Who gets the most access to network data (like emails at CRU)?

Post updated – see below.

Climategate – whodunnit?

Well, according to this story in Help Net Security, the Information Technology people might be good candidates to see what has been going on behind the scenes at UEA’s Climate Research Unit, since it seems that they have broad access and according to a recent survey, many in IT positions can’t resist peeking:

“IT security staff will be some of the most informed people at the office Christmas party this year. A full 26 per cent of them admit to using their privileged log in rights to look at confidential information they should not have had access to in the first place. It has proved just too tempting, and maybe just human nature, for them to rifle through redundancy lists, payroll information and other sensitive data including, for example, other people’s Christmas bonus details.”

Here’s some eye opening survey stats about what IT people do with that access:

  • 42 percent of those surveyed said that in their organisations’ IT staff are sharing passwords or access to systems or applications
  • 26 percent said that they were aware of an IT staff member abusing a privileged login to illicitly access sensitive information
  • 48 percent of respondents work at companies that are still not changing their privileged passwords within 90 days – a violation of most major regulatory compliance mandates and one of the major reasons why hackers are still able to compromise the security of large organisations.

Remember the HARRY READ ME file from Climategate 1? That programmer was bemoaning the sad state of the database an methodologies because he had a broad view afforded by working with the data within the organizational group. He knew more than any single person he was doing work for.

In the case of the UEA Climategate 1 and 2 emails, it seems clear now that to gather up as much information as has been shown to be available, it wasn’t likely a quick in and out job. As this WUWT guest post by David M. Hoffer shows that this wasn’t just a simple hack. He wrote:

So…who had administration rights on the email system itself?  There’s reason to believe that it was not any of the researchers, because it is clear from many of the emails themselves that they had no idea that things like archives and backup tapes existed.

Whoever did it likely got it from the email archive system, knew what they were doing, and they had to have broad access to get all these emails gathered together.

Then, when we see that 256 bit AES encrytion was the choice to secure the remaining nearly 1/4 of a million emails, we know that “FOIA” whoever he/she is, knows enough to choose the kind of security that would not likely be cracked in any reasonable amount of time. This probably rules out script kiddies and students at UEA who might have had accidental network access and just grabbed a few files when they thought nobody was looking.

And what about the original first “hack” of the RealClimate.org server that Gavin Schmidt squelched? When we see survey results like 42 percent of those surveyed said that in their organisations’ IT staff are sharing passwords or access to systems or applications and we know how close and interconnected UEA/CRU and GISS staff are, the likelihood that whomever left that first drop of emails on the RealClimate server probably had some shared password or other sort of access.

The sharing of system access in emails was broadly demonstrated in Climategate 2.0. For example, Dr. Phil Jones and others at CRU sent some emails out years ago that linked to papers under review at the Journal of Geophysical Research. Some WUWT readers found these early on, and sure enough, such links from years ago in the CG2 emails still worked.

A few days ago I made the issue known to Dr. Phil Jones and to the JGR journal staff so they could close this security hole. As far as I know, all have been closed. I’ve tested again tonight and the live link fails now. Now that they have been closed, I can talk about it safely without putting JGR’s manuscript system at risk.

From: Anthony
Sent: Thursday, November 24, 2011 5:10 PM
To: p.jones@uea.xxxx.xxx
Cc: grlonline@xxxx.xxx ; jgr-atmospheres@xxxxx.xxx
Subject: password enabled JGR links in Climategate 2 files
Dear Dr. Jones,
I know that you know me, and probably do not like me for my views and publications. Regardless of what you may think of me and my work, it has been brought to my attention by a reader of my blog that there are open access links to your manuscripts at JGR included in the email that are now in the public view.
Therefore, it is my duty to inform you that in the recent release of Climategate 2 files there are links to JGR journal review pages for your publications and also for the publications for Dr. Keith Briffa.
For example, this link:
http://jgr-atmospheres-submit.agu.org/cgi-bin/main.plex?el=%5Baccess code redacted]
I have verified that in fact that link opens your JGR account and provides full access to your JGR account.
In fact there are 35 different emails in this release that contain live links to JGR/AGU author pages. Similar other links exist, such as for Dr. Keith Briffa and others at CRU.
This of course is an unintended and unacceptable consequence of the email release.
I am cc:ing Joost de Gouw Editor, JGR Atmospheres in hopes that he can take action to close this open access to these accounts. It is a holiday here in the USA (Thanksgiving) and there may not be office hours on Friday but hopefully he is monitoring emails.
JGR should immediately change all passwords access for these CRU members and I would advise against allowing transmission of live links such as the one above in the future. JGR might also consider a more secure method of manuscript sharing for review.
The open nature of these links is not publicly “on the radar” even though they are in fact public as a part of the email cache, and I do not plan on divulging them for any reason. Any mention of these links will be deleted from any public comments on my blog should any appear.
Dr. de Gouw (or anyone at JGR) and Dr. Jones, please acknowledge receipt of this email.
Thank you for your consideration.
Best regards,
Anthony Watts

So clearly, CRU and others in the emails didn’t think twice about sending around open access live links. As David M. Hoffer points out in his article, the researchers don’t seem to have a clue about security. They also leave “sensitive” files they don’t want to share under FOIA requests lying about on open FTP servers. Based on what I’ve seen so far, I don’t think any of the research staff at CRU had either broad access nor the specific tech knowledge to pull this “hack” off.

Somebody who had the ability to peek at these emails as part of their job might just as easily have had access to the RealClimate Server too. Remember there’s almost a quarter million emails we haven’t seen. Chances are, one of those contained the key to the RC server, which allowed them to become an RC administrator and post the original FOIA story which Gavin Schmidt caught and squelched.

I and others I correspond with have our theories about who the leaker might be. From my perspective now, someone with broad system access looks to be a more likely candidate than a malicious outsider.

UPDATE: Many people in comments think I’m doing something wrong by writing to Phil Jones and AGU/JGR.  In Phil Jones reply to me, he wrote: A couple of other people sent me emails about this issue.

So clearly I wasn’t the first to notify him of the open links to AGU. But more importantly, my email was also sent to AGU editors and the editor of JGR Atmospheres. Despite what troubles Jones and his group have caused over the year with skeptics, AGU/JGR has been a reasonable journal that has published skeptical papers, including my own. Protecting that relationship with skeptics who publish is valuable and the last thing we need is a scandal where papers submitted to AGU/JGR are showing up on other skeptic websites before they are reviewed because Jones sent active links around in emails. Having the knowledge of the security holes was a damned if I do damned if I don’t proposition, but I opted on the side of doing what I felt was the right course of action. If that upsets a few people, so be it. – Anthony

 

Advertisements

253 thoughts on “Who gets the most access to network data (like emails at CRU)?

  1. “we know that “FOIA” whoever he/she is, knows enough to choose the kind of security that would not likely be cracked in any reasonable amount of time. This probably rules out script kiddies and students”

    Not really, they are likely to be more able than the IT staff. Also, it is not that difficult to encrypt a file and it does not take a genius to know that you need a long key.

  2. Nothing in this situation surprises me any longer. I had suspected from the beginning that a system IT personality would have been in the best position to leak those e-mails. He (or she) should, of course, be given a medal. But that won’t happen, obviously, once this person is found out.

  3. I don’t think it is a good idea to try and unmask the leaker (assuming that it was a leak and not a hack). It could possibly cause him or her problems in their future career.

  4. I don’t think we should help them catch FOIA, she or he is a godsend and should stay where they are as long as possible.

  5. Good throw off. Whodunit is probably closer then we think. “This of course is an unintended and unacceptable consequence of the email release”. How did ya know it was unintended, Anthony?
    Yes, you meant unintended in your release.

    The topology of UEA system gives clues where servers of interest could be, and who handled them. However, only a deep investigation might flush out a suspect. There could be lots of leakage sites, like storage mediums, hardware & system crash rebuilds, upgrades and what about a myriad of technicians and service providers. What about all the different campus characters from mischievous students to administrators.

    2009 seems to be the extent of the files, the second tranche of Emails could very well be a hostile IT guy spilling because of the heat generated at UEA over the first lot. Who knows?

    Love to be able to follow the money trail paid for the establishment of that Ruski provider.

    How ever much I long to know the content of the other 220K Emails, and exposing Whodunit would reveal that 256K encryption, I’d like Whodunit to remain anonymous, for his/her own benefit. I admire Whodunit’s tenacity.

  6. There can’t be many candidates who fit AW’s description, yet the police have still drawn a blank after 2 years. Is this due to the incompetence of the investigation, or is it perhaps due to the fact that any answer might be politically embarrassing. I am sure it suits the agenda of the establishment to be able to blame illegal hacking rather than highlighting deficiencies within the UEA.

  7. Seriously, Anthony, well done, that was a decent and responsible act. You’ll never get a job in “Climate Science” with a conscience like that!

    Re. previous comment, for non-habitués of the Register: The BOFH is the “B#st#rd Operator From Hell”. The series details the eternal power struggles between the BOFH, with his assistant the PFY (Pasty Faced Youth), and the Boss, who is crazy enough to think that he runs the show. The battle is frequently lethal, generally hilarious, and more accurate than many Bosses would care to admit.

  8. While it may have been a laudable thing to do Mr Watts, as others have stated, dont expect to be thanked for being so honest, its not in the oppositions nature (no pun) to be that way with the rest of the world.
    In fact if the roles were reversed i think theyd have used any foothold, any loophole to ensure they brought you down rather than simply seek the truth.
    Personally i dont think its wise to assist them in any way shape or form as its simply helping them to continue unabated.
    After all, this is a global war theyre involved in, a war based on lies and disinformation, of treachery and vilification of anyone not supporting “the cause”, and comfort shouldnt be given to enemies of freedom, especuially ones who stoop so low as these.

    Having stated all of that, i can see why you did it, and i as well as others on the sceptical side will applaud you for it if only because it proves the openess, honesty and conscience the sceptical viewpoint is based on.
    Something that jones et al could well learn from but unfortunately wont.

    Best wishes, Charles.

  9. Based on what I’ve seen so far, I don’t think any of the research staff at CRU had either broad access nor the specific tech knowledge to pull this “hack” off.

    It only takes one. Most of my co-workers can barely run an Excel file (although admittedly they can find a trend line [/smirk]). But I can do rather more than that, certainly enough to download old e-mails and encrypt them securely. Most people aren’t aware that I can do that, because I’m not that interested in being unofficial IT support, which is what will happen if they know I can help them.

    It could easily be the case here. One person might have somewhat more skill than appears.

  10. Re: markus

    the second tranche of Emails could very well be a hostile IT guy spilling because of the heat generated at UEA over the first lot.

    The earliest email in the encrypted archive is dated Mon Feb 26 16:16:09 1990 GMT and latest is dated Fri Nov 13 14:54:11 2009. This guess is based purely upon the names of files in the encrypted archive, and the file naming convention used in the first release.

    Therefore the archive could not contain post CG 1.0 emails.

  11. Well, it was always a leak and never a hack, wasn’t it? And by someone with more than minimal IT competence.

    Of course, it is one thing to know who did it, and another to prove that he/she did it. Hence the reticence from the police and academic authorities, perhaps.

    But it is difficult not to applaud the results of the exposure…

  12. Who cares what the name of the mystery man/woman is. they have done a great service to those of us looking for the truth.

    Whoever you are, many thanks.

  13. The idea that a sophisticated person could only use 7Zip to encrypt the rest of the files is not true.

    Once you had an idea to release an encrypted set, about 15 minutes on Google would have found you the right direction and tools. The software is free, the advice is free. Literally anyone with half a brain could figure it out.

    I agree that the person needs to have some IT savvy – or access to someone who does, like a brother, childhood friend, that sort of thing. It really doesn’t narrow the field.

    Given they seem to have had woeful security and procedures in place before the 1st release, I don’t think it helps much. We already know from plenty of other evidence they didn’t take passwords or security seriously.

    I suspect we’ll know more once the second set of emails is released. My guess is they are restricted because they are either more incriminating, or might be used to determine the identity of the leaker.

    The bit about IT staff peeking at sensitive data is very true, however. Most consider it a perk of the job.

  14. Antony, although it is morally sound to tell UEA about what you have found, it also is morally justifiable, in my view, that the truth should come out. I sincerely hope that the information does not target the FOIA chap/chapess. There is much talk about protecting whistleblowerrs etc in Government circles, however if this person is unmaksed, I suspect the full weight of the judicial system will drop on them like a stone. Never embarrass a politician unless you have megga clout.

  15. Even as we speak, a clandestine network of hundreds of home computers is using idle cycles to crunch away at the key … \9-)

  16. Here we go again same mistake was done with MUller why? help them in any way? these people are criminals!

  17. Encrypted ZIP file = “emplyment insurance”? As in, “you try to fire me [or otherwise cause professional harm] and I’ll send the decryption key all over the net?” (May even have been placed in escrow.)

  18. Sparks says:
    December 6, 2011 at 2:15 am (Edit)
    It was the butler, it’s always the butler.

    As I noted the other day:

    It was either Mr Green in the library with the USB stick… or
    Ms Scarlett in the server room with the admin password

  19. Then, when we see that 256 bit AES encryption was the choice to secure the remaining nearly 1/4 of a million emails, we know that “FOIA” whoever he/she is, knows enough to choose the kind of security that would not likely be cracked in any reasonable amount of time. This probably rules out script kiddies and students at UEA …

    It doesn’t rule out anyone. The technique to encrypt and disseminate the CRU emails was almost certainly inspired by the July 2010 release of an encrypted 1.4 GB Wikileaks Cablegate archive. The CRU archive was encrypted using the same 7zip program and AES-256 cipher that Wikileaks used to encrypt their so-called “insurance file”. You don’t need to be an IT security genius to copy from the best.

    Interestingly, the insurance file was compromised in September 2011 when a Guardian journalist mistakenly published the top secret decryption key in a book he wrote about Wikileaks (believing the key to be no longer valid). Here is the relevant passage from that book:

    Assange wrote down on a scrap of paper: ACollectionOfHistorySince_1966_ToThe_PresentDay#. “That’s the password,” he said. “But you have to add one extra word when you type it in. You have to put in the word ‘Diplomatic’ before the word ‘History’. Can you remember that?”

  20. I agree with what others have said, in fact, IMO it’s actually LESS likely to be an authorized IT person. In my experience IT people tend to think the fortress they’ve built is impenetrable and are not willing to believe otherwise. I saw one long-term IT guy with a “test” account… password “test”. Granted, it didn’t have much access… but it had enough that if someone had gotten in, they could have done a lot of harm.

    Couple that with users that find password changes to be an annoyance, don’t understand the most basic security concepts, and can’t even begin to comprehend the idea that someone might want their data… (as opposed to the opposite, overly-paranoid types that put passwords on simple Word documents and are convinced that Bill Gates personally can read their email… and does.)

    Isn’t 256-bit encryption the default for 7Zip?

    I wouldn’t be surprised if some of these people ASKED their IT department if they were secure before sending any of these links, and were assured that yes, everything was secure.

    On the other hand, it makes sense that someone in the IT department did, in fact, decide that they could expose this whole charade, and took action. And as others have also said, I consider that person to be a hero.

    And for the record, I’ve NEVER used my IT position to snoop on others’ information, other than pure idle curiosity (ie, I check logs sometimes to see how many people are on Facebook during the day, or other timewasting sites, but don’t report or judge. If some particular site starts getting big traffic from everyone I know to start looking for virus/adware/spyware problems. And I try to stop them from giving me their passwords.)
    I don’t WANT to know who’s making more than me, or got a bigger bonus. Knowing would just make me even more dissatisfied with my job.

  21. Informing Phil Jones was the right thing to do.

    The police would need the help of the IT staff at UEA to investigate. If provided unconditionally this would of course give the police access to all data for the whole University not just the emails of climate scientists. Perhaps the UEA management, staff and scientists distrust the police more than someone who had access to their IT systems in 2009 and exposed the climategate emails.

    Uk Government agencies have form for losing data. In November 2008 the Treasury lost ‘in the post’ two CD’s containing the personal details of 25 million child benefit claimants and their parents.

  22. Administrator access is not the magic key to everything that people seem to think – that access is actually given to what/whoever does the backups of the systems. Administrators are allowed to administer – setup passwords and access for others. A reasonable IT management scheme would limit their own access – for example I am an admin for my work IT systems (as I work in IT) but I am still excluded from sensitive financials or personnel records.

    Also looking at the work involved in sifting through the emails (encrypting them is fairly simple) and picking out the most relevant ones suggests this was done offline and offsite.

    Putting these two ideas together I would think that the person involved made a physical theft of a backup at some point, restored it offsite, and then replaced it before anyone noticed. There would be no electronic record that the backup had been accessed and no physical evidence of it being taken at all, at least unless someone noticed which is unlikely – say in a weekly rotating backup scenario or a backup being made to another removable system.

    Once restored offsite the data could be exported to a suitable format (if it is not in it already) and a selection made at that person’s leisure.

    Disclaimer – I am no IT Admin “expert” so this could be total carp and a herring of a rouge hue.

  23. Thank you Anthony for your high integrity and courtesy in handling this issue.

    Well, I’m going to restate my previous thoughts. But this goes deep.

    We’re dealing with corruption, hysteria, and indolence in high places, concerning Science and professional integrity. Though Climate Science is by far the worst current offender (medical science and agricultural science running second and third), there is a deep issue of integrity in Science that goes right into the history of Science and the deep implications of Scientific Method. It’s like the Church selling indulgences, and what Martin Luther did in standing up to them. This is probably a closer parallel than any involving Godwin’s Law. But Luther still risked excommunication and worse AFAIK, which was pretty awful at that time.

    But the corruption of Science we’ve seen in Climate Science is not the only deep issue. If we look at the founders of Science, we see that pretty much to a man they had interests in what today is relegated by many scientists today to “pseudoscience”. Yet all indications show that these same “pseudosciences” were highly representative of the driving force behind the scientists. Take Kepler the astrologer seeking the harmony of the universe, or Newton who spent most of his time pursuing alchemy or apocalyptic biblical passages.

    Science thinks it has “outgrown” the mysterious and the miraculous. Yet any truly open and thorough search will provide copious contemporary evidence of miracles, things that happen in a way that none of our laws of physics can explain. I know that this blog has enough work on its hands without going down this line of exploration, so I won’t even name the most obvious of them – but nevertheless, I cannot discount the possibility of the miraculous, in the appearance of these emails – and as suggested, by the wording and the placement of FOIA’s original note at CA – and as suggested to me by the simplicity and relevance and integrity of the message delivered by FOIA.

