Click images for more details



Recent comments
Recent posts
Currently discussing

A few sites I've stumbled across recently....

Powered by Squarespace
« Not-so-white | Main | Scientific independence »

+++Has the Climategate hacker just spoken?+++

Afficionados of the Climategate story know that the person behind the disclosures signed themselves "RC", a reference presumably to RealClimate. They linked to a file called on the RealClimate server.

Steve M has been speculating that RC was a UEA insider, who held back some important parts of the email archive as a bargaining chip:

Let’s suppose that U of East Anglia discovered who had the emails and also knew that the person had a big hold back that he’d secreted away somewhere. If you were Acton or Trevor Davies, would you be prepared to enter into a confidential agreement to drop all charges if the leaker turned over his copies of the holdback? It would be very tempting.

If you were the leaker, would you be prepared to turn over all copies of the holdback in exchange for East Anglia dropping all charges and maintaining confidentiality? It would be very tempting.

Thinking in such terms, there isn’t a whole lot of incentive for the University to find the leaker or for the leaker to drop another bomb. Sort of a Cold War standoff. I wonder…

Last night, someone signing themselves RC and again using their website link as left the following comment.

There was no deal made.

Was this the real RC? Has the mystery man just spoken? Let's see...

PrintView Printer Friendly Version

Reader Comments (103)

Well the IP where the comment was made would be logged, but if they were clever enough to remember to erase info like file dates and times this may also be a dead end.

Or it could be someone having a laugh.

Aug 19, 2011 at 8:39 AM | Unregistered CommenterChris

Blogger pointman argued last year that the emails were leaked by an insider:

...they were leaked by an insider who had “access”, without which any source is useless. If one thing comes out of reading the emails, it is that the unit was a very closely-knit and intense peer group, the classic bunker mentality.
The second thing is that a decade’s worth of emails must contain a large element of messages of a personal nature. These appear to have been stripped out. Why? To focus on the science without needlessly hurting or humiliating other people. Notice also, that the content was not edited and the damning emails were left in context – the work of a fair-minded individual. If you have knowledge of climate science and the arguments going on within it, the emails are obviously explosive stuff. A layman would simply not appreciate that. He knows his climate science and to a depth.

Aug 19, 2011 at 8:45 AM | Unregistered CommenterJack Hughes

Chris, with my limited knowledge, I checked the IP and it seems to be blacklisted by some anti-spam databases. As far as I understand this indicates that the comment was left by a "hacker" using a compromised computer.

Aug 19, 2011 at 8:49 AM | Unregistered CommenterJean S

Re: Jean S

Not really. It might be an anonymised proxy. Since these send lots of untraceable junk they tend to end up blacklisted.

Aug 19, 2011 at 9:12 AM | Unregistered CommenterTerryS

To me the case for an "inside job" has always been front and centre. The content and context of the emails mean't the person knew the science and also the relevance of the comments and what these would indicate to the outside world.
The fact that Inspector Knacker of Norfolk Constabulary has not made any comments on potential culprits let alone made any arrests, suggests that either the person involved was very smart in covering tracks or that UEA want it dropped.
It would be interesting to hear from "RC" on his motives, although if he is a genuine scientist and one of the CRU group, it was probably because he became disillusioned with the poor science (or even worse) eminating from that establishment.

Aug 19, 2011 at 9:19 AM | Unregistered CommenterMactheknife

The e-mail address given with the comment is different from the address given in the original "A miracle just happened" -comment. AFAIK the latter has never been publicly disclosed, so that would have been an easy way to demonstrate that the comment is real. So deadend also in this direction.

Aug 19, 2011 at 9:35 AM | Unregistered CommenterJean S

Its a good point this e-mails had be filtered , that meant someone has but the effort in to analysis them , so it just some script kiddy at work or they would have dumped the lot . Secondly not only has the personal stuff gone misses but some of the technical stuff is only half there , in effect we have parts of some conversations but not all of them . I like to think the thought of what else may be is out there keeps Phil and friends awake at nights.
The only up side to the awful reviews of CRU may be that if further information comes into the public realm that shows CRU playing a far dirty game , those on these reviews, to save themselves , will fall out with their good friends at CRU. And start acting like rats in a sack on acid , which will be fun for everyone else watching them tear each other apart.

