Climategate investigation closed – statute limit looms, cops impotent

It would be nice to see the evidence for a remote hack.

Well, I posted this in tips and notes over a half hour ago. Related article.
http://www.bbc.co.uk/news/science-environment-18885500
REPLY: I saw that, and thank you, but I’d already seen Bishop Hills post and the press release…and I try not to cite Richard Black/BBC due to their spin. – Anthony

To bad the investigation into the unlawful hacking will not be completed. Several investigations have been completed as to the scientists and their work involved in this unlawful hacking and these investigations have shown the scientists to abide by the highest ethical standards. This stands in stark contrast to those who unlawfully steal and misquote emails. The distinction is astounding and shows the difference between those involved in scientific inquiry and those who are not.
REPLY: LOL! Investigations? you mean whitewashes conducted without any difficult questions being asked by unbiased investigators, don’t you Mr. Flesch? – Anthony

“Despite detailed and comprehensive enquiries, supported by experts in this field, the complex nature of this investigation means that we do not have a realistic prospect of identifying the offender or offenders and launching criminal proceedings within the time constraints imposed by law.”
Hmmmmm — three years, with expert support, and they couldn’t track down a hacker? A bud who works for a Three-Letter Organization told me last year the longest it had ever taken him to trace a hack to the originating computer was a week.
Something’s not ringing true in the Official Statement…

“This stands in stark contrast to those who unlawfully steal and misquote emails.”
You mean Peter Gleick? 😉

“Miracles” don’t leave much evidence.

I would like to hear any of the evidence from which the Norfolk Constabulary are basing their unsupported propaganda claim. Not once in the last three years have they released any information to validate this position or their hunt for a boogeyman. I also second the FOI request. The police should be held accountable for their actions and if they have no evidence then they are derelict in their duties to the public with their irresponsible statements on this case.

It’s a twap I tell you ! They don’t really know anything, granted, they are just hoping, waiting for that pending release of the password for that last stack of damning emails.

Translation: The real origin of the leak is too embarassing. We are droping the investigation and sticking with our cover story.

sceptical says:
July 18, 2012 at 9:13 am
To bad the investigation into the unlawful hacking will not be completed. Several investigations have been completed as to the scientists and their work involved in this unlawful hacking and these investigations have shown the scientists to abide by the highest ethical standards….

Bwahhhhahahahah! You mean like Dr. Phil Jones who was also saved by the statute of limitations after breaking the law???

There was no desire to identify the culprit(s) for to do so would have resulted in some kind of charges and a likely show trial. This would have reopened all the issues that Climategate revealed, a result that the UK government does not want.
So there never was a chance that the perpetrators would be identified and caught.

I too would like to see some evidence for an external attack. As a professional in the area, I find that rather implausible, and consider an “inside man” job a much more likely scenario.
As for “sophisticated”, well, it’s usually not necessary to be awfully sophisticated to get into a University file server. Sorry, but it just isn’t. Too many tenured idiots complaining about “difficulty of access” to their ultra-important data sets and whatnot.
Computer security is a balancing act at the bet of times, and University environments tend to have lots of big thumbs on one pan.

I wouldn’t call the cops “impotent”.
I go with incompetent and complicit.

“Bring on Climategate 3.”
I think it is a safe bet that something is coming soon. I’ll bet whoever is behind it is waiting for something profound to be put out by the Hockey Team or its supporters.

It’s like the Higgs Boson; they are slowly narrowing down the range, where that rascally hacker could be hiding. S/he is now believed to be somewhere between 170 deg West and 170 degrees East; so far they have managed to eliminate that large area around the dateline, where New Zealand can often be found, when they bother to draw whole maps.

Did Tallbloke ever get his equipment returned?

sceptical says:
July 18, 2012 at 9:13 am
This stands in stark contrast to those who unlawfully steal and misquote emails.
Since when is publishing an e-mail chain in its entirety, unedited and without commentary, misquoting those e-mails — particularly since Phil Jones confirmed the several chains as authentic?