    Thank you FOIA, human or miraculous, for your service to humanity.

  24. Anthony

    I’ve followed your blog for several years, learned a great deal, been amazed with your dedication and invaluable contributions and wondered where do you find the time! Now you demonstrate true integrity but warning the AGW “cult” ogaping holes in their defenses.

    Job well done!

    Like others, I wish FOIA to remain hidden so he/she can release the code to unlock the rest of the emails. My guess the info will come at another critical juncture.

    Bill

  25. The range of suspects could be quite large. Just at the CRU you’d have all those with any level of system privileges, dept administrators, all those those groups had as their own vacation backups down to the person that carries media to offsite disaster backup locations (presuming they’re competent and funded for such things).

    And it takes a huge effort to secure any facility. Even more so an academic one. Then apply the golden rule of budgeting:
    Those that bring in gold, get the goods.
    What’s surprising is that anyone is surprised the emails were obtained. The environment is one of academic freedom, open systems, public access, no national security issues, underfunded IT, not-to-be-bothered with security things even to changing passwords, intellectual technical ignorance of the typical PhD…and the list goes on and on. One would not be surprised if CRU IT “staffers” included pre and post grads working just for a lab grade.

    I’d bet a farthing (it is the UK after all) the Brit law enforcement chaps quickly determined
    just about anyone with any interest in climate had access to CRU and (2) there’s not enough money even from Bernanke’s presses to track down the culprit.

    The only way you’ll ever really know is when the person(s) write their death bed bio confession. Go google Mark Felt and you’ll understand.

  26. From what you say Anthony, they haven’t done much since CG1.0 to improve security. That raises the possibility that if FOIA is (still) an employee, she could have filed away lots more since the original download. Or maybe plod left the bait there to see who would have a nibble, but that credits them with more intelligence than they are probably due.

  27. As an ‘IT Professional’ I would concur on the ease of encryption, however enterprise email is somewhat specialist, I’ve no doubt with my MSDN sub I could install all the relevant software and figure it out, what bits to save, the relevant file types etc but that option would take some time for me to be sure of myself going into unfamiliar servers, where my access is almost certainly being logged.

    Anyone else think that some specialist knowledge is required to find, save and then unpack what was most certainly compressed data?

  28. And what about the original first “hack” of the RealClimate.org server that Gavin Schmidt squelched?

    I am still far from convinced that this alleged “hack” – for the alleged purpose of uploading a file – at RealClimate ever took place. Apart from the fact that it makes absolutely no sense – and could have jeopardized FOIA’s mission – there are far to many inconsistencies in what I have found to be his everchanging story.

    And, let’s face facts … “Honesty is the best policy” is not a motto that immediately springs to mind when one thinks of the members of The Team, is it?!

  29. Bravo Anthony for showing real class.

    What’s really telling is how, despite this information being out there all this time, no one at JGR and especially CRU, caught this little security problem. CRU was so into “damage control mode” that they didn’t see the obvious. It took the talents of a skeptic blog to raise the isssue, a problem that should have been addressed two years ago as a simple precaution — change all access accounts and passwords.

    Of course it’s someone from IT. They are as much into office politics as the next guy, and knowing what everyone’s saying gives them an inside track on the game. I always assumed that anything I sent out onto the office net could be read by any of the IT staff.

  30. Anthony, have you lost it?

    Why on earth should you in any shape or form abet them in trying to catch the person/persons behind the leak? As some have pointed out in their comments.

    And Charles.U.Farleys comments are spot on

    “In fact if the roles were reversed i think theyd have used any foothold, any loophole to ensure they brought you down rather than simply seek the truth.
    Personally i dont think its wise to assist them in any way shape or form as its simply helping them to continue unabated.

    After all, this is a global war theyre involved in, a war based on lies and disinformation, of treachery and vilification of anyone not supporting “the cause”, and comfort shouldnt be given to enemies of freedom, especuially ones who stoop so low as these.”

    Sadly, you very much remind me of commander, Colonel Nicholson played by Alec Guinness in the movie The Bridge on the River Kwai (1957).

    The prisoners (British soldiers) are working as little as possible and sabotaging whatever they can at the construction of a bridge.

    When Nicholson and his officers are released, he conducts an inspection of the bridge and is shocked by what he finds. Against the protests of some of his officers, he orders Captain Reeves and Major Hughes to design and build a proper bridge, despite its military value to the Japanese, for the sake of his men’s morale. The Japanese engineers had chosen a poor site, so the original construction is abandoned and a new bridge is begun 400 yards downstream.

    Nicholson drives his men, even volunteering to have them work harder to complete the bridge on time

    The commandos who where parachute in, plant explosives to destroy the bridge and a train carrying Japanese soldiers and important dignitaries is scheduled to be the first to use the bridge the following morning

    Making a final inspection, Nicholson spots the wire and brings it to Japanese commander attention. As the train is heard approaching, the two hurry down to the riverbank to investigate. Joyce, hiding with the detonator, breaks cover and stabs Saito to death; Nicholson yells for help, while attempting to stop Joyce from reaching the detonator. Joyce is killed by Japanese fire. Shears swims across the river, but is shot just before he reaches Nicholson.

    Recognising the dying Shears, Nicholson exclaims, “What have I done?”

    I think it sums it up quiet well.

    Sophia

  31. Ambivalence in spades. I don’t want FOIA to be identified but how else are we ever to know to whom the honest citizens of this world are so greatly indebted?

  32. Pleasing your enemies doesn’t make you friends. Outing the whistleblower will serve no useful purpose in any of this. You are assuming your antagonists in all of this operate on the same moral plane as yourself. Be assured, they most certainly do not. Let them find their own vulnerabilities.- you don’t owe them a duty of care. They would destroy you if they could. This is not a fair fight.

  33. About these “FOIA” e-mails, Instead of concentrating on Whodunit, it may be more important to ask the question When Whodunit, these days when CERN scientists are doing ground breaking research in physics and many universities have been researching and developing quantum computers for sometime, maybe in the future to avoid the biggest most draconian restrictions on human development ever known to mankind, influenced by scientific fraud that sparked the eventual loss of billions of lives and caused an irreversible chain of events that set the human race back thousands of years in development and set in motion the beginning of our own extinction with no hope of ever recovering, Maybe we discovered a way to send data back in time, just enough to send back a virus with the intention of exposing to the world those involved, Maybe it was just a technician who got lucky and used his/her own judgment to release them, what ever the current theory is on the release of these e-mails, there is one point that it exposes and it is the “Cause”, The dangerous ideological belief that
    People = Co2 and Co2 = Climate Change and the prevention of which is to stop people from producing Co2 and this would mean the loss of life,
    This hypothesis based on fraudulent science is disgusting and misanthropic in it’s core belief and must be STOPPED.
    If I had access to those e-mails I too would have released them, I wouldn’t have to think twice about it.
    Too Sci-Fi?? lol

  34. @Lucy.

    Academic “success” has nothing to do with integrity, originality or honesty. Success depends entirely being able to draw funding and publish papers. As for lecturers taking the effort to lecture, that’s a fantasy. It’s a distraction from climbing the greasy pole.

  35. I am surprised no one has fisked the metadata on the files. In many cases, the “provider” of the info slips up and does not clean their account or other data from the files. PDF are bad about that, as zip files.

  36. I have spent a fair amount of my professional life repairing electronics. The inside workings of computers are easily obtained from the makers. The inside workings of most operating systems are nearly as available. All one needs is the smallest amount of training to link these sets of information and hack whatever, where ever. The weakest link, of course, are lazy users and IT geeks. I once worked in a school system where the access codes design was so simple the students had figured it out and were sharing it openly within two weeks of the opening of school. (Warnings to the IT guy, ahead of time, were poo-pooed)

    Then again some people are just invisible. One day, as I fixed a piece of equipment in a financial institution, I over heard a planning session for the secret acquisition of a large piece of property. Enough critical information was discussed that, had an unscrupulous listener had a rich friend, The friend could have made a killing.

    Security is increased when the users of a system are aware that someone somewhere is always looking, or trying to look. Anyone who gets the key, or finds the key, can look any time, all the time.

    I think the argument in this post is defective. Any onetime hacker can keep his window open until clever security people close it. I have a window screen with fewer holes than these AGW people.

  37. Ditto what Dave Me says. Grad students are the ones who know everything in a lab, partly because the professionals tend to ignore them or look down on them, and partly because the grad students are in the lab at all hours of the day.

    Also, students haven’t yet picked up the full load of careerist orthodoxies and self-censorship … in other words they still have a healthy scientific curiosity.

  38. “A full 26 per cent of them admit to using their privileged log in rights to look at confidential information they should not have had access to in the first place.”
    ================================================================
    That is shocking to find out !!!!

  39. Brian H says:
    December 6, 2011 at 2:48 am

    Even as we speak, a clandestine network of hundreds of home computers is using idle cycles to crunch away at the key … \9-)
    ==================================================================
    Oh the irony if someone could get into the METs supercomputer and crack the code there !!!

    https://wattsupwiththat.com/2009/08/28/met-office-supercomputer-a-megawatt-here-a-megawatt-there-and-pretty-soon-were-talking-real-carbon-pollution/

  40. Anthony,

    We know the hacker was actually “you”. You are just trying to throw the investigators off your trail with this post. (sarcasm)

  41. In reality it was probably exceptionally easy to get access to the files. It probably involved nothing more complex than a bored technician copying a batch of files to a USB thumbdrive late one night.

    BTW passwords provide zero protection if someone has physical access to your computer. They can simply use a Linux USB thumbdrive to boot into a Linux session. They can then read or copy any files on your computer. It doesn’t even leave a record because no changes are made to the hard drive.

  42. MSM is still trying to single out China as having broken ranks, however:

    5 Dec: Times of India: Nitin Sethi: Durban talks: China scorches rumours of rift with India
    DURBAN: China scorched all rumours that it had moved away from India’s position on Kyoto Protocol and a new global deal on Monday…
    His statement came a day after developed countries had attempted to paint India as the bad boy of climate claiming it was the only impediment to talks on a new global deal in Durban and China had taken a more flexible stance…
    But on the weekend news reports originating from Durban suggested that China had diluted its stance on this and was willing to a new deal right away.
    Zhenhua made it clear that it had always been in favour of a new global deal but only after 2020 and that too with several important riders – most of which the western countries are inimical to completely at the moment. He noted that fast start and long term funds and technology transfer – as envisioned under the Cancun Agreements needed to be operationalised too before talks on a new deal begin in 2015.
    India has stated exactly the same on various ocassions before but some developed countries have attempted to draw out a rift in the BASIC ranks, which negotiators in the developing world suggest are early signs of Europe being isolated yet again at the climate talks with its trenchant position…
    Zhenhua said it was important to first see the existing commitments – under Kyoto Protocol and Cancun Agreements – first be fulfilled and the review of the existing UN convention show how well the developed countries had done in meeting their obligations.
    The Indian position also got support from the African groups and other developing countries with the leader of the African group of countries saying Europe was interested in the carbon trade and not in Kyoto Protoco likening it to someone loving mangoes but disliking a mango tree.
    http://timesofindia.indiatimes.com/home/environment/developmental-issues/Durban-talks-China-scorches-rumours-of-rift-with-India/articleshow/10995262.cms

  43. @ Polistra,
    I agree with you totally. In most universities grad students seem to have access to virtually every bit of equipment 24 hours a day. The idea of a bored student poking around the mail system in late one night seems very plausible.

  44. Just wondering if we should be referring to the FOIA leaker with a kewl name…like Deep Throat for Watergate? Maybe Deep IT?

  45. IMHO, based on having been down the FOIA goatrope before, is that the archive was prepared by UEA IT for the FOI office using a set of search terms. That archive is then reviewed by legal and the program staff. I suspect the various actors involved saw that file and moved heaven and earth to stop its release. So, the leaker would not have needed administrator access to multiple servers and archives, IT would have delivered several CDs to FOI, management, legal, and the project office. 3mins of inattention and anyone – visitor, janitor, girlfriend, student, etc could have copied the archive and walked out with it.

  46. To Matthew W. 5:06am

    Shocking? Prehaps. Research, and this post confirms, that under the right conditions (for a given individual) about 50% will do a dirty.

    I try to be a fair and honest person, giving back excess change etc. But I have my price: $6,000,000 (USD) up front, free and clear.

    I think everyone should consider what their “price” is. It could save a lot of indecision later. For myself, I am pretty sure no one will be willing to meet mine.

  47. Sophia says:
    December 6, 2011 at 4:24 am

    Recognising the dying Shears, Nicholson exclaims, “What have I done?”

    But in the end, SPOILER ALERT, SPOILER ALERT doesn’t he succeed in blowing up the bridge? Or do I miss-remember the ending of the movie?

  48. Sparks says:
    December 6, 2011 at 4:27 am

    Too Sci-Fi?? Lol

    That was so bad that I really wish I could send data back in time to tell myself not to read it. lol

  49. Hector Pascal says: December 6, 2011 at 4:40 am

    thanks tho I don’t see the relevance to my statements. I’d say yours is the realist / statistical view, that sees the lazy 90% “consensus” as the dominant picture; but I submit that the 10% (or less) “mavericks” are as important short-term and far more important long-term. I take the success of WUWT as direct evidence of this.

  50. “Based on what I’ve seen so far, I don’t think any of the research staff at CRU had either broad access nor the specific tech knowledge to pull this “hack” off.”

    “I once worked in a school system where the access codes design was so simple the students had figured it out and were sharing it openly within two weeks of the opening of school.”

    I suspect these quotes are very, very, close to the truth.

    The Team was so inept that a fascinating scenario comes to mind and it does not, necessarily, involve I.T. staff. Students are often geeks, most are I.T. savvy and not a few inquisitive. Those of the non bleeding heart liberal tendency (whose natural affinity will be with The Team – who, don’t forget, may also have lectured them) may, having smelled the rat in their bad scientific process, have disagreed with The Team. Could it be that critcal thinking students, having discovered The Cause and the bad science underlying it, were involved perhaps with the connivance of an I.T. specialist?

  51. Any and all attempts to form a professional relationship with the other side has turned sour. I predict this one will as well. You have been bitten so many times yet you continue to put your hand in the snake pit.

  52. It serves no purpose to speculate about who leaked these emails….. I don’t think it is a good idea to give those who would persecute this brave individual any clue to who he or she might be…. Just keep your theories to yourselves and focus on the info instead.

  53. Mr. Watts,

    I’m very pleased to see that you alerted Phil Jones and JGR to the password security risk.

    Your integrity and decency is highly admirable. Please don’t ever veer off the high road.

    Best regards,
    Russ

  54. If the person or pesons who leaked the email files is ever identified, it would be appropriate to award him/them a Nobel Prize, and the highst civilian award which can be bestowed by Britain or the US. Few times in history have the billions of mankind owed so much to so few.. He/they have acted tosave the world from poverty, starvation, and increasingly authoratative government action.

  55. Brian H says:
    December 6, 2011 at 2:48 am

    Even as we speak, a clandestine network of hundreds of home computers is using idle cycles to crunch away at the key … \9-)

    Yes, I wish it could be set up and run in a SETI kind of way.
    Someone, please make such software. It’s for the cause.

  56. FWIW, my view has been that the police and university could unmask the insider if they wished. I don’t think they wish to, because that person might then show the world how code was manipulated to get the desired result, etc. Things would be even worse.

    If this is reasonably accurate, there is a sort of Faustian bargain going on: the insider hasn’t given up everything he or she knows, and the authorities leave the insider alone because of the further embarrassment it would cause the Climate Hockey Team should the insider tell all he or she knows.

    Just a thought….

  57. Morph: “Putting these two ideas together I would think that the person involved made a physical theft of a backup at some point, restored it offsite, and then replaced it before anyone noticed. There would be no electronic record that the backup had been accessed and no physical evidence of it being taken at all, at least unless someone noticed which is unlikely – say in a weekly rotating backup scenario or a backup being made to another removable system.”

    If a live copy of the backup was placed on disk storage for quick retrieval in case of a system failure, and if the hacker had gained access to the live files where the hot backup was stored, then that person could have simply copied the backup files without doing any replacement at all, leaving no traceable footprint behind. Then as you suggest, the files could have been restored offsite and then analyzed for their content at the hacker’s leisure.

    Unless this person, or these people, come forward of their own volition, the hacker or hackers will likely never be identified.

    But if they are indeed eventually identified, they will have to suffer the legal consequences for their actions, because they deliberately violated security rules and procedures which have potential criminal and/or civil penalties associated with them, even if the access was gained externally, and even if the content of the information was releasable under FOI rules. The potential for retribution from authorities comes with the territory of deliberately performing an act of civil disobedience, which in the greater context of the AGW debate, is really what this event represents.

  58. Anthony,
    Remember, they don’t play by your rules. If you expect a reciprocating decency you are a dreamer for a world that no longer exists.

    REPLY: I play by my rules, doing what is right. I expect nothing except scorn. No good deed goes unpunished. – Anthony

  59. I wonder if this is a self-reported, anonymous survey of IT staff, instead of a careful examination of root/admin level access logs. I ask because there might be a bit of “I know what you’re doing online, bwhahahah!” bravado from the IT staff if it’s self reported. ;-) Just wondering…

  60. Charles.U.Farley says:
    December 6, 2011 at 1:20 am

    …Personally i dont think its wise to assist them in any way shape or form as its simply helping them to continue unabated.

    No, I completely agree with Anthony’s course of action. Regardless of what “The Team” might think, we’re interested and motivated to rescue the science from the malfeasance these emails reveal. There are other publications by other scientists at that same site. Knowingly allowing it to remain compromised is unethical.

  61. steven mosher says:
    December 6, 2011 at 12:14 am

    ok, that’s a big enough clue.
    ———–
    So Mosher works at the UEA!!

  62. As said IT professional, I am certain that the leaker was not an IT dude.
    why ?
    An IT expert would never have released ‘CimateGate 2.0’ OR ‘foia2.zip’

    It would have been ‘CRUgissDat2EzeMail version 2.01875 Service pack 3.0 W95,97,Vista,7’

    and for those of you trying different passwords – you can rule out

    ‘InTheBlueRidgeMountainsOfSiberiaOnTheTrailOfTheBristleconePine’
    ‘IwasWorkingInTheLabLateOneNightWhenMyEyesBeheldATerribleSight’

    jokes/

  63. Jean Parisot says:
    December 6, 2011 at 5:33 am

    IMHO, based on having been down the FOIA goatrope before, is that the archive was prepared by UEA IT for the FOI office using a set of search terms. That archive is then reviewed by legal and the program staff. I suspect the various actors involved saw that file and moved heaven and earth to stop its release.