Aug 19, 2011 at 10:10 AM | Unregistered CommenterKnR

"Flash is Aliiiivee?"
In my best Brian Blessed voice...

Aug 19, 2011 at 10:45 AM | Unregistered CommenterJustin Ert

"No deal was made"
Sort of implies that a deal was on offer.
No deal has been made would an entirely different statement.

Aug 19, 2011 at 10:55 AM | Unregistered Commenterpesadia

Yes pasadia, I thought the wording odd. Taken on face value it could be read that the leaker was identified by the plod and/or the university, but nothing was done about it. Very intriguing.

Aug 19, 2011 at 11:23 AM | Unregistered Commentergeronimo

Still think it's ignoring Ockham's Razor to imagine that a ‘hacker’ broke into the server, collected all the relevant e-mails (from hundreds of thousands), stripped all personal information (and some sensitive technical information as indicated above) out, collected them all into a file strangely marked “Freedom of information" and then leaked it.

The Occam's Razor version is that the University itself collected (and filleted) the files in advance of potentially losing a pending Freedom of information request, placed it on the server, at which point the ‘hacker’ found it and (for whatever reasons of their own) released it.

Aug 19, 2011 at 11:24 AM | Unregistered CommenterStuck-record

I kind of agree with some of the ideas here. RC's response seems to accept the premise of Steve M's hypothesis - namely that the source was a UEA insider. I don't think you could say that a deal was on offer though.

Aug 19, 2011 at 11:27 AM | Registered CommenterBishop Hill

Holdback or embarrassment? I think UEA knows who it is. If the holdback contained even more damaging revelations, what could be exchanged for not-releasing that would not be the object of criminal blackmail? Certainly not money or not prosecuting an action that may not be prosecutable - no law broken. Maybe cleaning up the shop?

Alternatively, the leaker may be a group with a very senior member who was privy to the emails and therefor knew what they contained and was him/herself embarrassed by them and thought their exposure would provoke the cure. If it didn't, then release even more damaging stuff.

Aug 19, 2011 at 11:46 AM | Unregistered Commenterj ferguson


I believe that UEA-CRU collected the information as a part of an FOI request but that a knowledgeable insider leaked it to the world.

Minimum effort, maximum impact on the leaker's part.

Aug 19, 2011 at 11:58 AM | Unregistered CommenterMac

Wow! That comment sure gave me a shiver when I read it. I remember the first one so well.

I agree with Mac's comment. I imagine an FOIA file was assembled and at the last moment, Jones or someone found some excuse to block its release. Someone with knowledge and expertise got frustrated at this and decided to just put it out there.

Aug 19, 2011 at 12:05 PM | Unregistered CommenterFrederick Bloggsworth

Stuck-record , but what would the nature of any such FOI be? There was such a wide spread of information within these e-mails its hard to think of one FOI that would cover them all.

In addition remember Jones made his antagonism toward FOI clear before he even got any and its also clear the FOI office at the university was being lead by the nose by Jones and friends at CRU. So they where hardly in mood to do the work for a possible FOI request given they did not , and still do not , support the FOI process in the first place .

Its still a possibility it just thinking about the reason why they collect the information in the first part that is the hard part.

Aug 19, 2011 at 12:17 PM | Unregistered CommenterKnR

If the .zip was assembled for a real FOI, then surely someone out there must know if it fits their FOI requirement? Has anyone come forward to say that it fits with what they requested?

For me it seems too detailed to be a quick hack and grab, but are we now calling this a hack as the title suggests?

My own view is this was a student or someone in the University who works closely with the FOI stuff who got annoyed at those shirking their responsibilities. But I haven't been fully keeping up with this.

Aug 19, 2011 at 12:31 PM | Unregistered CommenterRoss H

If I were on the inside, I would just tell one of my 'friends' where the file was located and have them pull it. If questioned, I would say "No, I did not take or copy the e-mails". Simple, and no 'deal' would be made.

