23 November 2009 Blog Home : November 2009 : Permalink
I just read your blog and article about the CRU attack. I do entirely understand that in your role as a reporter you can’t editorialize and pass judgment about what happens in the world, but you do edge into value judgments in some of your blog pieces and so I found the general lack of indignation in your piece rather disconcerting. After all, this is a criminal act of vandalism and of harassment of a group of scientists that are only going about their business doing science. It represents a whole new escalation in the war on climate scientists who are only trying to get at the truth. Think — this was a very concerted and sophisticated hacker attack.
If you look at the emails and documents (see below) it seems quite clear that the selection is neither random nor is it a grand sweeping up of everything in a scientist's private directory - indeed there is circumstantial evidence that this is data gathered in regards of an FOIA request to the CRU that was rejected a day after the last email. Hence it seems unlikely that "this was a very concerted and sophisticated hacker attack" rather it seems far more likely that this was an internal leak by a whistleblower upset at the continued hiding of information. Given the ubiquity of flash drives I would estimate that copying this data probably took about 5 minutes from the whistleblower's desk.It was a far harder system to crack into than Sarah Palin’s Yahoo account that was compromised during the election campaign. Scientists don’t have much distinction between their personal life and work and it is pretty typical to have all sorts of personal emails (maybe even financially related ones, confidential medical matters, family affairs, Amazon order confirmations*, etc.) as well as frank discussions that are part of the general working out of science and not meant to be done with somebody looking over your shoulder. I don’t think Jones’ emails had any personally compromising data in them, but that was just luck; this illegal act of cyber-terrorism against a climate scientist (and I don’t think that’s too strong a word) is ominous and frightening. What next? Deliberate monkeying with data on servers? Insertion of bugs into climate models? Or at the next level, since the forces of darkness have moved to illegal operations, will we all have to get bodyguards to do climate science?
If the leaker was, as suggested above, an internal whistleblower then the comparison with the Palin hack is totally irrelevant. Actually, as Lucia points out, the emails leaked are very definitely sanitized:A cursory examination of the emails reveals no announcements for group meetings, no invitations to the lunch room to celebrate a coworkers birthday, no email exchanges between husbands and wives discussing their shared love of Lassie DVDs, no letter from the safety training people, nothing related to performance reviews, and no pesky nag notes to update ones cyber security training. (Maybe CRU doesn’t have cyber security training?) Whoever assembled this edited, and it appears that all emails containing very highly personal information were removed from the collection.
Had the emails contained embarrassing revelations about the purchase of Lassie DVD’s, the blogosphere might be abuzz with indignation over the posting of truly personal information. In reality, no such information seems to be contained in what has come to be called the CRU Hack.
As with the "get at the truth" statement, the suggestions about "deliverate monkeying with data on the servers" and so on are ones that would seem better aimed at Messrs Jones, Santer, Mann and co, rather than whoever leaked their correspondence and code.; Plots 24 yearly maps of calibrated (PCR-infilled or not) MXD reconstructions
; of growing season temperatures. Uses “corrected” MXD – but shouldn’t usually
; plot past 1960 because these will be artificially adjusted to look closer to
; the real temperatures.
Maybe reporters just like information to be out, even if it is illegally obtained. Certainly, I thought it was right to publish the Pentagon Papers. But when the attack is on an individual scientist rather than a government entity, and when the perpetrator is unknown and part of some shadowy anonymous network, it raises a lot of new concerns.
"Shadowy anonymous network" is rather rich. Unlike journal referees, bloggers are distinctly lacking in anonymity. True we (or at least I) don't know the identity of all the bloggers and blog commenters but I know do who many of the main ones are, and I'm sure I could figure out the others if I spent a few minutes checking things.The real story here, though, is that the tactics the inactivists have been using in the run-up to Copenhagen have been all outside the sphere of legitimate scientific discourse. Bogus petitions, sham attempts to gut the A.P.S. climate statement, and now cowardly illegal outings of private emails from an individual scientist. If this is what they have to stoop to, then it is clear that they must really not think they have a leg to stand on scientifically.
Well actually one can interpret things rather differently if one considers that the evidence suggests that Messrs Jones, Santer, Mann and co, have indeed been deilberately obfuscating and blocking research results that don't conform to their view of the world. If this release of data does derail Copenhagen then that can only be a good thing since it seems very clear that the politicians have not had the impartial scientific advice they should have had. One also can't help but note that the "inactivists" have not been the only people to try and get their message across "outside the sphere of legitimate scientific discourse". At least that's how I interpret attempts to nobble/blackmail journals and editors.Cheers,
Ray
[*For example, anybody who hacked into my email would find the highly embarrassing fact that I once ordered a compilation of Lassie Christmas Stories on DVD :)]
And I agree that comments like "Mr I'm not right in the head" or "Pielke is a prat" are embarrassing but not, in themselves, malign. However, the main thrust of the leak is regarding the "Hockey stick" papers and the CRU temperature code. The fact that there are embarrassing comments like the following in the (soon to be infamous) HARRY_READ_ME.txt file is much much more important and, going back to the the Copenhagen point above, since it shows just what a shoddy base the climate warming papers seem ot have.20. Secondary Variables - Eeeeeek!! Yes the time has come to attack what even
Tim seems to have been unhappy about (reading between the lines). To assist
me I have 12 lines in the gridding ReadMe file.. so par for the course.
Almost immediately I hit that familiar feeling of ambiguity: the text
suggests using the following three IDL programs:
frs_gts_tdm.pro
rd0_gts_tdm.pro
vap_gts_anom.pro
So.. when I look in the code/idl/pro/ folder, what do I find? Well:
3447 Jan 22 2004 fromdpe1a/code/idl/pro/frs_gts_anom.pro
2774 Jun 12 2002 fromdpe1a/code/idl/pro/frs_gts_tdm.pro
2917 Jan 8 2004 fromdpe1a/code/idl/pro/rd0_gts_anom.pro
2355 Jun 12 2002 fromdpe1a/code/idl/pro/rd0_gts_tdm.pro
5880 Jan 8 2004 fromdpe1a/code/idl/pro/vap_gts_anom.pro
In other words, the *anom.pro scripts are much more recent than the *tdm
scripts. There is no way of knowing which Tim used to produce the current
public files. The scripts differ internally but - you guessed it! - the
descriptions at the start are identical. WHAT IS GOING ON? Given that the
'README_GRIDDING.txt' file is dated 'Mar 30 2004' we will have to assume
that the originally-stated scripts must be used.