    That has always been my own opinion as well. Since the released files are not just “any and all”, but specifically focused on responding to a FOI request, they constitute what was specifically assembled by their FOI compliance team. Release was squelched because of the damning content.
    Since this was an abrogation of their legal and moral obligation to respond, someone on the compliance team took it upon themselves to release anyway.
    Could FOIA be a technically adept ethical lawyer? Nah, such a thing doesn’t exist. Does it?

  64. As an IT admin, I *NEVER* look casually at the data I am entrusted with. That would be *poor* stewardship. I do on occasion have to view data elements to ensure that things are OK (not corrupted from a restore, etc.). If I were then to come across evidence of a crime in progress, or massive academic dishonesty and conspiracy to violate laws and to besmirch the reputations of innocent people, I can assure you that I would handle it in the most ethical manner possible, in accordance with commonly practiced ethical standards. IT folks can do jail time if they take part in the conspiracy, even if they had nothing to do with it.

    Some illegal activity is reportable to ombudsmen or local authorities. In fact, the appropriate authorities is the perfect place to report in order to nip conspiracies in the bud before they embroil entire universities. However, if the university authorities are also deeply involved in the case (as Penn State has been — I think no one will disbelieve that there has been a widespread culture of corruption there), then some other safety valve must be found, in order to prevent the IT professional’s unwilling inclusion in the corruption. Simply complying with the FOIA requests, exposing the corruption to the light of day is a very effective, and defensible way to do this.

    You may note that that leaves a wide spectrum of activities open for me to use — I will not ever casually “dump” data. This is a position most IT professionals take.

    However, to assume that an IT professional was the one who did this is a bit rash. Most of these systems are poorly protected in other ways than just password access — often in regrettable ways. Often a casual observer in the right place at the right time can have physical access to a stack of 8mm backup tapes.

    As an IT professional, although I cannot and will not say that it was the IT guys, if I ever find myself at Penn State, I will be buying their IT people many rounds of Guinness Stout, the fuel of IT professionals & BOFH’s the world around.

  65. @O2BNAZ, Anthony’s reply

    If you, Anthony, had been in FOIA’s position, would you have leaked the mails?
    Was FOIA ‘doing what is right’?
    Is contributing to his discovery before he is ready to expose himself ‘doing what is right’?

  66. Anthony,
    I have seen nothing to change my original hypothesis:

    FOIA is the guy whose job it was to pull together the emails for the original foia request (can’t remember his name now) and that he foolishly accepted Jones’ plea to be allowed to put that together himself. Jones was thus given access to the backup server to do this and FOIA later found a folder with that name, compiled by Jones, that was earmarked for deletion.

    I think FOIA got so pissed off at being dupped – and at his own gullibility and stupidity – that he arranged the document leak. Jones knows who did it because FOIA told him – they both would lose their jobs over this. FOIA should never have allowed Jones to compile the documents in compliance of the foia request with access to the backup server (because that was HIS job), so he is as guilty at some level as Jones was for planning to delete the documents.

    They were then, and still are, at a stalemate. What FOIA wants now, holding the remaining emails over their heads, is another question entirely.

    Perhaps FOIA is insisting Jones et al confess because he is ready to do so himself but wants it to be a confession rather than an exposure?

  67. TerryS said “Therefore the [new] archive could not contain post CG 1.0 emails.”

    This is a key observation.

    Because what it means is that both the CG 1.0 and CG 2.0 emails were gathered all at one time. Which in turn means that firstly FOIA has held the latest release for two years. Secondly it means that FOIA has not further exposed themselves by carrying out a second attack against an now alerted infrastructure.

    That last means that discovering who FOIA is, and will remain, virtually impossible from a purely technical standpoint.

  68. Interesting idea the xmas party. could be the new year party climate gate 1 files where dates 1st of the 1st, and the new climategate 2.0 emails are daye 1st of the 1st, so could be the new year party?

    It could be Prof Jones himself, NO that would not be right he can’t even use excel,can he.

  69. First it could be a student. Large corps and universities especially hire students for summer work or part time because they are cheap. They can be very bright and will be given access to anything they want because they get the jobs assigned to them done quickly.

    If it was someone in the IT department with access the first thing they would do is make sure more than they had access so there would always be reasonable doubt and the more people with access the better. No way short of a confession do they catch the person IMHO.

  70. Bernd Felsche [December 6, 2011 at 12:27 am] says:

    Phil is still looking for the Any key to press to continue. ;-)

    ROTFLMFAO!

    brc [December 6, 2011 at 2:09 am] says:

    “The idea that a sophisticated person could only use 7Zip to encrypt the rest of the files is not true.

    Once you had an idea to release an encrypted set, about 15 minutes on Google would have found you the right direction and tools. The software is free, the advice is free. Literally anyone with half a brain could figure it out.

    But it certainly does rule out some of the main players though. Phil Jones for instance. Press Any Key to Continue :-)

  71. I am not in favor of helping the copper find this hero no matter how much my curiosity bump itches.

  72. .
    Sorry, the FOIA mole is unlikely to be an insider. She changes all the comma separators to dots: ie 1,250,000 becomes 1.250.000 .

    This is a European and Russian habit – so don’t worry, she is safe from the likes of Big Phil. It always was a Riddle wrapped in a Mystery inside an Enigma, and never more so than now.

    .

  73. >>>48 percent of respondents work at companies that are still not
    >>>changing their privileged passwords within 90 days

    This is typical computer nerd speak.

    They tried this at my previous company, with compulsory changes of passwords every two months. They ended up with 60% of people locked out of their accounts, and the other 40% with their passwords written on the backs of their hands.

    More liberal idealism that simply does not work in the real world.

    .

  74. 1) Congratulations Anthony, your integrity remains quite spectacularly intact. You are an example for others to follow. If only that ‘the team’ valued integrity so highly.

    2) It’s not the IT guy. He wouldn’t have know what to get. IT guys are smart at IT stuff, but this guy clearly knew his way around climate science. The most important part of FOIA 1 wasn’t the emails; it was the code and data. Further, whatever encryption he used, it’s not that spectacular, it’s getting rather common place. In fact the encryption used by Wikileaks was just substandard. One key? Really? I’m not an IT expert, but even I would’ve used multiple layers of different encryption software, some 256, probably a layer of PGE right in the middle, just to catch anyone who didn’t try absolutely everything at each and every step. Crack that with your silly little network of home PC’s (re: Brian H:
    December 6, 2011 at 2:48 am). Tell me this guy wasn’t smart enough to used layered encryption, he clearly spent a lot of time gathering the information, covered his tracks quite well (or they couldn’t possibly call him a hacker), and did his homework before releasing anything.

    3) The smart money is on the coder who wrote the comments in the data files while he was cobbling the code and data together. ( I bet he had a fun day with at Scotland Yard during the investigation. ) He obviously realized what a pile of dog-crap this supposed ‘science’ really was and decided to do something. He couldn’t challenge these guys directly, and he knew it. He could have been the guy charged with changing the server tape, or something akin to that. I doubt there was a great deal of attention paid to network security at EAU’s climate lab prior to the FOIA file getting released. He didn’t just borrow the tape and copy it one time, he probably gathered the backups over time. There’s too much stuff there to have gotten it all on one day. In the end, the only reason he didn’t go down for this is that they couldn’t pin it on someone internal. If they did they were cooked. It was either hacked, or it was admissible as evidence. And they knew it.

    Don’t know why the department’s email server was also it’s network server, but even the fact that that someone had access to both, or at least the backup tapes for both tells you something about the lack of real security surrounding the IT there at EAU.

    And finally, to Lucy, yes, there are miracles, but I believe in the type of miracles where people are directed, through divine intervention, to be the right person at the right time with the right skills doing the right thing. Perhaps your understanding is correct, but God is usually much better at covering his tracks than you would suspect, in my experience.

    Anyway, my $0.02,

  75. As an IT specialist I would also like to chime in and say, unfortunately for my profession, that the 256 bit AES encryption does automatically mean it is some IT person on the inside who is doing this. A hacker is more likely to use high level encryption than is the average IT staffer since the former trusts no one and the latter tends to think everyone but them is too stupid to figure it out. :)

    That’s really as far as I want to reveal because I don’t want to help them catch the guy.

  76. Re; Scott Brim: December 6, 2011 at 7:00 am

    Scott, my understanding is that if it’s a leak, and not a hack, it’s not punishable as a crime. It may be a civil tort, but if this information was subject to FOI, that in itself is a perfect defense.

    They’ve got a problem on their hands at EAU; they cannot let it be known that this was a leak, or they’re sunk. This is all admissible, if it’s a leak. There are things in there that constitute criminal waste, fraud and abuse. It’s amazing to me that there aren’t retractions in the journals, based on some of the stuff in the code/data files, but more importantly, if it were admissible in court there are discussions of actions which constitute fraudulent use of taxpayer dollars and collusion to do so. It would at the very least be untenable for them to remain employed in government sponsored research.

    As long as it’s called a hack, and whoever did it was good enough to cover their tracks well enough that the bobbies can’t say otherwise, Phil et.al. are safe. They have a vested interest in maintaining the anonymity of the leaker and thereby maintaining that the information was hacked, and they know it.

  77. Gary Mount says:
    December 6, 2011 at 5:54 am
    “That was so bad that I really wish I could send data back in time to tell myself not to read it. lol”

    Ha Ha!!
    Do you think it needs more killer robots and maybe an Alien-zombie hybrid sub-plot??

  78. If the security holes were left open, would it have been a violation of any law to use them to secure information (as opposed to malicious sabotage)? Just wondering….

  79. As i’ve said before: FOIA should fear for his life. Torpedoing Copenhagen likely got the World Leader’s attention.as well as some global industrial / Bank types. Some how–FOIA has to arrange for the release of the encrypt key should ‘something’ happen. The attempt to figure out who FOIA is was inevitable and should be expected. FOIA (..and a few others) will go down in history but if AGW gets their way–we’ll all go down with history!!

  80. I like what Bob Kutz says:

    “They’ve got a problem on their hands at EAU; they cannot let it be known that this was a leak, or they’re sunk. This is all admissible, if it’s a leak. There are things in there that constitute criminal waste, fraud and abuse. It’s amazing to me that there aren’t retractions in the journals, based on some of the stuff in the code/data files, but more importantly, if it were admissible in court there are discussions of actions which constitute fraudulent use of taxpayer dollars and collusion to do so. It would at the very least be untenable for them to remain employed in government sponsored research.”

    I made a similar point earlier (above), that CRU/UEA didn’t want the leaker to spill his or her guts, it would be worse than what they have now.

    But Bob’s point is more trenchant: everything in a leak is admissable, all sorts of bad things (for them) would happen in court, so please, please, don’t find the leaker! And sure enough, the police are cooperating.

    Slightly off topic, the image I used to have of the UK is taking a beating. First, Murdoch and Co. have been bribing the bobbies for years, even bribed them to teach their paraparazzi how to hack into phone mails. Now they’re apparently cooperating with UEA/CRU to NOT find the leak (IMHO). Not so Churchillian, any more.

  81. Charles.U.Farley says:
    December 6, 2011 at 1:20 am

    While it may have been a laudable thing to do Mr Watts, as others have stated, dont expect to be thanked for being so honest, its not in the oppositions nature (no pun) to be that way with the rest of the world.
    In fact if the roles were reversed i think theyd have used any foothold, any loophole to ensure they brought you down rather than simply seek the truth.

    Interesting study, reported yesterday on NPR, on cheating.

    For Creative People, Cheating Comes More Easily
    http://www.npr.org/2011/12/05/143146037/for-creative-people-cheating-comes-easier

    The study and the article suggest that the kinds of stories people concoct about themselves are important rationalizations for cheating. Creative folk, they claim, are better at these kinds of rationalizations. It’s all about the stories.

  82. Pamela Gray says:
    December 6, 2011 at 6:10 am

    Any and all attempts to form a professional relationship with the other side has turned sour. I predict this one will as well. You have been bitten so many times yet you continue to put your hand in the snake pit.
    ———————————————————
    I agree with Pamela. Anthony should read (or re-read) Aesop’s fable:

    “The Scorpion and the Frog

    A scorpion and a frog meet on the bank of a stream and the
    scorpion asks the frog to carry him across on its back. The
    frog asks, “How do I know you won’t sting me?” The scorpion
    says, “Because if I do, I will die too.”

    The frog is satisfied, and they set out, but in midstream,
    the scorpion stings the frog. The frog feels the onset of
    paralysis and starts to sink, knowing they both will drown,
    but has just enough time to gasp “Why?”

    Replies the scorpion: “It’s my nature…”

    There is no point in behaving like the frog. It may theoretically be the honorable thing to do, but you will get stung and drown anyway.

  83. “redundancy lists” … I love that term. It goes with “surplused,” “redeployable human resources,” “excess pool,” “dumped,” and simply “laid off”.

  84. I don’t think this was an attempt to form a professional relationship so much as a professional handling a responsibility. So rare it’s not recognized I guess.

  85. Jean Parisot says on December 6, 2011 at 5:33 am

    IMHO, based on having been down the FOIA goatrope before, is that the archive was prepared by UEA IT for the FOI office using a set of search terms.

    I would agree, but 99.99% (of ppl, commenters, etc) seem not aware of this facet …

    .

  86. I have a different theory. Look at the name of the file, “FOIA”.

    It seems quite possible that the actual FOIA file(s) were generated by the IT department for consideration for release in conjunction with a FOIA request (there were a few around that time), and a second part who was given access to the IT department’s work product then released/stoled it.

  87. Besides..who said “…….love thine enemies and in doing so you will pour hot coals on their head!…”

  88. More than a decade ago, at a University not 60 miles from UEA the IT were using the
    Login Administrator and Password Admin, for access to the files on the I:Drive. You could see anyone’s files using this privilege.

  89. Your comment is awaiting moderation.
    The cast for the AGW movie:

    David Beckham as………………………FOIA (doesn’t have to say anything!!)
    Balderick (black adder) as………………Phil Jones (Head of Climatic Research Unit)
    Christina Hendricks as……………………Christina (Head of Climactic Research Unit) (gedditt?)
    Bill Nighy (actor)as………………………Anthony Watts
    Daniel Craig as…………………………Steve McIntyre
    Jimmy Swaggert as……………………..Al Gore (Nupty ot Nashville)
    Wurzel Gummidge………………………….Patchy Morals

  90. Brian H says on December 6, 2011 at 2:48 am

    “Even as we speak, a clandestine network of hundreds of home computers is using idle cycles to crunch away at the key … \9-) ”

    AdderW says on December 6, 2011 at 6:48 am

    “Yes, I wish it could be set up and run in a SETI kind of way.
    Someone, please make such software. It’s for the cause.”

    Perhaps in the way of a captcha?

    “Please enter a CG 2.0 e-mail password for consideration in unlocking the 7Zip file (secured by 256-bit AES key) before continuing:”

    _________________________

    http://en.wikipedia.org/wiki/CAPTCHA

    .

  91. As R. A. Heinlein used to say,
    “Certainly the game is rigged. Don’t let that stop you; if you don’t bet, you can’t win.”

    The moment we start to behave like IPCC crooks, we cease to be “we” and morph into “them.” We must continue to play by the rules, and in this Mr. Watts is right.

    Do Michael Mann and his co-conspirators have a huge advantage because of our playing by the rules? Absolutely. Will their corruption destroy them from within? Maybe, but not necessarily. Evil does win most of the time. Truth advances at the leisurely pace of evolution.

  92. Oi! Don’t be calling my Anthony a Mensch!

    o0h…..Wait a minute………(WIKI Mensch Answer: means “a person of integrity and honor )

    Oh. Okay!

  93. I agree it was the right thing to do and I believe everything Anthony has done, without ascribing superhumaness, to be the right thing. Expose what has gone on to the ‘uncouth triumphant truth’! Because it is what it is!

  94. Everyone knows IT security can be inconvenient. That’s why some IT people exempt themselves from the same rules and practices the rest of us have to follows.

    We also know many scientists and engineers think they are smarter than the IT people and will do anything to get around the inconveniences. Throw in a sloppy administrator who shares accounts with passwords that never change and you have a situation where virtually anybody could be using an admin account for any purpose.

    I worked in an IT shop where they would change the network root admin password because it was hard-coded into so many applications, nobody knew what would break if they changed it.

    In today’s business environment, you can’t get away with such practices in a large company. Apparently academia is a little behind. (I also teach part-time and I say that from experience).

    ~More Soylent Green!

  95. As an IT professional I abhor those in my profession that break chain of custody or browse sensitive data. I take my job more seriously than those surveyed.

  96. In fact, broad system access rights was self-evident from the beginning. Someone with such rights would have been responsible for compiling the email data for the original FOI request. A researcher “might” have let cruft accumulate in the email archive on an individual system, but no FOI accumulation would rely on that. Hard disk space is limited and sooner or later the user would scour the older material retrieve disk space. An institution that was concerned to cover itself legally would work through the email archiving system. It would ask the subject researcher for relevant material and then also scour the archive in order to protect itself from the researcher’s carelessness.

    Even if the AGW club thought their public “enemies” did the “hack” job, the police certainly would have known better. They would have to interview such individuals with “motives” as a matter of course, but it would readily become clear that few if any such individuals would have the system skills, even if they had the motives. One fact I noticed was the confused use of “.” and “,” in numbers in the readme text that accompanied the recent release. Some parts of Europe commonly use a comma to mark a decimal point while other regions – e.g. US and Britain – use a period. In the readme file BOTH forms are used suggesting either two people from different parts of the continent or one person attempting to disguise their origins.

  97. If only, back in 1942/43, the allies had such an ethical chap covering their backs, they could have notified the axis that Enigma and JU-5 were compromised. “Gentlemen do not read other people’s mail” … and all that.

    –dadgervais

    p.s. Did not one of the “good guys” get some raw data from an unsecured FTP server? I suppose he should have just sent them a note instead to clean-up their act, lest someone else got the data the Team were denying him.

  98. Anthony,

    I don’t understand why you think it necessary to help close their security gaps and weaknesses.