Aug 19, 2011 at 12:37 PM | Unregistered CommenterSera

It is very easy for anybody to sign any name. What surprises me is that realclimate didn't censor it. Did they just not notice in time?

Aug 19, 2011 at 1:03 PM | Unregistered CommenterNeil Craig

Steve McIntyre had an active FOI request at the time which was refused.

But this was a data request and not an email request so I retract my point about this being the result of a specific FOIA request. However I imagine that it was the refusal of Steve's request which encouraged the leaker "FOIA" to do what he did. I do like the comment he used at Jeff Id's blog to accompany the release

"We feel that climate science is, in the current situation, too important to be kept under wraps. We hereby release a random selection of correspondence, code, and documents. Hopefully it will give some insight into the science and the people behind it."

I had never looked at this posting until now and was amazed to see that FOIA actually highlighted the most egregious emails for us.

I also wonder why he posted this at Jeff Id and only a short comment at Climate Audit.

Aug 19, 2011 at 1:07 PM | Unregistered CommenterFrederick Bloggsworth

Given the wide range of the material in the FOIA zip file I find it hard to imagine it was the result of a single request. It could be that each time a request was denied someone gradually built up a cache of all the things that had been refused.

Might that explain the Data Commissioner's decision that the time limit for it being a criminal matter had run out? Whoever became the whistle blower will have known the offences had been occurring even if the people making FOI requests didn't.

Aug 19, 2011 at 1:08 PM | Unregistered CommenterGareth

There is a big hole in the theory that it was a response to a FOI request (stuck record, Mac). There is no record of any such request for emails before Nov 2009 in the complete list assembled for the Russell Review.
Even if it is suggested that this list is incomplete, surely the person who made the request would have come forward to say "Why is my request not on the list" as well as "My request fits with".

Regarding the latest "RC" comment, it could be anybody, and Jean S's 9:35 comment suggests it is not genuine.

Fred Bloggs, the first post at CA was too subtle and not noticed at the time. Hence the later more outspoken post at Jeff Id's blog and the almost identical one at Warren Meyer's Climate Skeptic blog.

Aug 19, 2011 at 1:11 PM | Unregistered CommenterPaulM

If people look at item 6 in this CRU report then they will see there is reference to 3 unnamed researchers and it looks that the Climategate compilation was probably from those 3 only plus anything else of interest found on the server.

The use of thematic inboxes by 2 of the researchers is a clear indication of how the leaker/hacker would have been able to compile emails of interest relatively quickly whist avoiding content of no interest.

In addition

JCF "Configuration of backup server was unfortunate as it did not remove deleted emails. Centrally, UEA emails are held only for a month and then deleted permanently. Not the case on the CRU backup server."

JCF "What was published on the website included an "FOIA folder" - which was not a replication of what was on the back-up server. This is something which had been put together in this way by whoever published the data."

Aug 19, 2011 at 1:29 PM | Unregistered Commenterclivere

Re: KnR, Frederick Bloggsworth , Gareth, PaulM etc

The emails might not have been compiled for a specific request, but for all requests. In other words, instead of having Jones, Briffa etc searching their email 10 times for 10 different requests they searched it once for emails that might possibly be requested (ie climate related). When a request did come in then this email set could be searched by the FOI officer or some other person for relevant email, thus freeing Jones etc from the task.

Aug 19, 2011 at 1:38 PM | Unregistered CommenterTerryS

Stuckrecord has it right. the giveaway is in the file title FOIA2009 - If the the title was invented by the hacker as a joke, it’s not a very good one - a bit like a burglar going to the fence with a bag marked SWAG. Therefore the title was the work of the file assembler.
KnR: the reason for sticking the information in one place was to get rid of it quickly in case of an emergency (eg a FOIA). In the meantime, why not hang onto it, for old times’ sake? (am I the only one here with stuff on my computer I’d rather others didn’t know about?)

Aug 19, 2011 at 1:44 PM | Unregistered Commentergeoffchambers

Fair enough. That shoots down my theory. Unless there was a general 'damn, we may have to release this' file dump developing in response to repeated FOI requests.

Otherwise, I'll get my coat.