Pat Frank says:
July 18, 2012 at 9:49 am

“There is no evidence to suggest that anyone working at or associated with the University of East Anglia was involved in the crime.”

This is the only positive statement in the whole release. They could find no evidence for an inside source. That could merely mean no one at UEA admitted it, and they could find no traces of unauthorized access at UEA. That allows them to absolve UEA staff.

We don’t even know if they asked anyone at UEA, and we don’t know if they even looked for traces of internal actions.
I think it’s telling that their report didn’t state that any of the “…detailed and comprehensive enquiries, supported by experts in this field…” were directed at anyone associated with the University of East Anglia.

“The offenders used methods common in unlawful internet activity to obstruct enquiries.”
They must have used 7 proxies then.
http://knowyourmeme.com/memes/good-luck-im-behind-7-proxies

Sadly for our information liberator there is no statute of limitations in the UK.

There was never a chance of this getting anywhere near a court of law. Evidence given under a sworn oath, with severe penalties for perjury?
No way would they risk that, because that would mean game over for the global warming scam.
This lack of prosecution, or even any confirmation of what they did manage to find, is about as damning as it gets, to the veracity of the “evidence” provided by the high priests of AGW.
Yes….November 2012…. a time to look forward to Climategate 3. …..bring it on!

They had the assistance of the Met Counter Terrorism Command? Really? E-mail is now a WMD?

Cross-commented from Bishop Hill:

“a ‘sophisticated and carefully orchestrated attack on the CRU’s data files, carried out remotely via the internet’.”
False on its face.
1. Not “data files”, but the email server. Totally different thing. And not an attack; nothing was disturbed, garbled, or deleted. (Not that CRU has any data files, anyway. Philbert lost ’em all in his terminally messy office. And mind.)
2. FOIA carefully purged the email addresses of both senders and receivers throughout. A dastardly criminul international hacker did that? Pull my finger …
3. FOIA explains his purpose, to force some ethics and transparency where little or none exists. And warns of far larger releases (via password for existing widely disseminated files) if things don’t shape up. This is an insider’s motivation, not an external hacker’s.
The Constabulary have laid an ostrich-sized but dead and putrid egg.

What is the “statute limit” you refer to ? The UK is not (yet) part of the US so there isn’t one – there is for FOI breaches but that is due to Blair being an idiot.

After the last three days of runaround with various government authorities on a different criminal matter, all I have to say is I have yet to find a government official who could find his own A$$ with both hands unless there was a payoff involved.
WHO needs to send out an emergency Epidemic and Pandemic Alert It would seem we have a world wide epidemic of this problem in the public sector.

AnonyMoose says:
July 18, 2012 at 11:20 am
>> Does this mean that the police-held hard drive will soon be again available for FOI searches?
Ah! My very first thought on reading this. UEA got out of releasing thier records on the technicality that they did not “possess” the said documents because the police had impounded the computer.
Now the police have decided to officially close the investigation, they will be returning the property to its rightful, legal owner. That means UEA will, once again, be “in possession” of the documents and will have no further grounds not to produce them.
A new FOIA request to UEA would seem to be in order, just in case they have forgotten the previous request and lest they should (ahem) lose the disk or something silly.
As for Norfolk Constabulary, thier silence over the past two years has pretty clearly been spent watching the clock tick on this one. You can bet if the perps were four young muslims they would have had no difficulty in finding where the “attack” came from.

“Not “data files”, but the email server. Totally different thing.”
Actually, it looks to me like the files came from the server used as a repository for backups of the mail server and other computers which is why many of the actual data files are available. Someone apparently swiped the files that were deposited on a different system in the course of some regularly scheduled backups.

Mickey Reno says:
“We can’t think of another explanation, ergo, IT MUST BE CO2 from human burning of fossil fuels!
We have no evidence, ergo, it’s a HACK!”
My thought exactly.
Similarly, I’d like to know who “Harryreadme” is. I want to send him flowers. Or a box of chocolates. Or a big freakin’ solid gold medal!