    Whats next… Will you volunteer advice to the Mafia to secure their communications from the FBI. There may not have been any leak at all, had they followed your advice. If any THING must remain hidden, can that THING be good. I think you have severely damaged intelligence gathering and endorsed secrecy. All for the purpose of a dubious brownie point. GK

    REPLY: I was told in the reply from Phil Jones and from AGU that others had also been made aware of it, so I wasn’t the first. – Anthony

  99. Anthony,
    As I stated a little over two years ago on Climate Audit, “I found it interesting that the emails in question were text files with a UNIX email server’s time date stamp tracking as file names. When I opened the email text files I also found it quite interesting that someone had taken the time to delete the full email tracking headers from the file. What was the person trying to cover up from the deletion of the headers? Well I think it is quite apparent from this is that he or she was covering up the fact that it was a blind carbon copy of the email automatically send to the email administrator for archiving purposes. This is pretty much standard operating procedure for UNIX server administrators. The FOIA folder was most likely created by a server administrator for a freedom of information request.”

    I didn’t state at the time that this guess about the reason for the collection of the emails was the supporting fact that the code and documents were also included in the FOIA folder was further proof of that conclusion. This latest FOIA disclosure is just more support of that conclusion. The size of the locked zip file is even more support for that conclusion. Now as to the question of who is releasing these emails, code, and documents that is up in the air. He/She could be that administrator, other IT personnel, or someone who found the collection while snooping around at the CRU and found the collection of emails, supporting code and documents. Who ever this person or group of people that is doing this has and is exposing the very ugly corruption current climate science by politics.

  100. I know it sounds counter-intuitive for it to be a positive for Anthony to help the CRU close those open doors. I’m reminded of the practice for a while, during the Battle of Britain, for shot down Luftwaffe pilots to be taken to the officer’s mess for beers and the like. A fact i’m proud of and having felt this since I first heard of it as a kid (my Dad was a Spit pilot). Why? I don’t know.

  101. This, of course, ensures that there will never be a Climategate 4. Reminds me of the joke about the condemned engineer on the gallows who pointed out to the hangman that the stuck trapdoor needed its hinges oiled.

  102. It makes perfect sense that someone just swiped a CD off someone’s desk that had the filtered archive on it. A password protected file was also on the CD, because they wanted to cover themselves for potential disclosure issues in court.

    It could be anyone who had access to someone’s desk. A secretary, a janitor, a grad student.

  103. Eternal Optimist wrote: ‘InTheBlueRidgeMountainsOfSiberiaOnTheTrailOfTheBristleconePine’

    I had never before thought of using passwords that I could sing. Thanks for the hint. Don’t you have to be kind of old to know that song? the modifications are funny.

    I see that people are letting Anthony know whether they think he did the right thing by alerting others to ongoing security lapses. I vote with those who think he did the right thing — Anthony, you done good.

  104. The IT People seem to be the logical choice. It may have started with one IT Person who was ticked off at what was happening, but my best guess is that the number grew as others found out.

    Whoever it is let me say, “Thanks, Climategate 2.0” was a great early Christmas Gift!!!

  105. Imagine, if you will, waking up some morning and seeing a photo on the front page of the Times with the caption: “Suspected Leaker Found Shot at UEA.” Do you jump for joy and say, “I was right! I’m sure glad I posted my suspicions on Wattsupwiththat before anybody else! Woo-hoo! Clever boots me!”

    No, you’d probably think, “Holy crap. I got this guy killed. If I’m so clever, why the hell didn’t I just keep my mouth shut?”

    REPLY: That’s quite an extrapolation. I don’t see angry protestors demanding “FOIA” be apprehended. Get a grip. If the Norfolk Police have stopped investigating (and all indications are that they have) I think the UEA probably doesn’t want to push the issue further. – Anthony

  106. Just what are you trying to do here? First you tip off Jones, then you try to out FOIA. Whose side are you on, anyway?

    I think I’ll stick with Pointerman.

    REPLY: Read the update I’ll post in a minute, you like many others are getting the wrong idea. – Anthony

  107. creeper00,

    Anthony did the right thing. He was being professional. And it’s not just a one-off event. Note that Anthony also posts a link to RealClimate and other alarmist blogs, but they don’t return the courtesy.

  108. NoAstronomer says: December 6, 2011 at 7:48 am

    TerryS said “Therefore the [new] archive could not contain post CG 1.0 emails.”

    This is a key observation.

    Because what it means is that both the CG 1.0 and CG 2.0 emails were gathered all at one time. Which in turn means that firstly FOIA has held the latest release for two years. Secondly it means that FOIA has not further exposed themselves by carrying out a second attack against an now alerted infrastructure.

    Agreed. And as I had noted recently, in November 2010, Nature‘s David Adam (who claimed to know more about the source of the leak than the Norfolk Constabulary) reported that:

    Jones and others connected to the CRU fear the hackers may be sitting on more stolen e-mails, but Jones feels confident the worst is behind him. “It really is not somewhere I would like to go through again. But having been through it once, I think I am a bit hardened to it.” [emphasis added -hro]

    For once, their “fears” were not unfounded! But the downside of this (for them) is that what might also be “unfounded” is their claim during the “press conference” to the effect that they haven’t finished going through the latest release, so they can’t confirm their authenticity.

    They’ve had two-full years to figure out what might also have been copied by The Saint (as I prefer to call FOIA). Then again, they might have been too busy “redefining” the English language (and, along with their media cheerleaders, bolstering “the cause” of saving the planet!)

  109. Anthony..As far as any Warmist goes don’t give them an inch.
    As the song said: Kick em when they’re up – Kick em when they’re down – Kick them all around. Its what they have practiced for more than 20 year, now the steeled toed boot is on the other foot. don’t give them a break and don’t ever turn the other cheek. Didn’t the BEST fiasco teach us anything? they stuck an ice pick in our backs.

    ONE THING THAT SCARES THE POLITICIANS THAT HAVE SUPPORTED THE CAGW POLICY’S, IS EXPOSURE THEY WERE IN ON THE SCAM ALL ALONG = THE 7z HIDDEN FILES?
    Jo Nova has a finger on the pulse of the 7z files and a possible explanation that is more the more than interesting.

    http://joannenova.com.au/2011/11/pointman-a-dead-mans-hand-detonator-on-hidden-emails-may-protect-climategate-whistleblower/

    Climategate 2

    Pointman — A dead man’s hand detonator on hidden emails may protect ClimateGate 1 & 2 whistleblower FOIA – Still behind the encrypted and locked & zipped 7 z files the real juicy bomb shells aimed at the Curupted politicians and Power Elite = ClimateGate 3- 4 – 5
    He points out there are no emails released yet between key scientists and people in power
    We do not have a single one of those high-level political emails but they must of course exist.
    I strongly suspect we now have them in our possession.
    In the high-powered risky game of whistle blowing there are ways to make the Climategate 2 leaker a less attractive target.
    Pointman analyzes the ClimateGate whistleblower’s tactics and explains why he, she or they probably released those other 200,000 emails but kept them hidden behind the 4000-8000 character almost unbreakable password.
    He points out there are no emails released yet between key scientists and people in power, hence the worst, most damaging emails may be kept under a ” dead man’s hand detonator”. If politicians are afraid of what might be in those released-but-hidden emails, they may not want to expose or attack the whistleblower for fear of unleashing the other emails. The hidden emails buy the whistleblower protection.
    Jo

  110. I dont disagree that Anthony did the right thing, certainly from a professional, moral and honesty driven point of view it definitely was.
    For me (maybe im crooked? :D ) its just the certainty that playing on a slanted table can only be problematic in terms of gaining an upper hand and laying bare the web of deceit being woven?
    Although having said that, the old adage- “The truth will out” holds water vapour indeed.

    I have absolutely no doubt whatsoever if we discovered that the sceptical side was indeed wrong/misinformed that itd soon be put to rights by admitting it and then we could all direct our energies into “the cause”….(ok maybe not. :D)
    I cant really see the likes of the “team” ever doing that in public even though they certainly do in private!
    Which is rather the point of what Anthonys done- he’s shown them the path.
    One theyve strayed rather a long way from.

    If youve any conscience left at all Phil J, do the right thing and come clean.

  111. dadgervais says:
    December 6, 2011 at 10:26 am

    If only, back in 1942/43, the allies had such an ethical chap covering their backs, they could have notified the axis that Enigma and JU-5 were compromised. “Gentlemen do not read other people’s mail” … and all that.

    Let’s put the question this way, then:

    Are we at war already, or do we still pretend to live in a civilized society?

    If we are at war or in revolution, then yes, all bets are off. Then there is no need to criticize, to find errors and faults, to reveal fraud by legal means. Then it’s time to be up in arms: after all, our enemies are parasites above law, depriving us of our livelihood. Be prepared to die for the truth.

    On the other hand, if, for the sake of our “safety and security,” personal comforts and other self-delusions, we are still pretending to live in a lawful, civilized society, we must uphold this pretense, behave in a lawful way, and show an example of integrity and civility.

    Chose one… Oh, you wanna live, eat well, know that your wife and children are safe, etc. etc.? You just don’t want the climate con men take your money but you are not prepared to die for the truth? Play by the rules, then.

  112. dadgervais says:
    December 6, 2011 at 10:26 am

    If only, back in 1942/43, the allies had such an ethical chap covering their backs, they could have notified the axis that Enigma and JU-5 were compromised. “Gentlemen do not read other people’s mail”

    Luckily for us, the world was being saved by people like Churchill, who understood there was a time for tea and crumpets, and a time for punching people in the throat.

  113. Yesterday I stopped by the vet’s on the way home. In the strip mall parking lot was a new model Ford Explorer left running, nobody nearby.

    Have you even been tempted to jump in a vehicle like that and park it around the corner, out of sight? The driver would have deserved it, and possibly, it could have saved the owner from a future theft.

    Anthony, you did the right thing by alerting them to the security hole.

    Keep in mind that others had already notified them of the problem. Any blowback won’t be Anthony’s fault. He did the right thing, even if the problem was already recognized.

    ~More Soylent Green!

  114. Anthony,

    You may recall from days gone by, anyone who was an aware user on one of the
    old regular Bell Labs Unix systems, one with the Berkely flavored modifications,
    or an after-market hybrid, with just general read permission on
    the system could rove the user files, and generally pull up filenames.

    If the user allowed anyone in their “group” to have read permission for
    a one of their files, the entire “group” shared the read permission unless the file
    was specifically password protected. User + group read = rwx r– r– .

    If you could read the file, you could copy it. Even if the orginating user file was
    “linked” using ln to a file under the second users file directory, the other
    user still had to have read permission to the original user’s file directory and then
    the file itself.

    A lot of regular users automatically set the file permissions to “all read” so all
    other authorized users on that system had read access to most of their common
    files, including their “out” box for e-mails.

    If a user mistakenly, or for some reason (like revising data entries in columns in
    a preexisting file) would give write permission to one of their
    “group” that would involve giving the “group” both read and write permission to
    both the user’s file account AND the file to be edited. All group read + write =
    rwx rw- r– .

    Passwords on individual files were a hassle. Unless the system administrators
    set the default “permissions” for user file creation to rwx — — (read, write, and
    execute for the file creator ONLY, the original Bell Labs default (rwx rwx rwx)
    was generally modified to rwx r– r– . That gave the user read, write, and execute
    ability on his/her file, with the group and the other system users read
    permission to the file structure (filenames) only.

    After a while a really active user had a file system that looked like swiss cheese
    from a security point of view.

    …AND THEN there were “guest” users, who had to have both a system password
    to get into the system (usually from either an institutional computer system
    (T- 1 or T – 3 connections) or with a modem or from a home stsyem. Their
    permissions to the systems were specifically set by the administrators when the
    “guest” account was set up using whatever the organizations general protocal for
    outside accounts called for.

    Up until the mid-1990’s home connections were intolerably slow.

    In the Cimategate 1 & 2 e-mails, I don’t see any hint of mail coming from or going
    to a “guest” user account.

    As Neal notes above, there’s lots of hints the Climategate material came from
    somewhere inside the CRU system.

  115. Anthony,

    I have read your update and can only repeat:

    If any THING must remain hidden, can that THING be good?? GK

    REPLY: Ask me please, “how are THINGS“? Go ahead, make my day. – Anthony

  116. An interesting post and I support giving Jones and JGR a heads-up because if something bad had happened (someone leaked work in progress to the public) it would only make WUWT look bad.

    But I don’t buy the disillusioned IT guy thing. Someone had an axe to grind. Someone was close enough to the science to see the fraud. Maybe it was someone on the inside – not a scientist as they can’t even buy groceries – but perhaps a technician or an associate who was given temporary access to a poorly secured server.

    But not an IT person. They are only 16-18 years old and carry a skate-board everywhere they go. Not malicious enough to carry this out so thoughtfully. Who would have predicted Climategate 2.0? Somebody out there is very patient. Like Gore’s ex-wife kind of person.

    You know what they say about revenge. Might as well dig two graves.

  117. Dave Me says:

    December 6, 2011 at 12:26 am

    “we know that “FOIA” whoever he/she is, knows enough to choose the kind of security that would not likely be cracked in any reasonable amount of time. This probably rules out script kiddies and students”

    Not really, they are likely to be more able than the IT staff. Also, it is not that difficult to encrypt a file and it does not take a genius to know that you need a long key.

    ==============================================================

    It’s the default encryption option in 7-zip. Lots of people use it instead of zip. I use it. It means nothing. Once you install 7-zip if you right click on a folder there’s an option to encrypt & compress.

  118. FYI – “the server of interest”

    This was given in the Muir Report as a backup mail server in the IT facility.

    It was probably just a single file for the CRU department and wasn’t even as much as a quick “in and out job” since the perp wouldn’t have had to even be on the premises all he’d need was remote login credentials. It was almost certainly an inside job but that doesn’t mean the perp was physically inside but rather just means he had credentials either because he was an insider or knew an insider who gave him a credential. The least likely thing is that this was some sort of break-in where normal security was defeated.

  119. Anthony, you did the right thing. The security hole was on JGR’s side by the sound of it, so I would have alerted them as well (or instead of) but it was the right thing to do either way.

    In regard to who the leaker might have been, there is no doubt in my mind that is was someone on the “inside” either working alone or in conjunction with others. There are a fair number of clues that are easy to spot that could help lead to the identity of at least one of those involved, but I’m not going to point anyone at them. If some day I get to say “I knew it!” that will be sufficient satisfaction for me, and I’ve no interest in seeing the person get caught. That said, there is one possibility that is being overlooked in regard to the encrypted emails themselves.

    It started to become common practice to encrypt backup tapes and data at rest (on disk) with encryption about 5 or 6 years ago. It has by no means become ubiquitous. The orghanizations most commonly moving to encryption, are ones that were “burned” by a major data loss incident.

    Given that the emails we can read end in 2009, and the rest are encrypted, the assumption that the balance of the emails also end in 2009 cannot be made, there is no evidence (that I am aware of) for this to be the case. FOIA has said (I’m going from memory) that the balance of the emails may some day be released, but not by him. Why would that be?

    If encryption practices were put into place sometime in 2009, it could very well be that FOIA did not release the balance of the emails because s/he couldn’t. We know that those emails are encrypted, that tells us NOTHING about WHO encrypted them. If the method of obtaining the emails themselves was still in place, but resulted in access to encrypted data only, it could well be that FOIA had no other choice to get them into the public domain and is simply hoping that someone else will break that encryption key.

  120. More Soylent Green! says:
    December 6, 2011 at 1:09 pm

    “Anthony, you did the right thing by alerting them to the security hole.”

    I found the active JGR passwords for Briffa, Jones, and someone else and passed them along to Anthony on August 23rd, the day before Anthony informed Jones and JGR. I wondered what he’d do with the information. I figured he’d do the right thing but it’s nice to know he did the right thing the very next day.

  121. Perhaps an interesting point to be made is that;

    If it was an IT staff, and the security of the servers was so woeful, surely it is the responsibility of the IT staff to make the servers more secure and to enforce better security throughout the network and users.

    This wasn’t done. So either the IT staff, who knew all about security and how to circumvent it, also didn’t upgrade it nor do his/her job, at all.

    This conclusion doesn’t quite ring true either.

    I’m going to with the idea of an undergrad on work experience, or a short term employee, perhaps a temp or contractor. Someone who knew all about security, somebody who found to his horror what scandal was being perpetrated, and who simply took a copy to be well considered later at his/her leisure.

  122. Eternal Optimist :
    ‘IwasWorkingInTheLabLateOneNightWhenMyEyesBeheldATerribleSight’

    Dang, now I’m going to have change my pass-phrase back to 7777! Seriously Email is not secure and any privacy is a courtesy, not an entitlement . If you are using an employer provided Email service, your email does not belong to you. You can’t control what happens to your email after you send it so if you wouldn’t put it on a billboard, don’t send it.

  123. Anthony,

    RE:

    REPLY: I was told in the reply from Phil Jones and from AGU that others had also been made aware of it, so I wasn’t the first. – Anthony

    You’ll recall several instances in the past where Steve McIntyre called to
    attention a few obvious errors in data and/or statistical methodology to
    the proper US agency’s attention.

    At the time he got a blatantly untrue “We already know about it.” as a
    response from those authorities.

    I think the same holds true of the “also been made aware of” line you got
    from Phil Jones/CRU.

    They’re basically telling you to go pound salt.

  124. The Lone Ranger: A fiery horse with the speed of light, a cloud of dust and a hearty ‘Hi-Yo Silver! Away!’ as he disappears into the sunset with his faithful Indian companion Tonto. The show ending with who was that masked man? I don’t know but I wanted to thank him. The best part is he was a Texas Ranger.
    Consider the willingness of scientists to cooperate with a political agenda, with reports on their research, to be used by legislators as a reason to bring life changing legislation, taxes and regulations to all of commerce and the public.

    Consider the intent of the global warming group, to silence argument and prevent research disproving their claims and that it is not only dishonest, but damaging to science, education and the public.

    The Artful Dodger in Dickens Oliver Twist is a pickpocket skilled in lifting valuables without detection and rushing away without notice.
    The emails expose the intent to cover tracks. The hope is that no one would notice the problem.

    The public has every right to expect exceptional behavior from those holding jobs that are exceptional by influence, knowledge and talent. We are in trouble when expectations are lower.

    The Lone Ranger concealed his identity, was fictional fighting for truth, justice and American way. Maybe that was Superman, who lived disguised as a mild mannered reporter but the question is which side of the email exposure best describes the admirable actions of these fictional comic book characters that has captured the interest and imagination of the public for so long? The person or persons involved in the release of the emails that revealed the problem have concealed their identity and for good reason, the uncertainty of the rules that apply.