Aug 19, 2011 at 1:46 PM | Unregistered CommenterStuck-record

Sorry very OT. Will we see a JOSH entry in this years Union of Concerned Scientists cartoon contest...

Love to see his take on number 8-check out the graph in the corner.

Aug 19, 2011 at 1:54 PM | Unregistered CommenterMarcH

My 'mea culpa' crossed terry and Geoffs thoughts in the post.


Aug 19, 2011 at 1:59 PM | Unregistered CommenterStuck-record

From day 1 there were only two theories that made any sense. Forget about an outside hacker - it just dosnt fly.

One was the disgruntled insider and the other was that they were going to release the materials anyway, had prepared the zip and either put it on a public server too early by mistake or had just decided on that as a low-key way of getting the material into the public domain themselves.

The theory is very tempting, but for me it didnt do the trick. The killer was the file marooned.jpg - you know the one a pasctiche of various luminaries with (un)funny speech bubbles - what kind of idiot would go through UEA's archive on an FOIA request and think that that was a suitable file to include in an "official" release !

Disgruntled insider - it cant be anything else

Aug 19, 2011 at 2:08 PM | Unregistered CommenterPrinceHorus

There is another avenue which parallels "any such hypothetical dealing" to restrain the leakers/hackers from releasing additional e-mails that could potentially cause further harm to the AGW movement. Don't forget about the never ending police investigation into revealing the identity of the leakers. As long as the police investigation continues ad infinitum, then the original backup server containing all of the e-mails remains sequestered in police custody and off limits to any FOIAs. Remember, Muir Russell dropped examining the contents of the backup server like a hot potato. In fact, there may be pressure upon the police not to conclude the investigation ... and thereby tie up the backup server indefinitely. Since it seems that numerous nefarious relationships exist between the police, the government, PR agencies, and journalism, wouldn't it be in the best interest of UEA and the current government if the backup server just disappeared?

Aug 19, 2011 at 2:35 PM | Unregistered CommenterDrcrinum

Use of word "hacker" in post title strikes me as assuming facts not in evidence. Perhaps "hacker/leaker" or "conduit" would have assumed less.

[BH adds: Short headlines are the order of the day round here. Take your point though.]

Aug 19, 2011 at 2:36 PM | Unregistered CommenterBrent Buckner

RC is implying that he/she knows/knew the people at UEA? "There was no deal made"

Aug 19, 2011 at 2:39 PM | Unregistered CommenterAnnabella

Therefore an INSIDER (all speculation of course)

Aug 19, 2011 at 2:40 PM | Unregistered CommenterAnnabella

As speculation is guess is that Phil Jones or Keith Briffa (more likely)....

1) Received pesky requests for information
2) Wanted to delete emails, but
3) Was scared of losing something important (absent minded professor after all), so...
4) Gathered emails into an archive and deleted local copies
5) Then claimed the emails have been deleted, which was half true, but
6) This was shocking to some decent staff member (RC), who
7) Found and 'cleaned' the archive, and perhaps held back insurance
8) Then leaked the email archive

Perhaps RC is now reaching the end of a PhD or Post Doc - and is about to leave the CRU?

('Eric' (I think) posted the original version of this scenario at WUWT).

Aug 19, 2011 at 3:08 PM | Unregistered CommenterZT

Watching it all unfold back then, I came to a conclusion that I haven't yet seen suggested (although I might have missed it):

The university FOI officer (I forget his name) was charged with pulling together the info that McIntyre requested.

Jones or someone else convinced him to let THEM do it and he complied, giving them access to the university backup server.

Jones or someone else then used that opportunity to amass a whack of potentially damaging emails and other info (including cartoons) with the intent of deleting them all.

The FOI officer found this zip file before they were done and realized with they were up to - that they fully intended to delete the lot. He was royally pissed at being taken advantage of and having his trust betrayed.

He let them do a job that was his to do - as FOI officer, he was as much at fault, at some level, as they were, because he gave them access.

So he released a portion of the file. This person definitely had the know-how and opportunity.

CRU know who released the file because he told them straight out - the releaser didn't out the person or persons who amassed the file because they could out him (for not doing his job).

