THREAD: Fourth segment in thread, which is giving my perspective and reminiscensces of events described in BBC's aptly named The Trick. Previously
https://twitter.com/ClimateAudit/status/1450420409757732866
https://twitter.com/ClimateAudit/status/145049422923557274432-69
https://twitter.com/ClimateAudit/status/145091679469740442368- 85
86/ I had left off narrative of events in summer 2009 at Mole article at Climate Audit on Jul 25 climateaudit.org/2009/07/25/a-m…. I had announced that I was now in possession of version of very data that CRU refused on basis world order would collapse if released to non-academic.
87/ An additional reason for riffing on this segment of The Trick is that, according to chronology of events in eventual police report, the Climategate hack did not begin until Sep 2009; their chronology also noted summer FOI requests. Metadata (to be discussed) support mid-Sep.
88/ I dont know identity of MrFOIA, but I am 99.9% certain that Climategate "hack" did NOT arise from some grandiose plan by Russian intel agencies, US fossil fuel companies or money interests fantasized by climate community, but from local spat between CRU & ClimateAudit readers
89/ spurred by The Trick, I've re-examined some metadata information and will eventually provide new analysis of what can be gleaned from which documents were exfiltrated in what order. (I had taken notice of this at time, but, from Russiagate work, know more about metadata now.)
90/ so that's a bit of a preview to motivate re-visiting events precipitated by the Mole post. Plus the original posts are interesting to re-read. I left off by saying that there was a "game afoot" in the Mole post. I'll explain in a moment.
91/ the post caused consternation among Climate Audit readers (and, as we shall see, at the University of East Anglia.) Some readers were worried that I was exposing the "mole" to personal risk, Here's one, but there are many others.
92/ I reassured worried readers that I didn't think that I was putting the "mole" at risk, but many thought that I was treating situation far too lightly.
I also continued to caveat readers not to expect "smoking guns", that Jones was more likely just concealing triviality.
I also continued to caveat readers not to expect "smoking guns", that Jones was more likely just concealing triviality.
93/ Three days later (Jul 28), I reported climateaudit.org/2009/07/28/met… that CRU had discovered the mole the previous day and taken steps to cooper up the damage.
84/ CRU refusal had claimed release would “damage trust scientists have in those scientists .. employed in public sector”, interfere with “effective conduct of international relations”, “hamper ability to protect and promote UK interests", “seriously affect" UK relationships
85/ yet CRU took no steps to ask me not to further dessiminate data. I also speculated that CRU "sill not make slightest effort to discipline the mole". I publicly offered to destroy my copy of the "purloined" data if officially requested by UEA (while continuing my FOI).
86/ next day (Jul 29), I published post that CRU had erased data from their FTP site (or moved it to private sector) climateaudit.org/2009/07/29/cru… on July 27 at 2:42 PM and that three files had been removed. Jean S also surmised deletions from Phil Jones' public FTP site.
87/ by this time, I'd left lots of breadcrumbs and readers figured out the joke. KevinUK surmised that the data was on CRU's FTP site all along and that the "mole" was thus Phil Jones himself. Who had left this supposedly top secret stuff sitting unprotected on the CRU FTP site.
88/ meanwhile, CRU was carrying out a thorough purge of their public-facing FTP sites, which I described with amusement in a July 31 post climateaudit.org/2009/07/31/the…
89/ I also reported that Tim Osborn published webpage “controversy.htm” in folder entitled ftp://www.cru.uea.ac.uk/people/timosborn/censored/ (which was itself censored). Later on Jul 31, Osborn censored the censored folder, so even existence of the censored folder was censored
90/ I summarized events as follows: "I presume that the data has not been totally destroyed, only that, after many years of public availability, it has been put under lock and key. It’s as though CRU is having a collective temper tantrum."
91/ on Aug 4, I did a lengthy article on confidentiality agreements: "Because Jones is having so much trouble remembering who he made confidentiality agreements, Climate Audit, always eager to assist climate scientists, are happy to do what we can to help Jones’ memory".
92/ I noted" "Jones insists on distinction betw academics and “non-academics” be scrupulously observed. I honored Jones’ demand that distinction be observed by using his full academic title, Dr Phil, in title, but, in rest of post, I will refer to him more informally as Jones."