    What moral code would you have your children follow, that of the fictional comic book hero or the artful dodger and those attempting to hide their work and calling it science. I doubt most parents with a little thought would want either as a guide for their children but it is worth the effort to help the next generation know the difference between right and wrong is not whether you get caught or not.

  125. A few comments here about them being the enemy. Dont show them any mercy. Who’s side are you on. Why tip them off etc

    I dont think it’s a question of winning or losing. I dont think it’s a question of us being right and them being wrong. I dont even think it’s a question of us and them
    we have to accept the possibility that we might be wrong. And on the road to that truth, we have to do the right thing

  126. “A full 26 per cent of them admit to using their privileged log in rights to look at confidential information they should not have had access to in the first place.”

    The key words there are: “admit to”.

    I’d wager that the percentage that actually do this is much higher.

  127. WKPD: “Nobel’s last will specified that his fortune be used to create a series of prizes for those who confer the “greatest benefit on mankind” in physics, ….”. So there you are: Nobel in Physics for FOIA!!!!!

  128. “UPDATE: Many people in comments think I’m doing something wrong by writing to Phil Jones and AGU/JGR. In Phil Jones reply to me, he wrote: A couple of other people sent me emails about this issue.”

    You did incriminate yourself by having accessed files, and trying to access the same files, you didn’t have the right to access. These days it can be illegal to access files you don’t have a right to access in EU, it pend on the country and how far they went implementing the EU directives. However, consider some states in the US, like Florida, they’re hard as* on any kind of “hacking”.

  129. Now that Anthony has opened cordial lines of communication with professor Doctor Mr Phil Jones from England, I think he should offer a fuller range of services. For money of course.

    IT security(closing loop holes) – $100
    Fairness and Respect(being professional) – $250
    Excel starter(how to do a trend) – $2.50

  130. 1DandyTroll;
    You did incriminate yourself by having accessed files, and trying to access the same files, you didn’t have the right to access.>>>

    Debatable at best. For starters, if the link including password were in an email, by whom was it sent, and to whom? For example, if the sender owned that account and sent his account link and password to someone else, he’d probably be in violation of JGR’s security policies which would have had to have been accepted on sign up. Further, the sharing of password information in clear text in an email is most likely also prohibited by JGR security policy (or should be) even if the sending of same was for a ligitimate purpose. Given that the links and passwords became public domain due to the release, any damage to JGR would be the resonsibility of those who improperly shared passwords and put them in clear text in emails.

    In other words, any damage to Phil Jones would be Phil Jones responsibility for not having followed the acceptable use policies he was supposed to. Any damage to JGR would fall first on Phil Jones for violating their security policies, and second on UEA for failing to safe guard the emails in the first place, and third on JGR for leaving the links and passwords up for long periods of time without demanding a change to the passwords, or better still deleting any access to those accounts altogether once the article was published and those accounts no longer of use for the purpose they were intended.

    Anthony has no more incriminated himself than had he found a sheet of paper on the street that, when read, turned out to be a top secret CIA document. Once in the public domain, it is public.

  131. I disagree with Anthony’s conclusion. I think that there are hundreds of thousands of people with the ability to break into CRU in 2009.

    I used to frequent a spam-fighting newsgroup years ago. A lot of spam came from compromised academic servers. The consensus in the newsgroup was that “security” was a joke in much of academia. If that was the case at UAE, I’m sure that hundreds of thousands of people around the planet, ranging from snotty-nosed-14-year-old kids to ordinary hobbyists like me to competent IT personnel could easily have broken into CRU from the outside, if they felt like it. I could rattle off a break-in scenario off the top of my head, but people would probably yell and scream about me giving bad guys ideas on how to break into systems, so I won’t.

  132. davidmhoffer says:
    “December 6, 2011 at 3:49 pm
    1DandyTroll;
    You did incriminate yourself by having accessed files, and trying to access the same files, you didn’t have the right to access.>>>”

    “Debatable at best.”

    It’s not debatable, since it is against the law to access files via the internet you don’t have the explicit right to access. A mitigating factor for the perpetrator is not knowing you have no right to access the files or the fact that the unconcerning hacker, i.e. average joe, knows f*ck all about the law, but in this case when a person is making sure to point out that the files are accessible to just about everyone, including the file owners supposed enemy, by the enemy’s own account, having so made sure, …

    If you know you shouldn’t access, you really shouldn’t access, unless you have a right to do so, however, just because someone tells you you have the right to do so doesn’t mean you actually a have legal right to do so, because the person saying you have a right to do so probably don’t have the right to authorize you to. It’s all in the fine print you know.

  133. davidmhoffer,

    “Anthony has no more incriminated himself than had he found a sheet of paper on the street that, when read, turned out to be a top secret CIA document. Once in the public domain, it is public.”

    Pending on the country you live in, the information is in the public domain, that does not mean that just because the information on how to access systems and files is on the internet, in the public domain, that you have the right to legally access those systems or files.

  134. Anthony, despite some protests, you took the ethical and honorable course. People can take many things from you, but only you can forfeit your integrity.

  135. REPLY: That’s quite an extrapolation. I don’t see angry protestors demanding “FOIA” be apprehended. Get a grip. If the Norfolk Police have stopped investigating (and all indications are that they have) I think the UEA probably doesn’t want to push the issue further. – Anthony

    You may be right. No angry protesters, certainly. And not a lot of police activity evident, either. But there are other parties involved, UEA being merely a for-hire entity. FOIA may have helped plug a hole that other people were planning to siphon a trillion dollars through. The stakes are huge and the players are very, very big, including the UN, and not benign. Remember those two men who, 4 months apart, “fell” to their deaths at a UN building in Vienna?

    http://www.ruthfullyyours.com/2009/10/25/second-nuclear-expert-falls-to-his-death-in-vienna/

  136. juanslayton says:
    December 6, 2011 at 4:35 pm
    Dandy,
    “I take it you haven’t read any of the e-mails (which you have no right to access)….”

    Oh, you’re ever trying to have so much fun on my expense. Sadly, for you, in my country, it is not especially illegal to read digital files, it is considered a nuances in my country still. ;-)

  137. “… lead me to speculate on a direction for a “whodunnit””
    “UPDATE: Many people in comments think I’m doing something wrong by writing to Phil Jones and AGU/JGR.”

    Forget helping the Global Cooling deniers with the possible identity of the “whodunnit”. There is only one good reason to identify the “whodunnit”.

    To give the “whodunnit” accolades and a large financial reward for bringing down the corrupt GW cabal. The “whodunit” has likely saved Taxpayers billions of dollars in wasted funding and saved Consumers (worldwide) trillions of dollars in bogus Carbon costs.

    As for the claims by the Global Cooling deniers and GW cabal that the “whodunnit” did wrong and should be arrested and punished —- hogwash! When someone sees the amount of corruption and wrong doing that was taking place behind GW cabal curtains, it is the person(s) responsibility to Blow the Whistle. People need to remember the GW cabal was Lying to humanity for power and profit, in one of the most despicable ways — using F.U.D.

  138. The best defence against corruption simply is to stay clean. And the best attitude in any conflict is to always be courteous to your opponent. It doesn’t show weakness, it shows strength.
    Being courteous isn’ the same as showing your cards or complying. It is a way to keep your own dignity and to keep an open channel to the other side, which is always a wise strategy in any conflict.
    For me this site is not about conflict, although a lot of fighting goes on here… :-) It is about science. Clearly science, although the rules of the game are well known and in themselves not too difficult to uphold, is a difficult trade, with many pitfalls around. Within the scientific process itself, within the scientist’s psyche and the culture of their organizations, because of the high status of science in society and the use and misuse of science in politics and commerce. It’s all here on WUWT to see and learn from.
    What is mankind’s new frontier right now? Is it space and going to Mars or discovering new planets around distant stars? Is it the exploration of the oceans? No, it is right on our doorstep. It is our weather, our climate as we experience it everyday. How does it work? Where does it go? What part do we humans play in it?
    These questions are extremely difficult to answer. I don’t think they are high on the international agenda because some clever individuals have hijacked them and provided all kinds of wrong answers for their own agenda. They are high on the agenda because in the end most people do want good answers to these questions.
    There may come a day mr. Gore c.s. will be remembered not for their foresight, not even for their clever manipulations of the public opinion, but for putting climate on the international agenda. So something good can come out of the “warmista’s” actions in the end. But it will be a long haul and a lot of effort. May WUWT be around for a long time to come!

  139. Jurgen says:
    December 6, 2011 at 5:22 pm
    “The best defence against corruption simply is to stay clean.”

    The real question is though, who decide’s who is clean? You, me, Mr Watts, Al Gore, …or whom?

  140. It turns out the UEA policy guidelines regarding email retention, deletion, and backup are actually on their site!

    http://www.uea.ac.uk/is/itregs/ictpolicies/File+and+email+restoration+policy

    This version is dated 10/10/11. Without knowing what previous versions looked like, we can nonetheless draw some important conclusions regarding how the central email system was run, and what may (or may not) have been done correctly in terms of servicing FOIA requests. I’ve cut out some of the more interesting policy statements (italics) and my comments follow.

    POLICY; File and email digital assets held on centrally-provided systems administered by ISD are regularly backed up to ensure service resumption following disaster in line with Disaster Recovery and Business Continuity (DR & BC) planning. End users of these systems are encouraged to delete items no longer required.

    COMMENT: From this we can surmise that email systems are (currently anyway) being backed up centrally. Note the last sentence about deleting items that are no longer “required” as it becomes important later.

    POLICY; (Staff only). Deletion of items should be in line with records retention schedules.

    COMMENT: There clearly exists a records retention policy, but this document does not spell out what it is. In general, a records retention policy should specific what can be deleted at any time, what must be deleted on a given schedule, and what must never be deleted.

    POLICY: (Staff only). Items subject to legal hold (for compliance purposes) should not be deleted.

    COMMENT: This is important. Legal hold means that if an FOIA request has been filed, and an email is subject to that FOIA request, it may NOT be deleted under ANY circumstance until the FOIA request has been dealt with. If Phil Jones et al deleted any email AFTER an FOIA request had been made that would otherwise have turned up that specific email….I don’t know about the U.K., but in the U.S. that is BIG trouble. Further, the onus seems to be on the end user to preserve the email. Again, without understanding the nuances of UK compliance law, that seems rather odd. In Canada and the US, once an FOIA request has been submitted, the IT department searches for the relevant emails and puts a “legal hold” on them that prevents them from being deleted…by ANYONE.

    POLICY: Once deleted, items may be held in a Deleted Items folder (e.g. Outlook for email) or Recycle Bin (e.g. Windows for files). A user can then choose to recover these items from the appropriate location should the item still be required, and the deletion was conducted in error.

    COMMENT: Anyone who read this ought to have known that “deleting” emails didn’t actually permanently erase them. Anyone who was the subject of an FOIA request, ought to have read this, and ought to have been directed to do so by the FOIA officer.

    POLICY: However, it should be noted that advice from the Information Commissioner’s Office (ICO) states that items which have been deleted but remain in a Deleted Items folder or a Recycle Bin are held by the Public Authority for the purposes of the Freedom of Information Act 2000 or Environmental Information Regulations 2004. This means they should be considered for release subject to a relevant request for information. However, when removed from these temporary deleted items stores, they are permanently deleted and no longer considered to be held.

    COMMENT: Again, anyone subject to an FOIA request ought to have been directed to read this, and ought to have known as a result that simply deleting their email did not exempt it from being accessed by an FOIA request. MORE IMPORTANTLY, provided this same policy was in place for an extended period of time, Phil Jones comment that he had provided David Palmer all the relevant emails based on a search from Eudora (his email client) would have been a violation of the stated Freedom of Information Act 2000 because the UEA would have been legally required to also search all deleted email that they still held and Phil Jones did not. Given that the act was in place since 2000, even if the policy hadn’t been publicly disseminated, the FOIA officer would have been responsible for this, and accepting Phil Jones assertion that he’d provided “all” the correspondence without also asking IT for a search of any deleted email would be a serious breach of compliance policy and possibly the law.

    POLICY: On occasions when files have been deleted permanently in error, end users may recover their own files via snapshot backups operating on centrally managed filestore. Snapshots can be used to recover files up to seven days after deletion. Beyond this period, ISD will not offer a service to aid their restoration.

    COMMENT: While this policy applies to files rather than email, it suggests that the central IT department is in fact making on disk snapshots of data, and there is no reason to believe that email would be any different. Assuming that is correct, even email deleted by the end user the moment it was sent (combined with retaining deleted email in deleted folders) would ensure that even an email deleted seconds after it was sent would still wind up being held for at least 7 days, and hence it would also be backed up by the tape backup system. While IT seems to consider this “permanently” deleted after 7 days, with no responsibility on their part to restore it, unless they also delete it from their backup tapes (a very difficult thing to do) the files and any emails subject to the same retention policy would absolutely exist on tape backup. Again, not knowing the nuances of UK compliance law, I do not know if that makes them discoverable via FOIA requests. In Canada and the US, it certainly would.

    POLICY: Under exceptional circumstances, for example to support security investigations, ISD can be called upon to attempt to recover files.

    COMMENT: A tacit admission that they can probably recover pretty much anything if under the gun, just they’d prefer not to unless it is uber important. BUT, the files are most likely on tape backup based on this policy statement. So… to catch a hacker, they could restore files, but not for an FOIA request!

    CLARIFICATION: The policy document contains a link to another document that discusses what can be “held” or subject to an FOIA request, including it being on backup tapes.

    http://www.ico.gov.uk/foikb/PolicyLines/FOIPolicyDeletedelectronicinformation.htm
    The relevant paragraph reads:

    The Tribunal found in Harper that information on backup media can be held and the Section 46 Code of Practice (records management) says that “A record cannot be considered to have been completely destroyed until all copies, including back-up copies, have been destroyed, if there is a possibility that the data could be recovered”. However, the ICO takes the view that in general information on backup will not be held for the purposes of the Act as the public authority will have no use for it otherwise than where it is required after data loss.

    COMMENT: That’s a bit vague for my liking, but it sounds like a huge get out of jail free card. Even though the email exists in the backup system, and may be evidence of criminal conduct, it cannot be discovered by an FOIA request UNLESS is was deleted in error in the first place. So, if Phil Jones deleted email to keep it from being discovered by an FOIA request, and did so prior to the FOIA request being filed, which in turn was at least 7 days or more after Phil Jones deleted it, then it would exist on tape backup, but would NOT be subject to FOIA.

  141. davidmhoffer says: December 6, 2011 at 1:42 pm

    Anthony, you did the right thing. The security hole was on JGR’s side by the sound of it, so I would have alerted them as well (or instead of) but it was the right thing to do either way.

    I agree, wholeheartedly.

    That said, there is one possibility that is being overlooked in regard to the encrypted emails themselves.
    […]
    Given that the emails we can read end in 2009, and the rest are encrypted, the assumption that the balance of the emails also end in 2009 cannot be made, there is no evidence (that I am aware of) for this to be the case. FOIA has said (I’m going from memory) that the balance of the emails may some day be released, but not by him. Why would that be?

    While I agree that there’s no certainty (and it could just be that your memory has temporarily faiied you!), if we take FOIA (whom I prefer to call The Saint) at her/his words (which, I believe, s/he chose quite carefully), consider the following relevant parts of the accompanying messages (bolding is mine -hro)

    FOI2009:

    We hereby release a random selection of correspondence, code, and documents.

    FOIA2011:

    Today’s decisions should be based on all the information we can get, not on hiding the decline.

    This archive contains some 5.000 emails picked from keyword searches. […]

    The rest, some 220.000, are encrypted for various reasons. We are not planning to publicly release the passphrase.

    Consider, as well, that a year ago, Nature‘s David Adam reported that:

    Jones and others connected to the CRU fear the hackers may be sitting on more stolen e-mails, […]

    This suggests to me that (Muir Russell’s findings and “evidence” notwithstanding) UEA/CRU have long been well aware that there could be more coming!

    I realize that this doesn’t refute your theory, but, IMHO, it does offer an alternative way of looking at the bigger picture. For those who are interested, I do have some additional speculations pertaining to FOIA and timing (past, present and possible future) in the context of other (you should pardon the expression) anomalies:

    Climategate: Of thumbnails, big pictures and timing

  142. Something to ponder…..

    Today most of us all use email and instant messaging of one sort or another. Every bit of data that is sent from any computer world wide is trafficked through one of many server farms both public and private. Everything you send out is on a server somewhere in the world.

    And all my kids ask me why i dont have a Facebook or My Yearbook… The US government has five strategically placed server farms for listening to US citizenry here in the states. No telling how many they have world wide for other purposes.. When is big brother too big?

    Kudos Anthony for having the honorable fortitude to do “what was right”

    Bill

  143. After reading many comments on many sites like this great one by Mr. Watts I have a couple of thoughts I have not seen though I have not read all comments so this could be redundant.
    First and foremost I want to thanks Mr./Mrs. FOIA from here on referred to as “The Saint”.
    Also – I find the two releases (CG1 and CG2) to be a bit different in a way that might have some purpose (known only to the emailers and the “The Saint” and not the public) although I have not been able to read every email from both releases so my comments stems more from sites like this one and may miss the mark.
    The first releases seems considerable milder compared to CG2 based on the context released in this latest effort. The first release seemed more targeted implicating mostly the researchers themselves and the games they were playing either with the data or the suppression of skeptical research. It was still very incriminating and based on that information you would have thought the propaganda would have subsided. Maybe to some degree it did over the last couple of years. We did not get a grand agreement in Copenhagen or last year in Cancun and that in and of itself might have been a goal of The Saint, to squash global agreements and put others on notice.
    But what has continued since CG1 is a relentless push to further the goals of the teams cause as well as working towards other means to their ends.
    Now we have a second batch which clearly went to the next level. These emails have much more context and threads that can be followed to a logical end. It seems to me very unlikely these emails were pulled randomly. Maybe some were but there are too many that allow a complete analysis on specific points. These emails totally wiped out the idea that there was a consensus in the scientific community which has continued to be pushed I would argue harder than before CG1. I find that point alone very interesting as I do not remember CG1 showing so much internal debate.
    Finally, this distribution implicates everybody from the CRU and other Universities to Governments, NGO’s, major publications and their authors and clearly shows this was purely a political ideology not science. I do not remember the first set being so sweeping in who was implicated. Yet even by implicating everyone, The Saint was careful as to keep the focus on the original subjects, Mann, Jones, Wigley, and others while scratching the surface on those other players. This tells me The Saint took time in this release.
    My hypothesis –
    The CG1 release was a warning to the scientist to clean up your act since you know what I (The Saint) have and how much worse this could be and a warning to governments that they might have a problem if they move on what we now know to be made up science. (I just do not understand why CG1 did not include more of the internal debate and doubts by many inside the AGW science as well as the sniping that we see in this release CG2 as well as the connections unless he had a plan predicated on outcomes?)
    The CG2 release was a careful and methodical release with very specific objectives. It is very bad for the scientist and a warning to the Governments, NGO’s, publications, and other interested parties that may have much more to lose in the remaining emails. Is there any doubt that these emails will not connect even more dots implicate even more parties. I would like to know but is the public ready to know the full story?
    The Saint could be just an honest broker tired of the lies and smart enough to know that in this case to much information could be dangerous not just himself but to a far larger audience.

