Pointman:
Thanks for the explanation. I hope I’m not being obtuse but:
Phil Jones clearly thought emails could be deleted. So perhaps whoever compiled the FOIA2009 file thought the same. So my question remains: Did anyone look at the computers of the individuals, or the university server, to see whether the emails were still there?
I can delete my emails, and say with a clear conscience (to my wife, for instance) “No, I haven’t got any emails from xx”, confident that she’s not going to go looking on back-up servers etc. A simple one minute check by one of the enquiries would have cleared Phil Jones from suspicion of having done that. Did anyone make that check?

Geoff

“Did any of the inquiries pose this simple question?”

Somehow, I imagine that Russell, Oxburgh, Acton et al barely know how to switch a computer on. They have minions for all that tedious typing stuff.

IIRC, at NotW editor was quoted thus, when accused of ruining people's lives,: "it's what we do". I know he was speaking metaphorically, but only just, and I'm sure there are a few victims of their front pages whose lives have ended prematurely.

Look how hard Rebekah Wade avoids the limelight (or did!) - I admit to a degree of schadenfreude here, and I'm not sorry.

Re: pointman

> The contents of mail servers are always being continuiously backed up.

Not true. If backups occur it will be on a scheduled basis such as once a day or once a week. This means that if you receive an email and delete it before the backup then its gone. There are many things that the Sys Admin can do to back up every individual email entering or leaving a server or an account, but this is the UEA and there is simply no need for it. If they lose a mail before a backup then they can ask for it to be resent. Nothing crucial will have been lost.

> From the sender's email server, it may pass through other servers (also being backed up) until it arrives at the recipients email server.

The senders outgoing mail server will only store the mail for as long as it takes to pass it on, at which point it will delete it.

When leaving the senders server, email to UEA will only go to one of 2 mail servers (ueamailgate01.uea.ac.uk and ueamailgate02.uea.ac.uk) before it disappears into their internal servers. Upon receipt of the email these servers will either store the email in a mail queue or store the email in the recipients mailbox. Mail queues are not usually backed up since the contents are so transitory and the moment the mail server processes the email it will delete its copy from the mail queue.

> There's a saying in security circles - "email is a postcard". I think it's even worse, more analogous to a public notice

If you send an email to your friend then it will usually only exist in the following places:

1. The computer you composed the email on.
2. You sent folder on your mailserver (if your client is configured to do this)
3. The recipients mailserver
4. The computer the recipients reads the email on.
After any backups of these computers it will exist on the backups

"This is the text of an email that came my way from"
Guardian 15th March 2000
http://www.guardian.co.uk/media/2000/mar/15/pressandpublishing.tvnews

Hypocritical shits.

I believe the entire reason this, relatively old, story takes up more than the rest of the world nes nightly on the BBC is because the BBC are scared of Murdoch completely controlling SKY and giving them real competition.

@TerryS

All wrong, I'm afraid. It all depends on the protocols in use and how the routing and mail servers are configured. eg the use of IMAP rather than POP3. Over and above all that, the backup software in use may be quite independently doing incremental hot backups.

Even on your minimal lifecycle of an email, there are still 4 plus copies of it extant, which is precisely the point I was making.

An official investigation conducted by even a semi-literate IT forensics team wouldn't be too concerned at what was or wasn't on a particular person's machine; they'd go after the servers and the backups.

Pointman

Neil

“more than the rest of the world news nightly on the BBC”

I know, but I have to say that I’m enjoying it. Years ago, when Murdoch was denied a British passport, the mask slipped and he claimed that he would ‘destroy this country’ or words to that effect. Successive governments have grovelled to him because of his apparent (but largely illusory) power and now he’s been found out.

About time he paid some tax, too.

TerryS - in most of the world these days the mail lives on the server (IMAP, Exchange/webdav, etc) and in much of the corporate world at least it is necessary to store an archive of everything that goes through the company's mail infrastructure for legal reasons.

Pointman: We’re still at cross purposes. You say:
“An official investigation conducted by even a semi-literate IT forensics team wouldn't be too concerned at what was or wasn't on a particular person's machine”.
When a vast amount of embarrassing material is revealed, the natural question to ask is: did the people embarrassed try themselves to hide or destroy the material? So, is the embarrassing material still on the computers? and was the FOIA2009 file compiled in situ, or afterwards, by the hacker / leaker? These are very simple questions, to which the technical workings of the system are irrelevant. Has anyone asked these questions, and are there any answers?

simon abingdon

I've often wondered, what does "ZedsDeadBed" mean? I don't mean what does he/she mean when posting, but what does the name itself mean? I feel sure there must be some subtle wordplay or hidden message in it, but I'm afraid it's completely eluded me. (Perhaps it was explained way back; if so, I missed it).

Yes, Simon, I researched this topic some months ago and discovered that she can't even get a quotation correct. It should be "Zed's Dead, baby" from that classic (?) movie Pulp Fiction

Zed's Dead,Baby

"there must be some subtle wordplay or hidden message"

Not necessarily. :-)

@geoffchambers.

The passage you last quoted was addressed to another commenter with regard to a different issue; how many copies of an email hang around in the IT infrastructure.

