancy in there, too. Good things take time, y’know, lots and lots of time.
Unless the fools have contracted fixed-quote….
Oh what a tangled web we weave,
When first we practise to deceive!
Sir Walter Scott, Marmion, Canto vi. Stanza 17.
Scottish author & novelist (1771 – 1832)
I think Walter Scott was right on the button when he penned this line! All you alarmists out there just need to take a deep breath and accept that maybe, just maybe, you may have made an error of judgement when it comes to the science. Lying about it is another thing entirely!!
I always tell my pupils that the greatest attribute of a learned man is to be the first to point out he may be wrong. ( of course this applies to the equally learned ladies out there before my wife reads this. She is a science teacher at a secondary school – 11 to 18 – who now refuses to teach AGW as anything but a theory along side natural climate variation. Flat refused to show Al Bore’s fantasy though as she said it demeaned her as a scientist!)
It might also be a Gag Order has been placed on the DATA and database pending the investigation.
AdderW (07:11:03) :
A lot of speculative “conspiracy” theories
I know,,,
Fun isn’t it. :-))
Who was the mole at the cRU?
Was it Briffa or Wigley or YOU!
The source of the leaks
Keeps us guessing for weeks
And the meeja is all in a stew
bryan (12:32:02) :
“It might also be a Gag Order has been placed on the DATA and database pending the investigation.”
Then why is it still available in the “text only” link, and why the error msg., “500 Can’t connect to cru.uea.ac.uk:80 (Bad hostname ‘cru.uea.ac.uk'”?
If there’s a gag order, then I would expect it to be news. Haven’t read anything about that yet, though.
Dave F (11:37:50) :
The Russians already know where the files came from, and likely so does CRU. Was it Briffa that leaked them? And why does the bold text below sound like a threat directed at somebody? There are curiosities everywhere.
“By 2007, when the IPCC produced its fourth report, McIntyre had become aware of the manipulation of the Briffa data and Briffa himself, as shown at the start of this article, continued to have serious qualms…”
“Now, it has emerged that IT experts specialising in hacking techniques were brought in by the Russian authorities following this newspaper’s exposure of the Tomsk link. … ‘We are not prepared to release details, but we might if the false claims about the FSB’s involvement do not stop,’ he said. ‘The emails were uploaded to the Tomsk server but we are sure this was done from outside Russia.’”
Who is making the claims of FSB involvement?They would logically be the person or group being threatened with the release of the details.
Try this link:
https://www.cru.uea.ac.uk/
Works fine. Note: secure server not responding to ALL requests. Specifically not Yamal data:
https://www.cru.uea.ac.uk/cru/people/briffa/yamal2009/