  144. There really, REALLY shouldn’t be a need for FOIA. All those emails and all the data behind their studies, papers, algorithms, etc, should be completely open source and available to all 7+ billion people that will be impacted by their clandestine actions–even (oh, heaven forbid!) to those that might try to find something wrong with their interpretations!

    Where the attention should REALLY be placed is on the “climate scientists” (a completely disparaging term) that have perpetrated what they hoped would be the biggest scam on the world’s population. And all for filthy lucre.

    Forget FOIA–concentrate on exposing “The Team” and “The Cause”!

  145. 1DandyTroll;
    Pending on the country you live in, the information is in the public domain, that does not mean that just because the information on how to access systems and files is on the internet, in the public domain, that you have the right to legally access those systems or files.>>>

    Nyet. The link is just a link, and until you follow it, you don’t actually know what is in it. The fact that is was in an email (now public domain) in clear text (contravention most likely of security policy at both UEA and JGR) and which Anthony has no legal obligation to enforce since he is not subject to the rules of either organization and as a consequence would not be privy to their policies, and hence has no way of knowing if the link leads to confidential information….or not.

    If Anthony followed the long, and the web site page opened with a confidentiality warning, then Anthony MIGHT be bound by it…at that point. Try and “prove” that he did anything but test the link! He could even test links on the front page to see if they worked or not, its all just testing of links you see. That doesn’t mean he read a thing, just zipped through looking for something clickable. In the US, even if he did read it, he can’t be compelled to testify against himself, so unless he read it out loud to his wife…no, she can’t be compelled to testify against her husband…OK, to his dog. The prosecutor could depose his dog.

    Incriminated himself? LOL, no prosecutor would even take a shot.

  146. Now here is something that could be very innocent…. but it sure sounds odd. In wandering around UEA’s web site where they publish IT policies, documentation etc, they have a section on infrastructure. Goodie says I to myself, hopefully they have info on what their backup system is, retention policies, off site tape procedures….no such luck. But…

    http://www.uea.ac.uk/is/cis/infrastructure

    What the heck is a “single point of truth database” ?!?

    That link requires a username and password to access. Goshg, it may be completely innocent, but… a single point of truth database? What the heck is that? And why is it the only link in the list that requires a username and password?

    How curious.

  147. hro001;
    I realize that this doesn’t refute your theory, but, IMHO, it does offer an alternative way of looking at the bigger picture.>>>

    All good points! For what it is worth, I wasn’t intending that my remarks should be taken as a theory. Just as I did in the main article I wrote (see link in Anthony’s intro above) my intention was not to say “here’s what I think happened” but to explain the basics of how the various systems worked and from there what the possibilities were.

    As John commented further downthread, the “style” of the release seems rather different from CG1 to CG2. I also note the use of the word “we” in the test you quoted, indicating that potentially more than one person is involved. Either that or the culprit is the Queen?

  148. davidmhoffer says:
    December 6, 2011 at 6:48 pm


    What the heck is a “single point of truth database” ?!?

    That link requires a username and password to access. Goshg, it may be completely innocent, but… a single point of truth database? What the heck is that? And why is it the only link in the list that requires a username and password?

    How curious.

    I’m guessing it requires a username and password because they don’t want anybody but authorized persons to see their version of “the truth”.

  149. What the heck is a “single point of truth database” ?!?>>>

    Upon doing a bit more digging. it sounds like SPOT is their name for their central authentication directory. Poor choice of naming in my opinion, but that’s sorta what a driectory is in IT, a central repository for who has access to what and when and why.

  150. As a long term IT professional and long time lurker here is my 2 cents worth:

    7ZIp is rarely used by the general public they use the built in Windows compression or WinZIP directly. Those with more IT exposure use WinRAR because it covers just about all compression technologies from TAR balls to 7ZIP. Those who use 7ZIP directly are generally fringe IT people or Open Sourcers but not all. It does indicate someone with close links to IT and at least some experience. Those in the industry know that 128 and 256 levels of encryption are breakable. Those with better sources will know that 512 is also breakable with the right resources so we are not dealing with a security specialist -or- they are locked into whatever level of encryption 7ZIP provides. The contents could also be further encrypted (I’ve done it) and thus negating the previous observations.

    Either way like many above I applaud the individual for getting the information out. Much of it was retrieved from a public server so hardly a hacking exercise, rather a whistle blower who should be supported rather than vilified as some have done.

    I read a letter in our local paper today parroting the 3mm sea level rises. With the amount of satellite data analysis available point out that is not happening you’d think they would have been bother to check what has happened since the IPCC came out with that figure. Too bad more AGW Believers don’t take more advantage of public domain and read some of the latest papers or for that matter anything not found in the Summary Report for Politicians (sic).

  151. Whoever FOIA may be, they are not likely to be caught.

    Reason: The government does not really want to. For if the culprit(s) is apprehended some kind of charge will need to be filed. That is likely to produce a public “trial of the century” in which the advocates will characterize them as the worst criminal since Jack the Ripper, while the skeptics will elevate them to the hero of the age. This is the last thing the UK gov wants.

  152. Having supported public sector IT and then also in private enterprise, i can say that both environments generally suffer from narrow subject mater experts with no time for the “details”;-) Very intelligent people sometimes lac sense and reason. OMG I’m reliving every dead end infrastructure design argument………

    “single point of truth database” is probably very benign. Its common in large enterprise environments (too many chiefs!) to have multiple disparate locations or duplicated infrastructure information, thus you then have to manage at another layer and have an aggregate location that is considered ultimately authoritative. This being on the DBS page is probably some sort of DB/table data lookup that translates the many TBytes of DB and million row tables with arcane names and fields into something recognizable by someone other than the person who made it.

  153. Noblesse Oblige says:
    December 6, 2011 at 7:43 pm
    Whoever FOIA may be, they are not likely to be caught. >>>

    Caught? No, they won’t be caught.
    Trotted out some day at a press conference to announce the tell all book contract, the movie to follow, and explain their $1 million appearance fee to any news outlets that want to interview them.

    Whoever this person or person is, they’re sure drawing things out and building the suspense…

  154. David Ball says:
    December 6, 2011 at 7:55 pm
    If they admit it is a leak, that would be the end for funding.>>>

    Ya know, a forensic IT audit proving exactly who “did it” is really tough to do. But…

    Proving that it was or was not an outside hacker isn’t that hard to do.
    There’s little doubt in my mind that this was an inside job. Someone know how to do an FOIA request for their firewall and server logs? An insider can sweep for fingerprints, an outsider cannot. If there’s no activity in the logs that supports an outside hacker theory, then certainty is as close to 100% as one will ever get on the matter.

  155. Working in the I.T. industry I could assure you that the moral fibre and calibre of the people are of the utmost quality. They take the utmost care to protect data from being lost, corrupted or being seen or used by those not authorised. A paramount quality of all those in the IT sector is that they will never make use of the data of their employer or their customers for personal gain. A pervasive and prevalent strength of selfless character in enjoyed in the industry; to perceive the trust in having the information as being an ample bonus above a meagre salary.

    I could. I could be wrong.

    I should tell you that the white collar crime investigation unit here in Western Australia provided some important insight some (many) years ago to a local goup of Unix users; that about 90% of the people will do something that they know is wrong; as long as they believe that they’ll get away with it. Some 8% don’t even consider getting caught as dissuasion. Less than 2% can be trusted to always do the right thing.

  156. Anthony
    Once you became aware of the nature of these breaches, you really didn’t have much choice but to do the right thing and inform them. Their thanks and appreciation (or more likely lack of it), or that they may not have done the same thing for you is irrelevant.
    Good on you mate! – as we Aussies say.

  157. “FOIA has said (I’m going from memory) that the balance of the emails may some day be released, but not by him. Why would that be?”

    Because he expects that his deadman switch will “release them” by revealing the passcode under predetermined circumstances. .

  158. I don’t really care whether Anthony tips off Jones and some journals about their breached security. That’s up to him and was IMO probably the right thing to do.

    But I am appalled at the number of boneheads who have dived into the game ‘let’s work out who the leaker is’ on this thread.
    If it weren’t so distasteful it would be quite amusing reading all the soi disant IT experts helpfully opining with great certitude about FOIA.

    Sophia’s parallel to the behaviour of Colonel Nicholson in the movie Bridge on the River Kwai was brilliant and summed up the situation on this thread perfectly.

    The police seem to have dropped the investigation into C1? Well then, let sleeping dogs lie.

    FOIA, for whatever reasons, wants anonymity. He/she deserves the gratitude of every person interested in climate change policy, warmist and skeptics alike.
    Just imagine where skeptics would be now, if the two climategates had never happened.

    He/she should be thanked, not exposed.

  159. Anthony

    It would be worth checking to see if UEA (and other organisations linked to climategate) have installed Symantec Enterprise Vault. This is an add-on for email systems that automatically archives email after a set period, thus reducing the size of mailboxes.

    However, it can operate in two modes. Most big organisations have installed it since the Sarbanes-Oxley Act came into force. The first mode is plain old archiving – if you haven’t read an email for say a month, off it goes to the archive. You can quickly retrieve it, but your mailbox bloat is reduced.

    Mode two is “journaling”. In journal mode, every incoming and outgoing email is copied to a massive central store (called a journal funnily enough) before it even gets to the users inbox. Doesn’t matter if they instantly delete it – the journal has a copy. And not even the Admins can break into it to delete the journalled copy. However, if you have the right Vault tools installed, you can search it to your heart’s content – very useful for lawsuits.

    If the UEA and other universities have it installed, they have no excuse for failing to comply with FOI requests. None at all. The email is all there, and it’s all readily (and cheaply) searchable.

  160. 1DandyTroll says:
    December 6, 2011 at 6:00 pm
    “The real question is though, who decide’s who is clean? You, me, Mr Watts, Al Gore, …or whom?”

    A valid question. Corruption can also be in your own mind, so the place to start is your own conscience. And then in science there is transparency and open discussion for safeguards :-)

  161. Seems to me, the easiest way to protect Mr FOIA ( or miss-missis) is for eveyone to claim tis they wot done it. :)

  162. I would just to remind everyone of a point that was made previously on this site, i.e. the two releases of emails thus far show lots of “sideways” emails. By this I mean that they are to and from many of the major “players” – but there are few “upwards”, or “outwards” emails.

    Surely there are “upwards” emails from “players” to their bosses discussing, stance, policy, tactics, etc? Surely there are “outwards” communications with government ministers? Emails, to journals, the BBC, MSM?

    Is it conceivable that FOIA found nothing that was worthy of being released?

    Could a C3.0 release perhaps include such examples? What might they say?

    Whether FOIA is hacker or a leaker is open to debate – I am pretty sure though that he is quite smart! 2 years after C1.0, no one has a clue to his/her identity. He was able to repeat another “release” of valuable data to the world under the gaze of the police – and has still not been caught.

    To release the balance of the emails requires no further risk other than an email, a text, a snail mail letter, etc that includes the password.to the remaining files.

  163. boy on a bike says:
    December 7, 2011 at 2:43 am
    Anthony
    It would be worth checking to see if UEA (and other organisations linked to climategate) have installed Symantec Enterprise Vault.>>>

    There are several products on the market that are similar. Having gone through the documentation on the UEA web site as regards their retention and recovery policies for deleted email and files, it is clear to me that Symantec EV or similar was not in place.

  164. The prosecutor could depose his dog.

    It’s important that the family dog NEVER be apprised of such possibility; don’t be fooled by that wagging tail …

  165. I have read the update and agree with Anthony’s comment.
    I once held the title of “Chief Technician Department of Computer Science” for a couple of years in a university and can confirm the people in charge are not stupid. They might be out of their depth at times but usually catch on fast. So I doubt anything Anthony said was new, but my guess is this stable door will be securely bolted by now.
    I also think “The Saint” has everything she/he needs in the encrypted release so as not to jeopardise his/her current position with questionable activities, that is assuming she/he has not already moved to pastures new, but even that would be a pointer, so I guess again “The Saint” has now become “The Invisible Man”. :-)

  166. The life and work of math genius John Nash was portrayed in A Beautiful Mind by Sylvia Nasar. The book inadvertently reveals the inflated egos, back stabbing, and nastiness that perculates just below the surface in our academic institutions; especially where research and research grants are involved. Imagine yourself in Dr. Jones’ Birkenstocks for a moment, as you survey the smoking ruin of what was supposed to be your life’s work. I don’t have enough knowledge about the issues to judge whether Anthony did the right thing or not but I can speculate what Dr. Jones muttered to himself when he read Anthony’s message. It probably went something like: “screw him AND the noble steed he just rode in on”

    • inflated egos, back stabbing, and nastiness that perculates just below the surface in our academic institutions; especially where research and research grants are involved.

      Read anything to do with the scholarly work on the “Dead Sea Scrolls” if you want another example. The parallels are eerie: a small cadre won’t allow “outsiders” even look at the Scrolls, and attack anyone who publishes anything that disagrees with them. Then, after decades of this, er, “science”, a computer program was used to reconstruct the unpublished texts. After that breakthrough, the Huntington Library allowed unrestricted access to the their full set of photographs of the scrolls.

      Oh, wait, that last part hasn’t happened with climate science. Yet.

      Or, if you want another example of “Protect the Paradigm at All Costs”, look up what happened to Tom Dillehay when he saw something that happened in practice not fitting what was supposed to happen in theory. Don’t you hate it when that happens?

  167. FINDING THE “HACKER” WILL BRING HE/SHE INTO THE SPOTLIGHT.CLEARLY THE “HACKER” KNOWS MUCH MORE ABOUT UEA AND THE PLOTTERS. THIS WOULD HAVE TO COME INTO THE PUBLIC VIEW,BLOWING CLIMATE WARMING UP!

  168. Mike M says:
    December 7, 2011 at 5:20 am
    The prosecutor could depose his dog.
    It’s important that the family dog NEVER be apprised of such possibility; don’t be fooled by that wagging tail …>>>

    Uhm… are you protecting the dog? Or the prosecutor? ;-)

    Oooh, what a great opportunity!

    Prosecutor: Does your dog bite?
    Anthony: No.
    Dog: CHOMP!
    Prosecutor: Ouch! I thought you said your dog didn’t bite?
    Anthony: It doesn’t. This is my neighbour’s dog.

  169. You’re all misguided about who (or what) FOIA is.
    The server location should give you a clue. (A double blind)
    Stolen by a compromised employee…
    Passed on to Mother Russia.
    To deal a death blow to AGW and especially Carbon Trading/Offsets et al.
    When you get a LOT of money from selling oil and gas, you get very protective.

    Or maybe it was someone in the Middle East………….
    (fiction mode OFF)

  170. Anthony:

    Thankyou for sharing this with us, and congratulations on your having done the ‘right thing’.

    I am shocked at some of the above comments. The Team are extremely nefarious and their machinations need to be opposed, but we lower ourselves to their level if we adopt their methods. And failure to point out the breach of AGU/JGR security would have been adoption of their methods; viz. doing whatever is expedient instead of what is right.

    Richard

  171. I think we all wish FOIA well.

    So WTF are we doing here brainstorming ideas to profile them?

    The massed insight here on WUWT must totally outweigh that of the Norfolk fuzz. You can be sure they are adding every post here to the “leads to follow up” file.

    REPLY: Not likely, I have information that they have no interest in pursuing the case further. – Anthony

  172. Not just IT staff but anyone with access to the backup tapes, which could be stored offsite in a data repository with staff and temporary staff.

    Odd things can happen to such tapes, even in an installation with supposedly tight security, for instance, they can be thrown into wastepaper baskets and picked up by anyone. In the UK we’ve had incidents of DVDs with confidential data held by the government being lost and no one knowing where they ended up.

    I don’t think it’s particularly helpful to guess at the identity of FOIA.

  173. Well there are actually some emails that have connections to the “higher” echelons, for example,
    #2907 is from Tony Blair to Mike Hulme, (dear colleague)….

    #2965 where Mike Hulme is invited to the House of Lords to -“meet you and
    hear some of your ideas for the future of the Tyndall Centre and how it can
    support UK science and policy on climate change.”

    Id guess in the 7.zip there will be some juicier stuff than those though.

  174. David M. Hoffer said: Given that the emails we can read end in 2009, and the rest are encrypted, the assumption that the balance of the emails also end in 2009 cannot be made, there is no evidence (that I am aware of) for this to be the case.

    I would take this as evidence: the original release contained TXT files numbered with Unix date stamps.

    For FOIA 2009, 1258053464 translates to Thursday, November 12th 2009, 19:17:44 (GMT).
    For FOIA 2011, 1258124051 translates to Friday, November 13th 2009, 14:54:11 (GMT)
    (this file is in the encrypted batch)

    Unless the file numbering is intentional misdirection, I’d think it’s obvious that the dates encompassed by each release are about the same.

  175. If they caught him/her they would have a big problem taking him/her to court. He/she has already outlined why he/she released the emails. She thinks the behavior of the scientists is criminal and killing people. So any court case would revolve around whether she was justified to think that way. They would be massacred, and the rest of the emails would by then have been released.

    I think they are not likely to put a lot of effort into finding her.

  176. Jurgen says:
    “December 7, 2011 at 2:56 am
    1DandyTroll says:
    December 6, 2011 at 6:00 pm
    “The real question is though, who decide’s who is clean? You, me, Mr Watts, Al Gore, …or whom?”

    A valid question. Corruption can also be in your own mind, so the place to start is your own conscience. And then in science there is transparency and open discussion for safeguards :-)”

    But to decide if your mind is corrupt you have to use somebody else’s blueprint for not being corrupt thereby negating your own mental safety guards called the trust. But why would you think your mind is corrupt? :-()

    And transparency does not exist in climatological science for outsiders, and that is its safeguard against scrutiny. :p

  177. davidmhoffer says:
    December 6, 2011 at 6:42 pm
    “1DandyTroll;
Pending on the country you live in, the information is in the public domain, that does not mean that just because the information on how to access systems and files is on the internet, in the public domain, that you have the right to legally access those systems or files.>>>

    Nyet. The link is just a link, and until you follow it, you don’t actually know what is in it.”