This is a ridiculous charade – Plod knows more than it’s saying and I strongly suspect that what it isn’t saying is merely to spare some blushes at CRU. Nothing like an apolitical police force, eh? This is the same police force, incidentally, that regularly crows very publicly (all the time) about it’s increasingly ‘sophisticated’ online tech for catching international online child pornographers – but, somehow, they just can’t find a regular hacker…? Really? Pull the other one.
Climategate was, of course, an inside job – a whistleblower, in other words (although I prefer the term ‘hero’). The police won’t tell us that – instead they make themselves look foolish by deciding they’re not up to the job at hand and just close the case file. God forbid the actual facts should ever get into the public domain. Another dreary whitewash. How many is that, now..?

P. Solar unless say hardware meets a ‘tragic accident’ on its way back to being used by CRU , after all it not been powered on all this time , so its to be ‘expected ‘ that when it is something ‘could go wrong ‘
Of they could just stick in a box with some really strong magnets, which they ‘had no idea where in there too’ , and yes that one has been done before.

“‘sophisticated and carefully orchestrated attack on the CRU’s data files, carried out remotely via the internet’.”
So, I guess this means that they don’t know what they don’t know. Beautiful!

TinyCO2 says:
July 18, 2012 at 12:20 pm
Morph says:
July 18, 2012 at 1:02 pm
That’s what I thought. Read the Computer Misuse Act 1990 S11(3).
http://www.legislation.gov.uk/ukpga/1990/18/section/11
Three years after the plods learnt of the ‘crime’, FOIA is home free (as long as he/she/they aren’t in Scotland. (The statute of limitations does not, for some reason, apply in Scotland)

Cops impotent?
Limp and drooping like the global warming of the past decade or so?

dfbaskwill says:
July 18, 2012 at 10:53 am
“Bring on Climategate 3.”
I think it is a safe bet that something is coming soon. I’ll bet whoever is behind it is waiting for something profound to be put out by the Hockey Team or its supporters.
___________________________________
The US elections are in November 2012 and the Australian Election in 2013. Working Group Reports of the IPCC Fifth Assessment Report (AR5) are to be published between 2013 and 2014.
So there are lots of dates to choose from but a dribble in the fall of this year seems likely with more in the fall next year.

Inside, outside … who knowns. I wouldn’t jump to conclusions. Nobody is safe against a competent hacker. Absolutely nobody. Regarding the quality of police investigations, I had a bit of experience. I asked the UK police to investigate the theft of my laptop. I thought it would be a piece of cake because it showed up online just 20 minutes after it had been stolen and kept reporting its address through DynDNS. It continued to do so for three years, after which time I needed that name and claimed it for another machine. But I gave up waiting for the police to help much earlier. It took them eight months to obtain the disclosure paperwork for the first few addresses I gave them, and sure enough, by then the traces went cold.
I even talked to the members of the internet crime unit in London about it, and they confirmed it should have been a piece of cake, but told me they would be helpless in that case because the town where my laptop was stolen was outside their jurisdiction.
So it seems like hackers are safe attacking targets in the UK; outside London for sure. Not that I ever wanted the Climategate hacker to get caught, but I suspect it was a futile endeavour from the start.

Billy Liar says:
July 18, 2012 at 2:08 pm
Read the Computer Misuse Act 1990 S11(3).
Hmm, interesting. I suppose it would depend if there could be another type of crime considered (I won’t give them ideas). I still wouldn’t advertise myself once the deadline is up if I was FOIA. Especially as they keep trying to make scepticism a crime against humanity. The police might be fed up with it but certain people must still want revenge and they’d be backed all the way by organisations like GreenPeace or the Guardian.

