Sleeping policemen
This is extracted from a blog called "The Legend of Pine Ridge". The writer has managed to extract a statement from Norfolk Police about their ongoing investigations into Climategate.
Detective Superintendent Julian Gregory who is leading the investigation said:
"This is a complex investigation and as a consequence will take some time to conclude. As with any investigation we will interview anyone who may have information which is of relevance to the enquiry but it would inappropriate to comment on any specific lines of enquiry.”
“Norfolk Constabulary continues its investigations into criminal offences in relation to a data breach at the University of East Anglia. During the enquiry officers have been working in liaison with the Office of the Information Commissioner and with officers from the National Domestic Extremism Team [See NETCU]. The UEA continues to co-operate with the enquiry; however, major investigations of this nature are of necessity very detailed and as a consequence can take time to reach a conclusion. It would be inappropriate to comment further at this stage."
It still seems extraordinary to me that after nearly six months of investigation, the boys in blue don't even seem to have worked out whether they are investigating a hack or a leak.
Reader Comments (35)
Yes, it seems quite amazing. And the involvement of the National Domestic Extremism Team is creepy, to say the least.
Presumably, at some point, they will have to come out and say that they have not even managed to establish whether or not any crime was committed.
Clearly they have drawn a blank in their investigations trawling through the log files of the UEA servers - I imagine that would have been done in the first two weeks. Their investigations now seem to amount to phoning people who have requested information from the CRU and asking about their opinions on climate change, politics and science.
Are there any precedents for such a level of resource to have been expended in investigating a data leak? I imagine that, by now, they must have expended well over a man-year of effort on the investigation.
As with all climategate related bodies I expect that there will be a need to expand the budget next year due to man hours covering this issue of national importance. Obviously a crime as heineus as this requires the devout attention of senior officers within the force to ensure that an international incident is averted and the terrorists responsible are brought to justice.
You'll be telling us next that:-
Ofsted's world-class, highly remunerated staff weren't able to find anything wrong at Haringey
MOD's similarly impressive staff weren't able to realise leaking fuel near heat in Nimrod wasn't suboptimal
Scotland yard locking away the Peach review for 30 years can't then prosecute anyone
Treasury announcing they were selling half our gold would not achieve top
dollareuroetc, etc for our dysfunctional public service
Breaking news.
Police publish report into death of Blair Peach in 1979
A police officer is likely to have "struck the fatal blow" which killed a protester in west London 31 years ago, a Scotland Yard report reveals.
http://news.bbc.co.uk/1/hi/uk/8645485.stm
Pity the more eco-fanatic sections of the media still refer to this as a hack, yet if hacking were the cause there would be some certainty about that by now. It served certain interests to portray this as a hack (i.e. a criminal act) to deflect attention from their own misdemeanors. I suspect that it has dawned on the police that this was an inside job and they are trying to find who within CRU might have had any contacts or sympathies with climate sceptics as this might give them a line of enquiry, i.e. that of a whistleblower.
I can see that this is likely to be kicked into the long grass as it is politically inexpedient for the university and the government to find that it relates to cracks and exasperation within those at CRU themselves at the shenanigans that they have been up to.
Quote: "This is a complex investigation and as a consequence will take some time to conclude"
Which translated means, "we haven't a clue."
Time to call in Sherlock Holmes.
I received my letter by post from DC Baker of the Norfolk and Suffolk constabulary a few weeks ago. I thought I had been forgotton and was feeling a little depressed. But I suppose they had to rule out suspects in the northern hemisphere first.
I'm not sure whether I should come clean and own up to the hack or lie low, prevaricate, play for time and hope that they pin it on some other poor sod. The old bill, and our finest down here have prior form in this area.
They still haven't contacted me. Not that I have anything to say of course.
You got nothing on me, copper. I'm clean, see?
"Blair Peach"
So we can expect to wait 30 years before the definitive verdict that someone may have broken the law...
Bish
Do you read your emails? Sent you a link to similar comments from PC plod 2 weeks ago. Probably the same report Seth's info came from.
I work in compuers and asked our resident boffins and they assure me that if it was a hack they would know straight away. If I remember correctly in the early reporting some comment was made saying the emails were on a "public" drive on the UEA network.
I'd hazzard a guess that they were put there for easy access - inside job.
Mac
I do read them - I've been a bit overwhelmed recently, so it's possible I missed it.
The "largest criminal inquiry in English history" was into the July 7 bombing. They interviewed thousands of people, took volumes of statements, checked a timetable, and picked the train that never ran. You next detective story, perhaps, Mr Bishop?
"As with any investigation we will interview anyone who may have information which is of relevance to the enquiry"
That explains it. They asked Gavin. He knows it was a hack. They should be looking for a Russian with a hockey stick..
In defence of the Police though, a while back there was a very long backlog on IT forensics work due to budgets being spent on making global warming ads and art, not to mention privatisation of forensics labs. Alternatively, the answers are known and the decision to let us know is political.
(Infosec was disappointing this year, lots of fear on sale, not much in the way of freebies)
They'll not pin anything on Dad. Pretty fly is Dad.
Wow, if only they had used the same diligence with the UEA breaking the F.O.I. laws!
Seems to me the Thin Blue Line is near to invisible right now! As with the enquiries
Even the Keystone Cops would have figured out by now that it was done by Harry, at night, in his lab, with a computer. Maybe we should send them some old films of the Keystone Cops so they could get a few cues (or perhaps the board game).
Or maybe they prefer to remain cueless. Most likely, they don't want to say what they know because it would be politically incorrect.