    You mean to say that:

    “I’ve tested again tonight and the live link fails now.”

    Does not imply that Mr Watts did not succeed before?

    Don’t make a fool of yourself. EU law clearly dictates what is legal to access and what is not, our eurocrats are funny that way with details, which is why the media industry keep having problem enforcing the law against potential copyright infringers. You are not allowed to try and access a file if you don’t have the right to do so, period. It is no different than people not having the right to open a door to your home unless they have a right to do so, and what ever files that is on the kitchen table that they did not read is beside the point.

    And if you have missed it, since a few years back, in EU, it is in fact illegal to link to illegal information. You should do some more reading, lol. :p

  178. davidmhoffer says:
    December 6, 2011 at 8:12 pm
    “David Ball says:
December 6, 2011 at 7:55 pm
If they admit it is a leak, that would be the end for funding.>>>

    Ya know, a forensic IT audit proving exactly who “did it” is really tough to do. But…”

    That is actually the easy part, the hard part is getting the organization to disclose the information to the public even when they have a legal obligation to do so. Most organization don’t wont the rest of the world to know they’ve been hacked, especially by a hack, because it is tremendously embarrassing and, usually, cost a shit load of cash in the end.

    If you want a point and click solution you can get a forensic suit for $995. Otherwise there’s a bunch of open source and gnu tools to use, for free no less.

    It’s ironic really, but back in the digital stone age “forensic IT audit” was just called common system maintenance, then came the shortage of money… :-()

  179. Anthony, you have lost the plot entirely.
    Your letter sounds like a cringing ‘can’t we be friends?’
    And it is claptrap to talk of morality in this case. Neither you nor any other person has a moral obligation to point out that their security sucks.

  180. Lucy Skywalker says on December 6, 2011 at 3:52 am:
    “Thank you Anthony for your high integrity and courtesy in handling this issue. ——————————————–. But the corruption of Science we’ve seen in Climate Science is not the only deep issue. If we look at the founders of Science, we see ——– Kepler — Newton —- so I won’t even name the most obvious of them – but nevertheless, I cannot discount the possibility of the miraculous, in ——-“
    =======
    I too can only thank, and praise Anthony for the way he is handling, not only just this issue, but all the issues he does handle here on his blog. – (After all he has not barred me yet – even though I am a complete, as Ira Glickstein calls it, “Disbeliever”)

    But Lucy, why not include the man who has been misquoted by Tyndall and has also been misunderstood by Arrhenius to give us what is quite frankly “the most illogical” theory of them all, i.e. the modern version of “The Greenhouse Effect” (GHE) or should I say versions as I have seen multiple explanations for how different people perceive this well funded GHE.

    Jean Baptiste Joseph Fourier produced, in 1824, a scientific paper in which he explained his findings on why the atmospheric temperature is what it is.

    In Fourier (1824) we can read:
    “La chaleur du soleil arrivant à l’état de lumière, possède la propriété de pénétrer les substances solides ou liquides diaphanes , et la perd presqu’entièrement lorsqu’elle s’est convertie, par sa communication aux corps terrestres, en chaleur rayonnante obscure.
    Cette distinction de la chaleur lumineuse et de la chaleur obscure explique l’élévation de température causée par les corps transparens. La masse des eaux qui couvrent une grande partie du globe, et les glaces polaires opposent moins d’obstacle à la chaleur lumineuse affluente qu’à la chaleur obscure, qui retourne en sens contraire dans l’espace extérieur. “

    For those who cannot read French, it has been translated by Burgess (1837) and reads as follows:

    “The heat of the sun, coming in the form of light, possesses the property of penetrating transparent solids or liquids, and loses this property entirely, when by communication with terrestrial bodies, it is turned into heat radiating without light.
    This distinction of luminous and non-luminous heat, explains the elevation of temperature caused by transparent bodies. The mass of waters which cover a great part of the globe, and the ice of the polar regions, oppose a less obstacle to the admission of luminous heat, than to the heat without light, which returns in a contrary direction to – [Fourier (1824, p. 141) – open space.”

    So, if “heat radiating without light.” is today’s LWIR (Long Wave Infra Red) radiation, then LWIR cannot penetrate the Atmosphere at all – and ——, well? – As Fourier said elsewhere: “For the Atmosphere to be anything like the glass of a hotbox, such as the experimental apparatus of de Sassure (1779), the air would have to solidify while conserving its optical properties.” (Fourier 1827 p 586}

  181. Jim:

    At December 7, 2011 at 3:47 pm you say to Anthony;

    “And it is claptrap to talk of morality in this case. Neither you nor any other person has a moral obligation to point out that their security sucks.”

    Sorry, but you seem to not understand the difference between morality and ethics.

    Ethics are the rules for proper conduct applied by a society upon its members.
    Morals are the rules for proper conducted applied by person upon him/herself.

    Anthony made a moral judgement that informing some people they had a problem was proper although there was no ethical reason for him to inform them.

    In my opinion this demonstrates the high moral principles that govern Anthony’s behaviour. And I applaud it.

    Richard

  182. I think everyone is missing the genius in what Mr. Watts did.

    Phil Jones thoughts when he received Watts’ e-mail would have had to have been “My God. . . . he knows everything we’ve had on our servers for the last ten years. . . . and right now he’s just toying with us with this “friendly warning” to hide some sensitive links. . . . . ”

    The message that Anthony sent was “All Your Base are belong to us”!!!

  183. 1DandyTroll;
    If you want a point and click solution you can get a forensic suit for $995. Otherwise there’s a bunch of open source and gnu tools to use, for free no less.>>>

    I can sell you a tool set just as usefull for $500. Half price dude! How many you want?

    There’s no such thing as a forensic tool set that you can just run and it tells you who dunnit.

    Consider, for example, the guy who picks up the backup tapes to take them off site for storage. He makes a pit stop somewhere, copies the tapes, then then brings the originals to the storage facility. Electronic finger prints = 0

    Example2. A server log shows that Phil Jones logged in, downloaded a bunch of email and copied it to a usb drive. Do you know how many tools you need to discover that? None. If the server logging is turned on, its on. If its turned off, there’s be zero record, but let’s assume that it was turned on, and that’s what the log says. OK, so that’s proof Phil dunnit, right?

    Wrong. That’s proof that someone with Phil’s username and password dunnit. You gotta check where Phil was that time and day. If Phil was on a flight to Cancun…Phil didn’t do it. Someone with his username and password did. Well…maybe Phil did it after all. What operating system is the server running, and what security precautions are enabled to prevent someone from editing the log? Maybe Phil did it after all, but he actually had admin rights, edited the log to show a different time to give himself an alibi. Or maybe it was the sys admin in the first place, and he was trying to frame Phil and didn’t know Phil was going to Cancun that night.

    These things are WAY more complicated that just buy a tool. The tool just collects info, you still need a human sleuth to put it all together.

    I’ve nailed a few hackers over the years, and the dumbest things will trip them up. Once, I was sure someone was tampering with a server, but the log files were clean as a whistle. So, I ran a printer cable from the back of the server through a wall to a line printer in another room. I set it to echo every key stroke from the log files. The next morning I had a paper output showing exactly how the guy had been doing it because while he could alter the log files, he couldn’t alter what had already been printed on the printer, he didn’t even know there WAS a printer. From there it was about an hour to identify the culprit.

  184. 1DandyTroll;
    “I’ve tested again tonight and the live link fails now.”
    Does not imply that Mr Watts did not succeed before?>>>

    It matters not one wit how many times he clicked on the link and succeeded. It means he tested the link and it operated properly. that says nothing about what he read or didn’t read.

    1DandyTroll;
    Don’t make a fool of yourself. EU law clearly dictates what is legal to access and what is not>>>

    I’ll take your word for it. The thing that maybe you might have missed is that Anthony lives in the United States of America, and is not subject to EU law. Nor are crimes of this sort an extradictable offense. Even if he were to take a trip to the EU and be arrested there, his lawyer would argue that the EU does not have jurisdiction over actions taken in another country where those actions are legal, and he’d win on that point, hands down.

    Any other things I made a fool of myself on that I can straighten out for you?

  185. JonasM;
    I would take this as evidence: the original release contained TXT files numbered with Unix date stamps.
    For FOIA 2009, 1258053464 translates to Thursday, November 12th 2009, 19:17:44 (GMT).
    For FOIA 2011, 1258124051 translates to Friday, November 13th 2009, 14:54:11 (GMT)
    (this file is in the encrypted batch)>>>

    Sorry, almost missed you comment. By “first” batch, do you mean CG1? Or something else? I’m also a bit confused about the txt files you say were in the encrypted batch. Are you saying the time stamps are not encrypted? (I’ve not looked at them myself)

  186. Whodunit? Sources tell me that it is a mole planted deep in the team network who has gone beyond the call of duty in maintaining his cover–James Hansen.

  187. Whodunit? Somebody dunit. Thank you!

    Anthony shows moral and ethical integrity and tells ol’ Phil. Phil snaps from his wakeup call on CG 2.0 and realizes that he may have been open for all his computer secrets for years past and looses sleep. Ol’ Mann realizes ol’ Phil may have let the ‘cat out of the bag’ and now looses sleep. Someone else may then loose sleep until the wide eyed players have wider eyes. Nothing like lying when someone is dropping hints that it is game over. To lie or not to lie. Psychosis?

    Maybe just a fleeting hope/dream on my part, but who knows. Whodunit, maybe somebody dunit. Anyway, somebody done did a good job.

  188. How about one of the inner circle having serious and nagging regrets and deciding it was time to stop or at least to try and slow the runaway global warming freight train that he helped create. How about someone who resented how he had been used in creating the poster boy hockey stick. How about someone who felt that the release would perhaps help to repair his reputation or at the very least do some damage control.

  189. I FIGURED IT OUT!!!
    I KNOW WHO IT WAS!!

    It was the Norfolk Police.

    Think about it. They had access (they’re cops!) they have the means (they have teenage kids who are computer whiz’s) they have motive (less money for windmills, more for policing, taxes go down) and they can cover their tracks (they’ve been investigating for two years and…nothing. hmmm…)

    Plus, when the prosecutors finally crumble and start doing their jobs, guess who gets to be on the front page of the newspaper making the arrests (of Phil Jones and team I mean), television interviews, book deals….

    They’re probably grumbling to themselves right now because they can’t believe that with all they’ve done, the arrest warrants haven’t started flowing yet.

  190. davidmhoffer says: December 7, 2011 at 5:37 pm : By “first” batch, do you mean CG1?

    Correct. CG1 file 1258053464.txt = Thursday, November 12th 2009, 19:17:44 (GMT)

    I’m also a bit confused about the txt files you say were in the encrypted batch. Are you saying the time stamps are not encrypted? (I’ve not looked at them myself)

    While the files themselves are encrypted, you can view the file names in ‘all.7z’., which all reside in a folder called ‘all’. Interestingly, they do not have ‘.txt’ extension, but are bare unix timestamps. The most recent timestamp in the archive is 1258124051, which is Friday, November 13th 2009, 14:54:11 (GMT).

  191. Once again for correct formatting:

    davidmhoffer says: December 7, 2011 at 5:37 pm : By “first” batch, do you mean CG1?

    Correct = CG1 file 1258053464.txt = Thursday, November 12th 2009, 19:17:44 (GMT)

    I’m also a bit confused about the txt files you say were in the encrypted batch. Are you saying the time stamps are not encrypted? (I’ve not looked at them myself)

    While the files themselves are encrypted, you can view the file names in ‘all.7z’. Interestingly, they do not have ‘.txt’ extension, but are bare unix timestamps. The most recent timestamp in the archive is 1258124051, which is Friday, November 13th 2009, 14:54:11 (GMT).

  192. I’m a systems administrator, it’s what I do for a living. And people like me ROUTINELY have the kind of access necessary to get this type of information without any hacking. It’s been 100% obvious to me, that since the very beginning this HAD to have been done by a sysadmin with full access to the systems. This was not a hack… In fact the amount of information and the way it was “outed” makes it highly unlikely, almost impossible that this could ever have been done by someone on the outside.

  193. Back ups are a huge hole, usually. You really don’t want to be mousing around on systems, leaving an audit trail, when you can simply restore to a separate system and spend as much time as you like looking for goodies.

  194. “0Whoever did it likely got it from the email archive system, knew what they were doing, and thy had to have broad access to get all these emails gathered together.”

    This is patently wrong. There was no gathering. All the emails were kept on a single backup (redundant) mail server located within IT. This is according to a government report, “The Muir Russell Report”. I’ve posted this several times already. A bit of due diligence is all it takes to find the report but again I provide it. It may be a whitewash but I doubt they’d outright lie about what’s a very common thing in the industry i.e. keeping a copy of all email traffic for a departement on the departemental email server. Disk storage these days is so cheap it’s given away by the gigabyte and retail price is well under $100/terabyte.

    http://www.cce-review.org/pdf/FINAL%20REPORT.pdf

  195. davidmhoffer says:
    December 7, 2011 at 5:17 pm

    “I can sell you a tool set just as usefull for $500. Half price dude! How many you want?”

    JEDI SALESMAN!

  196. davidmhoffer says:
    December 6, 2011 at 6:48 pm

    “What the heck is a “single point of truth database” ?!?”

    davidmhoffer says:
    December 6, 2011 at 6:48 pm

    What the heck is a “single point of truth database” ?!?

    Also called “single source of truth” and “single version of the truth”.

    It’s a common term in data warehousing which you should have been aware of. I’m not an expert in IT so I had to look it up which took all of 5 seconds thanks to Google. You may call me JEDI GOOGLER.

    http://en.wikipedia.org/wiki/Single_Source_of_Truth

  197. davidmhoffer says:
    December 7, 2011 at 5:29 pm

    “It matters not one wit how many times he clicked on the link and succeeded. It means he tested the link and it operated properly. that says nothing about what he read or didn’t read.”

    There wasn’t much to read without more clicking. Just the date and titles of manuscripts that had been submitted along with submission number plus a notification of whose JGR account it was. I’m the one who sent the working links to Anthony the day before he notified Phil and JGR that the links were public knowledge. I also verified the links were working before taking any action as would be a waste of time to notify the owner(s) that they had a security problem.

    This was not a crime as there was no malicious intent or damages which must accompany any unauthorized access according to US federal statute. This is typically referred to in general by the non-legal phrase “no harm, no foul”. In fact it may be a crime to NOT tell the owner in some jurisdictions where “Good Samaritan” laws are on the books as inaction could have resulted in damages.

  198. Dave Springer;
    What the heck is a “single point of truth database” ?!?
    Also called “single source of truth” and “single version of the truth”.
    It’s a common term in data warehousing which you should have been aware of.>>>

    Yes, it is a term in data warehousing. In large complex IT systems sometimes data from one system is processed for use on another system, which may process it further and hand it to yet another system. In data warehousing, the practice of ensuring that all data collected from disparate systems is collected from the original data rather than data copied and/or processed data for use in central reporting systems. I didn’t have to look it up, I already knew that.

    From the documentation on the UEA web site regarding their various major projects and security systems, it seems like the system they called “SPOT” is actually a central directory for authentication purposes. All the end user documentation regarding password reset, getting access to secure systems and so on mentions the Athens portal and SPOT. These are clearly end user systems, not data warehouse systems.

    The common useage of the term as per google does not match the usage that UEA clearly has for SPOT.

  199. Dave Springer;
    This is patently wrong. There was no gathering. All the emails were kept on a single backup (redundant) mail server located within IT. This is according to a government report, “The Muir Russell Report”. >>>>

    What that report says, and I quote, is:

    “The word ‗hacked‘ as contained in the Review‘s terms of reference has been challenged in submissions to the Review, on the basis that the means by which the unauthorized disclosure of the e-mails was made has not been established.”

    Furthermore, backup email servers typically share storage with the primary email server rather than having a copy of their own. Further still, the report is nearly 100% focused on the handling of data for science analysis rather than the manner in which email data was stored. Any references to “an archive” or “backup server” are purely speculative, and the use of those terms inthe report is not well defined. Both the terms “archive” and “backup server” mean very different things within an IT shop depending on the context.

    Further still, this report was a whitewash through and through, I believe no more in their conclusions regarding data security breaches than I do in the following conclusions in their report, and it baffles me as to why you would see anything else in it as credible:

    “we find that their rigour and honesty as scientists are not in doubt.”

    “we did not find any evidence of behaviour that might undermine the conclusions of the IPCC assessments.”

    “We do not find that the way that data derived from tree rings is described and presented in IPCC AR4 and shown in its Figure 6.10 is misleading.”

    “On the allegation that the phenomenon of “divergence” may not have been
    properly taken into account when expressing the uncertainty associated
    with reconstructions, we are satisfied that it is not hidden and that the
    subject is openly and extensively discussed in the literature, including CRU
    papers.”

    “On the allegations that there was subversion of the peer review or editorial
    process we find no evidence to substantiate this”

  200. JonasM;
    Interestingly, they do not have ‘.txt’ extension, but are bare unix timestamps.>>>

    Actually, that is VERY interesting. Of course, there’s a LOT of different ways that could have happened, too many to be definitive about anything, but very interesting! Gotta cipher on that one for a bit…or cogitate…or something.

  201. Dave Springer;
    In fact it may be a crime to NOT tell the owner in some jurisdictions where “Good Samaritan” laws are on the books as inaction could have resulted in damages.>>>

    So did you do that? Sounds like you told Anthony instead?

  202. This is too far down in the comments for you to see, Anthony, but if you do, just count me as one more vote in favour of your action. Taking the moral high ground is never the wrong course of action.

  203. ‘ This is according to a government report, “The Muir Russell Report”. ‘

    The Russell “inquiry” was not a government inquiry and its report was not a govenment report.

    The Russell “inquiry” was commissioned by the UEA and- surprise – its key member had close connections with UEA (which he denied at the time of the inquiry).

  204. Martin A says:
    December 9, 2011 at 4:52 am

    The Russell “inquiry” was not a government inquiry and its report was not a govenment report.

    The Russell “inquiry” was commissioned by the UEA and- surprise – its key member had close connections with UEA (which he denied at the time of the inquiry).

    Sir Muir Russell is chairman of a governmental body, the Judicial Appointments Board of Scotland, and has been a civil servant almost all his working life. The objection that it’s not a government report seems a bit pedantic as it remains true that Russell headed the inquiry and he’s a government employee.