What my brain says:
FOIA = A member of the house of lords or parliament – or an assistant/associate thereof providing the skills necessary to hide the obvious under direction.
When the police figured this out – and realized the whole thing was a political maneuver to counteract the blatant scam AGW is, they backed off really quick.
The bobbies, constables, investigators, solicitors, etc., appreciate being able to punch the clock, go home, eat a nice dinner and sleep in peace.
FOIA will release another batch – knowing full well that while the police can do a duck once – they can’t do it twice because a member of the house of lords or parliament that is pro-AGW will foolishly press for direct action.
Only then will it really play out – and heads roll.
However the heads that roll will not be the heads of politicians, but those of scientists – rightfully or wrongfully. Even when a political showdown becomes a farce that falls apart – a head always rolls and more often than not – it’s that of someone a step below that of the politicians in question.
=8-)

“…. we can say that the data breach was the result of a sophisticated and carefully orchestrated attack on the CRU’s data files, carried out remotely via the internet. The offenders used methods common in unlawful internet activity to obstruct enquiries.

A much simpler and less complicated scenario would be someone with inside access. No fancy super “7337” skills really needed. A little more complicated would be lifting the data off if a cloned drive that was in for repair.
Did someone mention Occam’s razor? No? Never mind.

“There is no evidence to suggest that anyone working at or associated with the University of East Anglia was involved in the crime.”

Yeah.. go ahead and keep thinking that.

Once the statute of limitations has run its course there’s nothing really that would keep the whistleblower from releasing the password .. I wonder if some folks are profusely sweating already.

Pat Frank says:
July 18, 2012 at 9:49 am
“There is no evidence to suggest that anyone working at or associated with the University of East Anglia was involved in the crime.”
This is the only positive statement in the whole release. They could find no evidence for an inside source. That could merely mean no one at UEA admitted it, and they could find no traces of unauthorized access at UEA. That allows them to absolve UEA staff.
And as the only positive statement – it is demonstrably false.
The climategate emails are not a simple mail server dump. They are a selection of that appear to match the FOIA requests that CRU repeatedly refused to comply with. The mail server at CRU would have been full of emails of all sorts. But the Climategate emails were a careful selection all very apposite. Anyone that has worked with these kind of servers knows the huge amount of work involved parsing your way through a mail server, looking for those emails that are on or related to the subject and discarding those not wanted. I didn’t see any routine emails in the Climategate dump – no spam, no university business etc. But there would have been a huge amount of non-climate emails. The work-factor for an intruder even an APT would have been considerable.
“However, as a result of our enquiries, we can say that the data breach was the result of a sophisticated and carefully orchestrated attack on the CRU’s data files, carried out remotely via the internet. The offenders used methods common in unlawful internet activity to obstruct enquiries.”
It is quite rare to find a sophisticated hacker with a specific interest in climate science. This ‘rare beast would also have to know that there were incriminating emails to actually find on an unencrypted mail server. Then after downloading a HUGE mail file which would take time on its own. Then work for a long time searching for the appropriate ‘incriminating emails with a knowledge of whose emails were important and whose weren’t sometimes due to throwaway lines in the emails, and discarding the dross routine emails which would be the majority..
And the payback? No attempt appears to have been made to make money out of the emails. They were sent to various news outlets (showing a trusting faith in the investigative journalists who only deal with cut and pastes frrom AP and Reuters). Then the sorted Climategate dump was left on a Russian server with messages to appropriate blogs such as Tallblokes Talkshop.
This was not the work of a hacker this was the work of someone with continual access to CRU and a subject matter expert in the climate business, its wrinkles and the people involved both local and international. It could even have been someone who had been tasked with answering the FOIA and then after doing all the work was told to scrap it as we are not going to answer it. It is stretching credulity too much to accept that this was a ‘simple’ outside hack by a blackhat ‘denier’.

Methinks I smell a rat…..
The police say they were competent enough to determine it was a sophisticated hack. But they say they can’t trace it down to an origin? My goodness, how many people in silicon valley could trace it to an origin. Pulease! If they can’t trace it then they don’t know what they’re doing in the first place. So saying it was sophisticated is euphemistic for “hey, we’re totally lost, it’s over our heads, we weren’t trained for this. Besides, it’s just not important enough to expend resources on solving it”.
What’s the rat I smell? Maybe political paradigms make one not want to press the issue for fear real details would come out that would puncture the good ship global warming. But maybe I go to far with that.

