Jeff Id at the Air vent writes about the recent UEA/CRU announcement that the Climategate files were all left on a single server. Gathering them into one zip file and posting on a Russian FTP: “not so sophisticated”.
That and Sir David King – making up stuff.
For an insider, it can be done over time. Yes it is easy.
Is there anything they told us that was the truth, the whole truth, and nothing but the truth, so help them “your maker”?
So… hacked from that single server by international weather spies, or leaked by a disaffected employee? What’s your vote?
I’m thinking that if the police enquiry by the Norfolk plods says “international weather spies” it would allow the leaker to get off scot free, which might be a politically astute outcome to the enquiry, assuming the leaker was judged by the Powers That Be to have done us all a favour.
That must be one of the shortest post ever on WUWT!
As someone said, why would a big international organization hack such a small university computer when only a small Joe with a dial-in model managed to hack the Pentagon computer system…
Right after the release, it was argued it had to be an inside job because there were too many computers to access over too long of an undetected period to sort out all the info and gather it together. It had to be a leaker, not a hacker.
Now finally comes a rebuttal, everything was on one server thus it would be easy for a hacker, therefore it was a not a leaker, everything was still stolen.
Now awaiting the next stage of rebuttal, the access info was accidental/y left unprotected in a publicly-available file somewhere, and like with a lost set of house keys, permission to enter and take stuff was not granted therefore it was still theft, and there absolutely was no leaker, just a hacker.
Does it seem to anyone else that certain people are desperately trying to set up a legal defense where certain evidence should be thrown out of court on the grounds that it absolutely, positively, no-doubt-whatsoever was stolen therefore it should not be admitted?
What?!!
No vast right-wing conspiracy?
No Big Coal/Big Oil conspiracy?
No Russian intelligence agency conspiracy?
So it all comes down to either a deliberate leak or sloppy ‘housekeeping’ or a combination of both. Considering the way we keep getting treated to a gate du jour, this is very believeable.
Hard to believe the common story that it might have been a Russian intelligence agency. Had it been a Russian hack, there is little chance that they’d post the files on a server in Russia. They would have posted the files to a server in the US, UK, or some other country.
A point of law. Is stolen data automatically inadmissable as evidence? I don’t know. A stolen gun used in a drive-by shooting would, presumably, be admissible as a murder weapon.
My personal suspicion is that it is not a student, but someone in the CRU. I also suspect the authorities know who, and are going to cover it up because of the embarassment, Why? all the mis-direction about evil foreigners and weather spies.
I routinely work with dumps of email servers that have been turned over in the
discovery phase of legal proceedings, and it’s my professional opinion that it would have required an outsider weeks of work to separate out what was posted from a raw dump of emails.
@veronica
No “stolen” evidence can be admissible. The UK and German tax authorities have recently demonstrated this through their handling of ‘leaked’ (or was it stolen) bank account data from Lichtenstein. An employee sold large quantities of bank account data to the tax authorities of these two contries allegedly for a 6+ figure sum.
As the tax authorities in both countries have used this data to threaten account holders with legal action for tax avoidance it would appear that senior govenment/prosecution lawyers in both counties have decided that it is entirely legal to use stolen information in a prosecution.
Maybe it was one of those server that ends up as recycle in Africa. THey did not erase the hard drive and some African found the file on the hard drive and decide to transfer it to a Russian server… Secret CIA files have been found that way… hey, it’s a possibility!
Well whoop-de-doo; so it was all on a single server.
So just how many hours of hacking time would it take, to round up these presumably randomly disposed files; which so far as I can tell, would require a complete reading of all of the files that are on that server; well unless someone had some a priori knowledge of what all was there.
My damp finger says that would be most expeditiously accomplished by an insider; simply too exposed for an outside hacker to be holding up the bank for that long; without getting caught.
The ironic part is that they used Al Gore’s invention of the Internet to transmit the files. Seriously, you can’t make this stuff up!
Jim Berkise:
1. The zip folder is more than emails.
2. Some of the files have had creation dates bleached.
3. I can write the filter to go through a million mails and pull out
those that are of interest to the CA community in about 30 seconds.
4. There are housekeeping mails that anybody who read the files thourougjly would delete.
5. Some of the files in the documents folder were previously left on an open FTP ( see charles third theory)
Why would an evil Russian criminal/International Oil Cartel/American anti-warming conspiritist hack into the CRU server and then give the files to the BBC Weatherman 4 weeks before making it public?
In all seriousness, it appears to me (from an IT perspective) that these files were already assembled and waiting release in light of an FOIA request. Or they were put together just in case the CRU was forced to adhere to an FOIA request and someone stumbled across them. Someone that knew what was going on and was just sick of the lies and decided to take action.
It is highly unlikely that someone went through that many years of emails and documents (which were probably attachments at some point) and put them all together and released them…
It was a leak. I’m just wondering how the leaker covered his tracks as access to servers is usually something easy to find out.
It would not surprise me if the “backup server” in question had directories that could remotely mounted by anybody within CRU to transfer files to for backup purposes. It also wouldn’t surprise me if either they could be mounted without a username/password or with a username/password that everybody in the CRU knew.
My two-cent view is that PJ deleted his files as he said… then when the FOI order was required he asked that the file be prepared. When the person or his request was entered; surprise! It was still on the Administration server. PJ spends time seeing what is revealed in the assembled file. Freaks. Adds stuff to confuse the issue(Briffa et al). Makes a tough call and pulles the pin on the grenade. He has six seconds to leave the building. Which he does when he leaves early on Friday the 13th, to mail the CD’s… Good story anyway:)
From one single tree to one single server to warm up a complete planet!: That server served the purpose or its users, who in turn served their patrons, in a typical attitude of servitude.
David Schnare (10:31:19) :With a gadget called USB memory stick. No trace at all.
Re: Jim Berkise (10:09:13) :
The emails aren’t raw dumps. If they were then they would have all the headers and some would be multipart/mixed encoded. As it is none of the emails have all headers intact and none of them are multipart/mixed encoded.
Whether or not “stolen” e-mails can be used as evidence is a trial is a moot point.
A common legal rule, which I assume applies in the UK, is that the best or original or most trustworthy version of evidence is required to be used. For examples, if the originals of a document are available, they are to be used rather than photocopies.
In this case there are files on the servers at UEA that are better (i.e. closer to original and with better known history) than the stolen e-mails.
Didn’t the police say the file had been compiled by someone at cru for their own personal use, so if it were hackers who got the file that must have been one fluke of a hack job.
All of the sophistication of the information contained in the file was not because anyone went in to specifically get that data in a targeted manner as king suggests, because the archive already existed.
That either means the file was left on a public area like an FTP server or someone knew of it’s existence and how to get it.
Or
the KGB working for exxon scoured every file on every server and pc in cru in an elaborate hack on the off chance a file like this existed, I think not.