Without a doubt the time is being invested in determining which policeman handles the press briefing. The negotiations on this ignominious task must be quite involved. I imagine the bidding has reached an OBE in two years with all indiscretions forgiven.
How about an FOI request to ask how much the investigation has cost so far?
That response sounds exactly the same as one given out months ago....
Climategate; Why Don’t We Know Who Leaked The CRU Emails?
By Dr. Tim Ball Thursday, April 22, 2010
Why don’t we know who released the emails from the Climatic Research Unit (CRU)? Is it an attempt by the CRU and the University of East Anglia (UEA) to divert even more attention from their involvement in this scandal? Is it part of the larger cover up apparently orchestrated by the Royal Society?
http://newresearchfindingstwo.blogspot.com/2010/04/police-investigations-stolen-emails.html
I'm no advocate for the plod (or any other public servants for that matter) but due process dictates that they don't reveal information about the investigation in case it prejudices any prosecutions. C'mon - you all know that really!
Have they even got logs at CRU? Finding out if it was a "hack" (or, more properly, a "crack") that got the boodle should take a competent compsec guy about 2-3 days, depending on the volume to be searched. If there's NO evidence of unlawful entry OR a pull of the data from outside the local network, then it's an inside job.
Not rocket science, guys.
Prior to leaking the emails to the world on November 19th 2009 the person sent them to Paul Hudson, weather and climate change expert with the BBC and former UK Met Office employee. Hudson received them on October 23rd, 2009, five weeks before.
Surely Paul Hudson is the start point for the police, it can’t be that difficult to trace back to the source from him.
Paul Hudson did not receive the Climategate emails in advance.
Paul Hudson was provided with a copy of one email chain by other means in advance of the FOIA zip file. Probably provided as a blind copy by one of his BBC collegues.
Paul Hudson was then able to verify that the email chain which did appear in the Climategate set was valid and that the FOIA zip file was likely legitimate.
People are misinterpreting his words as if he received the whole set in advance which he did not.
Hudson has not explained why he did not release them although he did confirm they were identical to the ones released later. Hudson knew the implications of the emails because he had written an article a month earlier titled, “Whatever happened to global warming.” It is likely this article and his access to the world through his position with the BBC explain why he was chosen. It is also likely that previous admonitions about his views from CRU people prevented him from releasing the information.
http://newresearchfindingstwo.blogspot.com/2010/04/police-investigations-stolen-emails.html
“Norfolk Constabulary continues its investigations into criminal offences...'
Criminal?
Just wanted to be sure, that they are absolutely sure, that whatever it was, was indeed criminal.
Offences?
More than one?
How many more?
Quite common to drag an inquiry out until the case is too old to go to trial. Similar situations have occured in the past where the state doesn't want any action taken in a case. The Scottish procurator fiscal is an old hand at this trick aswell.
Was anything revealed that was not subject to the many FOI requests that were thrown in the trash? How could it be a crime to publish what they were legaly obliged to disclose many years ago?
You realize that keeping a police investigation ongoing provides a reason and cover to deny any anticipated and real FOI requests directed at the UEA/CRU?
"the boys in blue"
that would now be boys in black...aas they have recently taken on a 'standard 'EU' look so that EU police look the same all over Europe
As somebody who has investigated hacks (or cracks) and internal leaks, I am surprised by the certainty people have regarding the ability to forensically determine what has happened. University computing systems (I have nothing to do with East Anglia but have been involved at a professional level with a number of Scottish universities) are generally not secured to commercial standards and the maintenance of logs etc is poor. If something is simply not recorded by the technology, either because the logging function was not turned on or because the user (legitimate or otherwise) managed to avoid specific logged activities, it is not subsequently recoverable - even by full disk and RAM imaging and analysis.
It is entirely possible that neither the access logs for the email file(s) nor for the wider computer have shown anything other than legitimate accesses. This does not mean it was an inside job. Lack of evidence, mojo, isn't evidence of lack.
Most police computer forensics departments are indeed weighed under - child pornography and serious / organised crime investigations which they are generally reluctant to outsource. Fraud and similar investigations are often outsourced but the political nature of this event means that they would be keen to keep control.
Re: Mojo
"Have they even got logs at CRU? Finding out if it was a "hack" (or, more properly, a "crack") that got the boodle should take a competent compsec guy about 2-3 days,"
Unfortunately there's a big difference between people like Gavin declaring it was a 'hack' and what the Police would need to do to find and secure any evidence for a prosecution that wouldn't be ripped apart by a canny defence lawyer and expert witnesses. Gavin's actions for example may have hampered any potential prosecution or lost evidence.
Same's true for any corporates. If hacked, take the server offline right away and use your backup.. You do have a backup don't you? Then decide if you're likely to try to take legal action, and if so, find a competant IT forensics outfit to help build a case that will hold up legally.
But that's expensive, and the Police have always been struggling with funding and resourcing to counter IT related crimes, especially given the volumes.
Yes, gentlemen, hence my inquiry about whether CRU even has logs.
I actually work in this area, and I'd be willing to bet that they have minimal logging, and short retention of that. Most academic systems end up that way, even if they're set up properly to begin with.
But, of course, I haven't seen what info is available for the investigation, so I'm merely guessing.
I'm thinking Harry's read.me tale of woe gives a pretty good indication of the level of IT security the University of Easy Access has. But it's not like they were holding data of any real value now, is it? I suppose they could try slicing or coring the servers and seeing if they can identify any man-made fingerprints in them.