Why do some people here apparently suspect the Norfolk police being in support of a particular narrative – in effect part of a coverup? While I can see the possibility of incompetence, a deliberate attempt to hew to a storyline seems rather improbable to me.
To me it sounds like they couldn’t find s___t. The reference to an outside hack would still hold true even if the person responsible worked there or was familiar with the system.
All this changes is the sideshow argument regarding Climategate and Glieckgate comparisons. It does nothing with regard to the content of the emails and what they reveal.

This is just sad. When is this whole global warming thing going to end? I know money talks. But can’t at least someone, somewhere along the concatenation of this comedy say, “Hey, wait a minute, WTF!”

re: “who wants to misdirect the blame”
mm… someone very close to the center of all the action??
a distant hacker would not seem to have any reason or need for such misdirection
(well unless it were some added layer of misdirection, to make it seem to the most observant that it was an insider trying to misdirect to an outsider who …. nah, too much subtlety for any “outside” hacker to care about, I would guess)

Comment by Steve McIntyre on his blog:
Too bad that they didn’t provide any evidence to actually dispel the theory that RC/FOIA “was a disgruntled UEA employee”. Nor do I believe anything that Acton says on this matter without corroborating evidence – which has notably not been provided here.
If they’d resisted the temptation to embellish – “carefully orchestrated” for example – they’d have had a better chance of people accepting a statement. But such embellishments make it impossible to accept this without corroboration (bold added by me)
And I agree with the bolds.
link to his comment
http://climateaudit.org/2012/07/18/norfolk-police-inquiry-at-east-anglia-ends/#comment-343379

Climategate 3 will probably happen short before the the next UNEP/IPCC(UNEPFCCC) “report” ?
It must be very undermining for the The Team’s members morale to know that short before their policy based propaganda “claims” are put forward new Climategate e-mails will be made public.
E-mails that show that the IPCC reports are not scientific but instead politics to support the UNFCCC and it’s radical UNEP policy based claims to promote a radical change of society.
And the fun part of this is that it’s going to be The Teams own written words in leaked internal e-mails that clearly show that the reports claims that they are making public is not science but policy based solely and only on the UNFCCC.
In other words ” the things we are going to tell you now is just policy based lies”.

Norfolk is a region in England that suffered “mother Nature’s” brunt recently: snow and -14 C in February, a super dry March and monsoon in April: she is having a laugh with these CRUed clowns.http://www.edp24.co.uk/news/environment/torrential_rain_in_east_anglia_could_mean_april_was_a_record_breaker_1_1363702

Didn’t believe their “it was a hack from the internet” when they first produced it; no reason to believe it now. It sounds like the attack dogs were getting nowhere and their owner decided to call them off.
‘Foia’ – please can we have that password soon? 😀

Ha ha – might be the cue for another release of emails

Remotely may simply mean a VPN connection from inside UEA to a non-logging VPN hoster and back in through the firewall via an open port exploiting any number of vulnerabilities or bad setup.
Grabbing a single HDD from the SAN rack won’t get anyone far. A large institution like this will have a high level RAID (i.e. RAID6) with additional data duplication and volume spanning going. Any single HDD only contains unrecoverable gibberish, getting to it requires physical access to the server room and pulling it will trigger an alert to the admin (and possibly the manufacturer to ship a replacement part and send a technician to install it by presuming hardware failure). Removing the full shelf to take home is quite inconceivable.

I am enjoying all of this very much, and dearly hope Mosher writes a book about it one day. Some thriller it would be, even without any bodies (Which I dearly hope never happens. Professional reputations can deservedly die, yes, but not any actual people).
Sincerely, an American schoolteacher posting this afternoon from Yorkshire, as I’m sure any competent hacker could easily determine. 🙂

I hope that after the 3 year statute limit is past, the hero hacker will identify himself (or herself)!