    One must still ask what motivation would there be to lie about where and how CRU emails are archived. Especially when the where and how are pretty much standard practice in a million IT facilities all over the world. So common, in fact, that I assumed without actually knowing that emails were being archived in that manner. Then in the only actual statement by any authoritative source my assumption was confirmed. Deal with it.

  205. davidmhoffer says:
    December 8, 2011 at 4:44 pm

    “Dave Springer;
    In fact it may be a crime to NOT tell the owner in some jurisdictions where “Good Samaritan” laws are on the books as inaction could have resulted in damages.>>>

    So did you do that? Sounds like you told Anthony instead?”

    That’s correct. I informed Anthony and no one else for a number of reasons but mostly because I didn’t want to give aid and comfort to some of the most heinous abusers of science alive today. If Phil Jones and a coyote were about to be run over by a bus and I only had time to save one of them I’d save the coyote. The second most important reason is that me informing JGR and Jones would benefit no one except JGR and Jones but coming from Anthony Watts it be of value in showing who owns the high moral ground in the debate. Watts is well known by everyone involved and I’m not so giving him an opportunity to wear the white hat is preferable to me donning it.

  206. davidmhoffer says:
    December 8, 2011 at 4:27 pm

    “Furthermore, backup email servers typically share storage with the primary email server rather than having a copy of their own.”

    Does it really make sense to you that a backup server and a main server share hardware resources? The whole point of the backup server is redundancy so if one fails for some reason the backup can seamlessly take over the job while the primary is repaired.

    You need to think more and write less because some of the stuff you write, like the above, is pure unadulterated uninformed rubbish. Stick to sales and leave system design to people who know WTF they’re doing.

  207. Dave Springer;
    Does it really make sense to you that a backup server and a main server share hardware resources? The whole point of the backup server is redundancy so if one fails for some reason the backup can seamlessly take over the job while the primary is repaired.>>>

    Yes it does Dave. Storage arrays that are independent of the servers themselves are standard fare in large IT shops and have been since the 90’s. The storage arrays themselves are designed to have no single point of failure. Data is striped across multiple disk drives using standard techniques such as RAID5 so that the failure of any given drive results in no loss of data as the use of the parity bit in RAID5 allows the data on the failed drives to be rebuilt from parity. Access to the drives themselves is through dual controllers in the array, each one of which provides for an independant path to the data on the hard drives (which themselves are also dual ported). If one controller in the array fails, the other controller can continue to serve data to any servers connected to it.

    Servers themselves are in general deployed with dual storage connectivity, one connection to each of the controllers through either ethernet or FC switching. One storage array can serve storage up to many servers. It is common for mission critical applications to be run on one server while a second server is kept in standvy mode to take over the load should the primary server fail. It does so by resuming the application functions and directly attaching to the exact same data that the primary server was attached to in the exact same storage array.

    If the above is “rubbish” as you claim, then IBM, HP, EMC, Oracle, Equallogic, Compellent, Hitachi Data Systems, Fujitsu, Network Appliance, BlueArc, Isilon, DDN, and many others appear to have been selling hundreds of billions of dollars worth of rubbish per year.

  208. This open access “link” could have been set up by Scotland Yard, the FBI, Interpol, or any number of agencies to catch the perpetrators. Known as a port trap, it tricks the interloper into thinking they are hacking but are really being welcomed with open arms by any agencies watching that hole, keeping track of their IP addresses. Not surprised they closed it down immediately once it was made public as it’s of no use in catching the “hacker.” Inside job? Doubtful. There are some very talented hackers out there who need nothing more than an unsecure comment form and some sql code. Do a google search and you’ll be surprised what these script kiddies are able to do (and brag about it).

  209. No offence, but Springer and Hoffer are going at it like two drag queens who’ve shown up at the same event wearing the same dress :-)

  210. Sean Peake;
    Springer has made accusations regarding my statements and I have defended them with factual explanations. Springer has some sort of obsession with me, and I for one am sick of it. I’ve zero interest in debating him, but when he accuses me of making false, misleading, or innacurate statements, I think it only fair that I respond.

    Anthony – if you must throw us both in the “troll bin” to put an end to this nonsense, by all means please do so because I’ve had enough. Springer seems far more interested in discrediting me and insulting me than he does in bringing any particular value to the discussion, and this thread is a fine example of his going out of his way to find fault with what I’ve said despite admitting that it is an area in which he himself has no expertise. He’s found some startlingly obscure references on some remarkably obscure web sites that he seems certain he is justified in using to mock me, suggesting that he is spending an inordinate amount of time on what is starting to sound more like stalking than civil discourse.

    I’m asking you to put a stop to it even if that means you throw me in the troll bin too. I just ask that we have separate cells.

  211. davidmhoffer says: Uhm… are you protecting the dog? Or the prosecutor? ;-)

    Neither, I’m protecting Anthony. His dog probably knows more about him than his wife and if the dog knows he’s going to be deposed he’ll extort him for more treats in exchange for favorable testimony. (When his subpoena comes just mutter something about a new vet appointment, works every time…)

  212. And thus endth the cage match. FYI, davidmhoffer, I always look forward to and enjoy your posts, but you need to drop this.

  213. Sean Peake says:
    December 9, 2011 at 12:56 pm
    And thus endth the cage match. FYI, davidmhoffer, I always look forward to and enjoy your posts, but you need to drop this.>>>

    The man directly accused me, in a public forum, of being incompetant for having suggested that fail over servers most likely shared the the same storage, and called the notion total rubbish. The fact of the matter is that shared storage to facilitate continuous availability of applications even when the primary production server fails has been a standard approach in large data centres for nearly two decades.

    Are you seriously suggesting that having been accused of incompetance in regard to a subject matter in which I make my living, and on the basis of a complete falsehood to boot, I should just quietly say nothing? I should just allow the falsehood to stand unchallenged and leave those who read the thread to gain a better understanding of the technology with a false impression?

    I’ve long since dropped my objections to Springer accusing me of mutilating dead animals, threatening to shoot me, and I’ve lost track of the number of times he’s been snipped for making rude remarks about me. I don’t care. But when my professionalism and technical opinions are attacked using false information in what amounts to nothing more than a smear campaign, then I’m obligate dto set the record straight.

    As I said before, I’m not interested in debating the man. that doesn’t mean I’m going to just “drop it” and allow him to continue attacking me personally without defending myself.

  214. davidmhoffer says:
    “December 7, 2011 at 5:29 pm
    1DandyTroll;
    “I’ve tested again tonight and the live link fails now.”
    Does not imply that Mr Watts did not succeed before?>>>

    It matters not one wit how many times he clicked on the link and succeeded. It means he tested the link and it operated properly. that says nothing about what he read or didn’t read.”

    Of course it matter,

    1. He figured he didn’t have the right to, hence his kindness to his opposition of letting them know they still had an open access.

    2. It doesn’t matter what you read, see, or listen, to, if you at first don’t have the explicit right to access it in the first place.

    There’s is no interpretation of the law, that is the law.

    “1DandyTroll;
    Don’t make a fool of yourself. EU law clearly dictates what is legal to access and what is not>>>

    I’ll take your word for it. The thing that maybe you might have missed is that Anthony lives in the United States of America, and is not subject to EU law. Nor are crimes of this sort an extradictable offense. Even if he were to take a trip to the EU and be arrested there, his lawyer would argue that the EU does not have jurisdiction over actions taken in another country where those actions are legal, and he’d win on that point, hands down.”

    1. There are bi- and tri lateral agreements between UK and US, and EU and US.

    2. Every time you go to another country you are subject to your country’s laws and the laws of the country you’re visiting.

    3. You can get turned over to another countries laws per, see 1, but especially for computer crimes these days. That people don’t get shipped around the world has more to do with money and that a lot of computer crimes only get prosecuted if someone makes a formal complaint. Most organizations don’t want to get embarrassed, hence the lack of complaints, however, the lack of a complaint doesn’t mean a crime wasn’t committed.

    “Any other things I made a fool of myself on that I can straighten out for you?”

    Yes, please, if you don’t know the current state of law concerning computer crimes in your own country I can understand since it’s usually chaos, but why do you still go above and beyond over the whole state of system design that UEA is using when you clearly don’t know?

    I get why you have something against me behavior, but still, If you want to know their design you could just visit them you know, and ask, all still in the digital world. It’s not like it’s a secret installation after all, and even without the current set of all access openness laws in UK, they’ve as far as I can recall been very forthcoming with information if all you do is ask in a nice and proper way suitable for their standing in life. Pun all intended. :p

  215. 1DandyTroll;
    but why do you still go above and beyond over the whole state of system design that UEA is using when you clearly don’t know?>>>

    My comments have been in regard to technology infratsructure design in general, and are intended to provide some understanding of what is possible, what is likely, and what is unlikely in a large IT shop such as UEA’s. If you were paying attention, you would have noted that many of my comments carried caveats in regard to the specifics if implementation at UEA being unknown, and thus any hard and fast conclusions regarding their specific environment and the specific events that transpired are not possible.

    1DandyTroll;
    they’ve as far as I can recall been very forthcoming with information if all you do is ask in a nice and proper way suitable for their standing in life>>>>

    LOL. Yeah, right.

  216. 1DandyTroll;
    I get why you have something against me behavior, but still, If you want to know their design you could just visit them you know, and ask,>>>

    There was a time when large IT shops would be glad to give you a tour of their data centre and answer pretty much any question you asked about their design. That practice has been dead as a doormat for 30 years or more because it was one of the primary tactics that hackers used to gain information about their targets that could be used to breach their security. Answering questions about a specific implementation of any mission critical system to anyone who asks is a violation of even the most basic security practices, and would be dismissed out of hand in any FOIA request, and for good reason.

  217. That practice has been dead as a doormat for 30 years or more >>>

    To be clear, one can often get a tour of the data centre. what one cannot get is any usefull information regarding the specific implementation details of their major application infrastructure, network design, and data protection (backup etc) systems. staring at the all the hardware and cabling in a site of that size will tell you little of practical value.

  218. davidmhoffer: I m not one to say what you should or shouldn’t do or to whom you should respond. My point is that you have more supporters than agin’ yas but there will always be a few who refuse to listen or are just a thorn in your side. Some arguments, however, you can’t win. “Forget it, Jake, it’s Chinatown.”

    For the record, there are three posters/bloggers I look forward to reading everyday and you are one of them—the others are Daily Bayonet and Iowahawk. You all love to tweak the nose of the arrogant and reduce the pompous to imbeciles.

  219. FOIA File structure seen as DOS file structure.
    SUB Directory REDACTED.

    CD/ redacted
    http://www.ecowho.com/foia.php?search=REDACTED

    DIR

    Thu, 9 Oct 2008 6:56:17 am
    0058.txt- Ralf
    0058.txt-
    0058.txt:[[[redacted: reference]]]
    0058.txt-
    0058.txt- Finally, might I ask that you note and then erase this email. I have found that recent

    OPEN 0058.txt-
    http://www.ecowho.com/foia.php?file=0058.txt&search=REDACTED

    date: Thu Oct 9 17:56:17 2008
    from: Keith Briffa
    subject: Re: Tom Giverin – IN STRICT CONFIDENCE
    to: “Toumi, Ralf”
    Ralf
    [[[redacted: reference]]]
    Finally, might I ask that you note and then erase this email. I have found that recent
    enquiries under the Freedom of Information Act, or Data Protection Act, can become
    considerable time sinks , or the basis of some inconvenient subsequent distractions.
    with best wishes
    Keith
    At 12:38 09/10/2008, you wrote:

    Dear Keith,
    Tom has applied to do a PhD with me (probably mesoscale modelling). Could you please
    give me a reference for him. In particular I would be interested to know if you would
    take him in your group (and why you think he is still available; which is good for
    me…, but I always worry at this time of year).
    Best wishes,
    Ralf

    Professor Ralf Toumi
    Department of Physics
    Imperial College
    London SW7 2AZ
    UK

    Rm. H713 (Huxley Building)
    Telephone: + 44 (0) ???
    Fax: + 44 (0) ???
    email: [1]???@imperial.ac.uk
    Web: [2]http://www.sp.ph.ic.ac.uk/~rtoumi/


    Professor Keith Briffa,
    Climatic Research Unit
    University of East Anglia
    Norwich, NR4 7TJ, U.K.

    Phone: +4 ???-1603-593909
    Fax: +4 ???-1603-507784
    [3]http://www.cru.uea.ac.uk/cru/people/briffa/

    Open — it is also a filename, + = space key seen on FOIA Grepper.
    DIR
    http://www.ecowho.com/foia.php?search=+–

    “### CANNOT PARSE DATE ###
    0876437553.txt-Sounds like you guys have been busy doing good things for the cause.
    0876437553.txt-
    0876437553.txt:I would like to weigh in on two important questions —
    0876437553.txt-“

    0876437553.txt:I would like to weigh in on two important questions —
    0876437553 = UNIX time stamp
    Open 0876437553.txt
    “From: Joseph Alcamo
    To: ???@uea.ac.uk, ???@rivm.nl
    Subject: Timing, Distribution of the Statement
    Date: Thu, 9 Oct 1997 18:52:33 0100
    Reply-to: ???@usf.uni-kassel.de

    Mike, Rob,

    Sounds like you guys have been busy doing good things for the cause.

    I would like to weigh in on two important questions —

    Distribution for Endorsements —
    I am very strongly in favor of as wide and rapid a distribution as
    possible for endorsements. I think the only thing that counts is
    numbers. The media is going to say “1000 scientists signed” or “1500
    signed”. No one is going to check if it is 600 with PhDs versus 2000
    without. They will mention the prominent ones, but that is a
    different story.

    Conclusion — Forget the screening, forget asking
    them about their last publication (most will ignore you.) Get those
    names!

    Timing — I feel strongly that the week of 24 November is too late.
    1. We wanted to announce the Statement in the period when there was
    a sag in related news, but in the week before Kyoto we should expect
    that we will have to crowd out many other articles about climate.
    2. If the Statement comes out just a few days before Kyoto I am
    afraid that the delegates who we want to influence will not have any
    time to pay attention to it. We should give them a few weeks to hear
    about it.
    3. If Greenpeace is having an event the week before, we should have
    it a week before them so that they and other NGOs can further spread
    the word about the Statement. On the other hand, it wouldn’t be so
    bad to release the Statement in the same week, but on a
    diffeent day. The media might enjoy hearing the message from two
    very different directions.

    Conclusion — I suggest the week of 10 November, or the week of 17
    November at the latest.

    Mike — I have no organized email list that could begin to compete
    with the list you can get from the Dutch. But I am still
    willing to send you what I have, if you wish.

    Best wishes,

    Joe Alcamo

    —————————————————-
    Prof. Dr. Joseph Alcamo, Director
    Center for Environmental Systems Research
    University of Kassel
    Kurt Wolters Strasse 3
    D-34109 Kassel
    Germany”

    There is still filename —————————————————-

    DIR
    http://www.ecowho.com/foia.php?search=+—————————————————-

    Thu, 11 Jul 1996 1:07:13 pm
    0837094033.txt-> NR4 7TJ
    0837094033.txt-> UK
    0837094033.txt:> —————————————————————————-
    0837094033.txt->
    0837094033.txt->

    Open
    0837094033.txt:> —————————————————————————-
    “From: Alan Robock
    To: Phil Jones
    Subject: Re: your mail
    Date: Thu, 11 Jul 1996 10:07:13 -0400 (EDT)

    Dear Phil,

    It looks like you have found Baitoushan. Vol. 2 lists Kuwae as VEI 6 in
    1452 +/- 10 AD. How accurate are your dates? By the way, Chris Newhall
    thinks 1600 is the Parker volcano on Mindanao in the Philippines. He
    hasn’t published that so far, as I know.

    Could you please define “utter prat” for me? Sometimes I think we speak
    the same language, and sometimes I’m not so sure.

    I’m doing fine. We have a new building with nice new offices. I’m going
    to Australia next week with Sherri and Danny, and after the meeting, will
    visit Cairns, Adelaide, and New Zealand. I’m looking forward to skiing
    on a volcano, if it stops erupting.

    Alan

    Prof. Alan Robock Phone: (301)???
    Department of Meteorology Fax: (301)???
    University of Maryland Email: ???@atmos.umd.edu
    College Park, MD 20742 http://www.meto.umd.edu/~alan

    On Thu, 11 Jul 1996, Phil Jones wrote:

    > Alan,
    > Thanks for the quick response. We’ll expect something from Melissa
    > in the next few weeks. I also hope our copy of the 2cnd edition arrives
    > soon. In our maximum latewood density reconstruction from the polar Urals
    > to AD 914, the most anomalous summer is AD 1032. A lot of other volcano
    > years are there with summers of -3 to -4 sigma such as 1816,1601,1783 and
    > 1453 (I think this later one is Kuwae that is being found in the Ice Cores
    > in the Antarctic. However 1032 is 6 sigma and it may be the Baitoushan
    > event which you say is 1010 +/- 50 years or the Billy Mitchell event.
    >
    > I hope all’s well with you.
    >
    > Cheers
    > Phil
    >
    > PS Britain seems to have found it’s Pat Michaels/Fred Singer/Bob Balling/
    > Dick Lindzen. Our population is only 25 % of yours so we only get 1 for
    > every 4 you have. His name in case you should come across him is
    > Piers Corbyn. He is nowhere near as good as a couple of yours and he’s
    > an utter prat but he’s getting a lot of air time at the moment. For his
    > day job he teaches physics and astronomy at a University and he predicts
    > the weather from solar phenomena. He bets on his predictions months
    > ahead for what will happen in Britain. He now believes he knows all
    > there is to know about the global warming issue. He’s not all bad as
    > he doesn’t have much confidence in nuclear-power safety. Always says
    > that at the begining of his interviews to show he’s not all bad !
    >
    > Cheers Again
    >
    > Phil
    > Dr Phil Jones
    > Climatic Research Unit Telephone +44 ???
    > School of Environmental Sciences Fax +44 ???
    > Norwich Email ???@uea.ac.uk
    > NR4 7TJ
    > UK
    > —————————————————————————-
    >
    >”
    This is an example file path, and seems to be endless.
    I think that the master file is still in CRU computer systems,
    so we have to sort files like I did.

    Ilkka.

  220. My pleasure, Hoff. To quote Lt. Escobar, “Go home, Jake. I’m doing you a favor!” (And yes, Chinatown is my second favourite movie)

Comments are closed.