If the brief of the forensics team was to ascertain if emails were being deleted then the would compare the emails found on the server or backups to those remaining on the user's machine, any difference implying that the user had been deleting emails. It's a common misconception that people think deleting copies of emails on their machine gets rid of them completely. If they have been deleting (and a comparison makes that obvious), you get into whether it was deliberate or not. Beyond a shadow of a doubt or on the balance of probabilities? Very hard to prove either way.

"These are very simple questions, to which the technical workings of the system are irrelevant." - would that this were so.

With regard to the "simple questions" you'll have to address them to the people who conducted the "investigations".

Pointman

STILL seen NO evidence of an external "hacker"...

Doug:
"It is more likely that the climategate emails were leaked by a young up and coming researcher appalled at the dubious practices he/she witnessed. He/she probably wants to continue in the line of work they are trained for.

If the emails were stolen - then action by now would have been taken."

My thought was that they do know who did it, it was an inside job, the person responsible is of international stature and the "powers that be" can't figure out how to deal with it.

Sometimes it is possible to get away with murder because the people who would ordinarily bring justice face a very high cost in so doing - a cost maybe too high.

An example, albeit not of murder but of truth contained, would be the unpublished minutes of the cabinet meetings held in May of 1940, when almost certainly capitulation and/or accommodation were discussed. it was to no one's advantage for them to be released - ever.

It may be the same with naming the leaker here. And if it a senior tenured professor, even more embarrassing.

j ferguson:
“My thought was that they do know who did it, it was an inside job, the person responsible is of international stature and the "powers that be" can't figure out how to deal with it”.

Phil Jones’s first response to the leak was to assume it was about Briffa’s “magic larch tree” research - the Yamal affair. But Briffa was too ill to answer questions, so the affair raised little interest in the media. Then after Climategate, Phil Jones hmself was too ill to answer questions.
They’re a fragile lot in Norwich. Maybe the suspect has a note from matron saying he’s too poorly to pop down to the police station and answer questions...

geoffchambers,

is it possible that there is someone there meeting my general description whose name has not been noised about in the usual places? Perhaps an even more senior climatologist?

I had earlier supposed it might be Briffa based on my naive understanding of some his emails that he was uncomfortable with the effectiveness of some of the paleodatasets they were forced to work with, or maybe with their methods in extracting signal from them, or maybe that they had any signal at all.

Discomfort in a scientist seems a very very good thing, something we don't see a lot of, unfortunately.

Re: pointman

In the Financial sector email have to be retained for 6 years. This is in accordance with Financial Services Authority Handbook.

In the Communications sector email has to be retained for 6 months. This is in accordance with Retention of Communications Data under Part 11: Anti-Terrorism, Crime and Security Act 2001.

I have had to deal with this act directly and the nameless communications company I worked for at the time had their legal people look into it. I believe this also involved clarifying the situation with the government. The end result was that we only had to retain logs and not the actual emails themselves.

I don't know of any sector or business (apart from financial) that is required by law to retain copies of all incoming and outgoing mail.

As for protocols, mail is transported from server to server over the internet using the SMTP protocol. IMAP and POP are what your client uses to access your mailbox. They are not used to transport mail. The routing of mail over the internet is performed using DNS records.

Like I said in my original comment, it is possible that UEA backup every incoming and outgoing mail, but why on earth would they? The loss of an email will not unduly impact them and setting up and maintaining a backup system such as that costs time and resources.

@ Geoffchambers

"They were defending women’s right to vote and the abolition of slavery when many who comment here were in short trousers."

The Guardian was a good newspaper in the days when it was called the "Manchester Guardian." Some of the people who comment here can remember those days. However I doubt if any commentators remember the Suffragets, let alone the Abolitionists!

Roy

@TerryS,

At no point did I say IMAP or POP3 were what are termed "transport" protocols, they are of course email retrival protocols.

"Like I said in my original comment, it is possible that UEA backup every incoming and outgoing mail, but why on earth would they?" - Well, I've got news for you Sunshine, they did, since the contents were revealed in the Climategate breach.

Either you need to brush up on your reading skills or you've been persistently misinterpreting my replies to you.

Either way, this conversation is now over.

Pointman

Re: pointman

Originally you said:

"The contents of mail servers are always being continuiously backed up."

To which I replied:

"Not true. If backups occur it will be on a scheduled basis such as once a day or once a week."

You then counter:

"Over and above all that, the backup software in use may be quite independently doing incremental hot backups."

To which I reply:

"Like I said in my original comment, it is possible that UEA backup every incoming and outgoing mail, but why on earth would they?"

And finally you counter:

"Well, I've got news for you Sunshine, they did, since the contents were revealed in the Climategate breach."

The contents revealed in climategate do not indicate that the mail servers are "being continuiously backed up." or have "incremental hot backups.".
Like I originally said, the UEA probably backup their mail once a day or even as little as once a week. There is no point in them doing continuous backups.

Whitch bit of "this conversation is now over" didn't he understand ...

Pointman

Generally, I do not like flip floppers, however, attitudes change over time. It is good netiquette to allow people to change their minds.

Ive been banned from guardian Cif
strange thing is Ive posted comments that have had hundreds of recommendations and also respectful feedback

I used to buy the Guardian ,I no longer do,in fact if the Guardian was to cease publishing I would not weep
one single tear