The stand-off, I suggest, was there from the very beginning - bringing in the police, etc. was all posture and they all knew it.

But they all still sweated the thought they would all be found out.


Aug 19, 2011 at 3:15 PM | Unregistered Commenteryearwithoutasummer

First I presume the same source of the comment on CA "There was no deal made." and the comment on Jeff I'd's blog "We feel that climate science is, in the current situation, too important to be kept under wraps [ . . . ]".

Second I presume the source is not purposely misleading. So "We" means there is more than one individual involved and there is no implication that an offer for a deal was made by UEA.

Third I presume that the "We" are individuals both inside and outside UEA and the UK. The psychology of a lone person inside UEA does not feel right, the activities seem more confident than a lone person in hiding. As to aid from outside UK, the climategate affair doesn't seem to have a uniquely UK flavor so given the international nature of the scientific community then non-UK help seems reasonable.

Presumption 4 is that the police are purposely not revealing any investigative details for strategic PR purposes. I think that is the PR advice they likely got from OO’s spin.

Given those 4 presumptions, I think this has not even started to get really interesting yet.

As a parting thought, I suggest we all take a moment to remember the hero in Crichton's 'State of Fear', Dr. John Kenner.


Aug 19, 2011 at 4:29 PM | Unregistered CommenterJohn Whitman

Probably didn't want to give up his/her insurance policy. Maybe when they leave UEA...

Aug 19, 2011 at 4:40 PM | Unregistered Commentermojo

As much as I would like to believe presumption 4, I can't.

I can't believe that the University and police are that stupid. I know they can be really stupid, but that stupid? Is the ‘game’ (protecting the university's climate research Department) simply worth it?

The consequences of such a cover-up being made public would be vast and incredibly destructive. It would be very difficult for the University, the police, the enquiries and anyone connected (via briefing) with associated media or PR companies to survive the fallout.

Aug 19, 2011 at 4:42 PM | Unregistered CommenterStuck-record

I've always thought the archive was compiled by UEA, to avoid potentially embarrassing information being released due to future FOI's (deleted, but not deleted if pressed by the ICO).
Whether it was then hacked or leaked, I doubt any more can come from the same source.

Aug 19, 2011 at 5:09 PM | Unregistered CommenterChris S

Aug 19, 2011 at 4:42 PM | Stuck-record said,

“”””I can't believe that the University and police are that stupid. I know they can be really stupid, but that stupid? [ . . . ]””””



I am old enough to remember the early reactions to hints of Watergate. Thinking was that the POTUS and his administration couldn’t be that stupid. Then finally it was shown they were more stupid than anyone could have possibly imagined.

Now we have a lower tier UK university with some (arguably) very ideologically biased faculty/administration and what is potentially a politically embedded local police force. They can potentially be just as stupid as the clowns in Watergate. Don’t you think?


Aug 19, 2011 at 5:20 PM | Unregistered CommenterJohn Whitman

If one reads the CRUTape letters it is clear there are two inside suspects who it could have been.

Let's hope they release more.

Aug 19, 2011 at 5:54 PM | Unregistered CommenterAndy

@Chris, Jean S, TerryS
Trivial to set up a chain of anonymized proxies (encrypted computer to ISP and between proxies - vide TOR, Firefox+Torbutton) and as for anonymous email services with multiple cutouts and many identities each forwarding to one's personal email address (easy peasy, vide Yahoo, Hotmail and various commercial services.
Makes 'sock-puppetry' so easy! And also placing a file anonymously on a Russian (or indeed any) server.
I'm using it all at the moment. How goes the movie title? - Oh yeah, 'Catch me if you can'!

Aug 19, 2011 at 6:01 PM | Unregistered CommenterDenier

If this were an alarmist troll, he or she would probably write something like "New release of CRU files. Download at: *link to pornography or malware or what ever*".

Also, no in-line responses by RealClimate moderators between 16 Aug 2011 at 2:41 PM and 18 Aug 2011 at 2:13 AM. Maybe a coincidence, but they were similarly quiet in the days between the miracle comment and the climategate eruption.