93/ in the thread, I noted that CRU had long ago published data acquired from "early" agreements through CDIAC and at CRU, thus there was no conceivable basis on which they could opportunistically rely on supposed agreements with CDIAC vintage countries.
94/ so I (mischievously) urged Dr Phil to turn his attention to Iran, Algeria, Taiwan, Croatia, Israel, South Africa, Syria, Mali, Congo as a short list of countries with which he might have entered into confidentiality agreement,
95/ I wryly noted that any such agreements would have been in IPCC period and totally antithetical to IPCC principles, asking why Jones would have entered into such agreements in IPCC period? (The whole charade was so stupid.)
95/much later (Dec 2017), a FOI request from MotherJones contained an interesting detail on July events - on which I haven't previously commented. During their hissy-fit, CRU issued new passwords
(eight characters, mix of digits+lowercase+uppercase with no words in any language)
(eight characters, mix of digits+lowercase+uppercase with no words in any language)
96/ the document obtained by Mother Jones was sys admin [Mike Salmon]'s Nov 19, 2009 report on the hack (as then known), together with a covering email by [Jonathan Colam-French], [Salmon's] supervisor. [...] is my interpolation of redaction in document.
97/ [Salmon] reported that, on Oct 5, Mr FOIA had requested backup 390 for [Keith Briffa's] computer taken on July 29 (during the lockdown). Briffa (unknown to me until much later) was very sick and died much too young a few years later. Redactions here definitely refer to Briffa
98/ on Nov 19, CRU still didn't have the FOIA[.]zip uploaded to realclimate, which Gavin Schmidt had informed them about. At time of covering email (17:15 BST; 12:15 EST), there was still no public notice of emails. The dam broke publicly a couple of hours later at Lucia's blog.
99/ so as of Nov 19, [Salmon] didn't know date of last email. If they didn't go past July 29, that would direct their attention to Briffa's computer and backup. (But the emails continued to November so it proved more complicated.)
100/ [Salmon] did know that there was a Nov 11 document (EURO4M_DoW_v2.doc) which came from [Phil's] PC. (My interpolation). He then noted that password for [Phil], like everyone else, had been changed to a more complicated one in July. (Presumably after Mole incident.)
101/ so in late July, presumably after Mole incident, CRU issued brand new passwords to all its employees, all random combinations of characters that were hard to remember. Did this backfire because someone saved their password on their computer in plain view to outside world?
102/ in the wake of the Mole incident and the CRU purge of their FTP site, numerous Climate Audit readers were searching through the CRU website and FTP site, neither of which appear to have been well secured even against civilians, let alone hackers.
103/ at the time, I got feedback from several Climate Audit readers about stumbling unintentionally into private corners of CRU. I recall that this happened to David Holland who informed the university. Holland had been a persistent and effective FOI requester on IPCC issues
104/ one of Holland's FOI requests had precipitated Jones to ask Mann, Briffa, Wahl and Ammann to "delete all emails" concerning AR4 (his request arose from how AR4 purported to deal with "the decline", but that's another story).
UEA appears to have ignored Holland's headsup
UEA appears to have ignored Holland's headsup
105/ another Climate Audit reader reported to me that he had noticed a password sitting in the open on a publicly accessible page. I can't locate the email or comment offhand, but I remember clearly that there was such a report.
106/ early on, my best surmise as to what happened was that some other reader had also stumbled through an open door in the wake of the Mole incident and then decided to explore.
107/ Mr FOIA appears to have had sys admin level skills but there were numerous regular-commenting Climate Audit readers with such skills and undoubtedly dozens more that were silent. Climate Audit would then have had about 20,000 regular readers, most of whom didn't comment.
108/ my guess is that, the first time or maybe the first few times, Mr FOIA walked unintentionally through an open door, probably not using a VPN, but subsequently used VPNs once he began exfiltating documents.
109/ while I don't think that Mr FOIA came from the UEA community, this scenario doesn't prove that he didn't.
110/ Even for an insider, and especially for an insider, it would be best to use a VPN to enter a system - even one where you had rights. (This was later a key issue in charges against Chelsea Manning and Julian Assange.)
More later.
• • •
Missing some Tweet in this thread? You can try to
force a refresh