I think that if this is the real RC, then he or she has tipped off RealClimate that a new release will be made shortly, perhaps when UEA refuses John Walker's FOI request on Aug 26. Or is McIntyre's Yamal request still under review?

Aug 19, 2011 at 6:16 PM | Unregistered CommenterNiklas

Re: John Whitman's "We"s.

I think it quite possible that there were/are unhappy people both inside and outside CRU (even within UEA).

Early directors of the CRU were of some real eminence but the last couple second if not third raters. Recall the "Why, why ..." e-mail from a previous director (and I guess his mentor) to Phil Jones.

As youngsters - properly trained in appropriate disciplines - not just got lucky to be in on the ground floor of what had recently become a topic of immense world interest - would have seen their career paths blocked when they knew well that the Emperors has no (scientific) clothes.

In addition to doctoral students and post-docs a large number of academic visitors transited the CRU: they won't have been all been blind to the defects.

With their access to grant funding (much involving the Met Office) - controlled by bed-blockers - you can see the ingredients for a putsche.

Aug 19, 2011 at 6:58 PM | Unregistered CommenterAJC

The various theories/ideas/prognostications as to the identity of the publisher of the UEA/CRU files are interesting in their diversity. As a police officer who has investigated a couple of "computer hacking" cases, I prefer a simpler explanation of the type and diversity of the e-mails and data files in the FOI2009 folder.
I believe that this mass of information was gathered over a period of time, not weeks but more likely months or even a year or two. It was gathered by someone (possibly using the Royal "we"?) who did not subscribe to the prevailing attitudes in the UEA; someone who wanted the corruption to be known; someone who had officially sanctioned access to the backed-up information and who was regularly working with it quite legitimately.
The release of the large amount of information which had been collected into the wild very shortly before the Copenhagen climate conference was a major factor in the failure to achieve the aims of that conference. That the nations/delegates were already inclined towards negating these aims was critical, the release of the FOI2009 folder was decisive.
The gathering of the data and e-mails was a long-term project. The timing of the release of this data was deliberate. Whoever gathered all of this data has, most assuredly, compiled a "Get Out Of Jail - Free" folder of far more explosive information. Whoever compiled the FOI2009 folder has got an iron-clad insurance policy stashed away somewhere!
The "No deal was made" posting is simply a warning to the UEA and the Norfolk Police not to be too precipitate in their actions.

Aug 19, 2011 at 7:49 PM | Unregistered CommenterStephen Brown

"...they [UEA] were going to release the materials anyway..."

Yes, no doubt with aeroporcine synchronicity.

/snark off

Aug 19, 2011 at 8:16 PM | Unregistered Commenterjorgekafkazar

A couple of things...

1) I believe Gavin wrote that four or five downloads had taken place from the unnoticed 'miracle comment' at CA. But has any commenter at CA or elsewhere confirmed that he/she downloaded the zip file? (maybe I should ask this at CA instead.)

2) Just a speculation to the Sherlock community from this Dr. Watson, and probably made already, but the "we hereby release a 'random selection'".... seems to suggest that there was a whole lot more where it came from... and that it wasn't put together for FOI purposes. You don't make a 'random' selection if the dossier was already collected for release under FOI and you just stumble over it, I guess?.

Aug 19, 2011 at 8:48 PM | Unregistered CommenterBebben

Bebben - we know there was a whole lot more

Researcher A had 1.99GB, Researcher B had 3.93GB and Researcher C had 2.03GB. This dwarfs the minor amount actually released

What we dont know was any of the names of the thematic inboxes used by 2 of the researchers. So if for example one inbox for a researcher was named YAMAL we dont know how large that themed inbox folder was.

Aug 19, 2011 at 8:59 PM | Unregistered Commenterclivere

As an after thought and to add to the speculation perhaps one of the researchers had a thematic inbox called FOIA.

Aug 19, 2011 at 9:07 PM | Unregistered Commenterclivere

PostPost a New Comment

Enter your information below to add a new comment.

My response is on my own website »
Author Email (optional):
Author URL (optional):
Some HTML allowed: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <code> <em> <i> <strike> <strong>