The true origin of the CRU leak

December 8th, 2009

Some shameless newspaper editors and hacks are claiming that the FSB are responsible for the ‘hack’ that produced the CRU files. This is probably a result of the files being initially hosted on a server located in Russia. It is simple minded guilt by association, and it’s the sort of illogic you would expect from computer illiterate journalists who are recycling second hand news without any analysis.

But what is the truth behind this? Who is/are the hero(s) responsible for the liberation of the smoking gun data that shot Climate Change / AGW / Climate Chaos to death?

First of all, lets define some terms.

In common usage, a hacker is a person who breaks into computers, usually by gaining access to administrative controls. The subculture that has evolved around hackers is often referred to as the computer underground. Proponents claim to be motivated by artistic and political ends, and are often unconcerned about the use of illegal means to achieve them.

Other uses of the word hacker exist that are not related to computer security (computer programmer and home computer hobbyists), but these are rarely used by the mainstream media. Some would argue that the people that are now considered hackers are not hackers, as before the media described the person who breaks into computers as a hacker there was a hacker community. This community was a community of people who had a large interest in computer programming, often creating open source software. These people now refer to the cyber-criminal hackers as “crackers”.


The correct term for someone who gains access to computers is a ‘Cracker’, or a ‘Black Hat Hacker’. If someone broke into the CRU computers to do this, CRU was Cracked, not Hacked, by Black Hat Hackers:

Black Hat Hacker
Black Hat Hackers (also called “crackers”), are hackers who specialize in unauthorized penetration. They may use computers to attack systems for profit, for fun, or for political motivations or as a part of a social cause. Such penetration often involves modification and/or erasing of data, and is done without authorization and hence they should not be confused with “ethical hackers” (see white hat hacker).

They also may distribute computer viruses, Internet worms, and deliver spam through the use of botnets. The term may also refer to hackers who crack software to remove copy restriction methods: copy prevention, trial/demo version, serial number, hardware key, date checks, CD check (NO-CD) or software annoyances like nag screens and adware.
The Black Hat Conference is a major conference dedicated both to learning (and potentially furthering) Black Hat techniques and also to understanding and preventing them.

If the people who cracked the CRU facility and released the files were from the FSB, they were spies, not Crackers or Black Hat Hackers.

Which brings us to how the feat was done.

The most recent emails in the archive date from 12 Nov 2009 and the earliest is from 07 Mar 1996. This is highly significant, and produces a number of possible scenarios.

1: All files copied from backup media by an insider
If the CRU keeps its old emails in offline storage (backed up on hard discs or magnetic tape), then someone working inside the facility would have had to get physical access to those backup media and restore the files to a running system (a laptop) to make copies of them and smuggle them out on a device.

2: All files copied from backup media by a burglar
Someone broke into the facility, accessed the backup media, copied it to a device and escaped with the data.

Both of those scenarios require prior knowledge of where the backup media were stored, the formats in which they were stored, and access to appropriate device(s) to retrieve the data from the backup media for copying.

Once those files were off site, it would be a case of taking time to analyse them and then a simple matter to post them on a server anywhere.

Since the most recent file is 12 Nov 2009, if normal backup procedures are being followed at CRU, we might expect that very recent emails would not be stored in offline drives or tapes along with emails from 1996. If that is the case, then we are talking about two different types of access; one to the backup media and one to the live email server at CRU.

The scenarios flowing from those assumptions are:

1: Burglar copying files from the live system and the backup media
2: Burglar copying just the backup media while someone else copies the live files from outside the facility

The third possibility is that CRU keeps all of its email, no matter how old it is, on a live system that is connected to the internet. This would mean that a Cracker could gain access to their email server and leech the entire archive, from anywhere in the world.

All of those scenarios deal with the emails. Now for the source code samples and documents that have been released.

Once again, to gain access to the released source code and documents, we have only three different options; an insider who knew where the backups were stored in the case of the old files being stored offline, or a burglar outsider, or all of these files being stored online in the live CRU system, cracked by a Cracker.

The released documents have been cherry picked to highlight the scientific fraud at CRU. That means someone who has been paying close attention to this matter, and who knew specifically what to look for to expose this fraud has either combed through a larger set of files, or, the combing through has been done for months in advance of the release of the files.

Remember, the latest email is from 12 Nov 2009, and we are talking about a large amount (167m) of cherry picked text. Lets look at some possibilities.

1: The files were released wholesale by an outsider who snarfed them on or after the 12th of November.
It is unlikely that this is the case, since the information is sorted, cherry picked and organised, and the release was very soon after this date, leaving no time to sort out the vast amount of data.

2: The files were released by an insider, after long preparation.
This is more likely than 1. An insider aware of the fraud would know what to release, where to find it and would have time to patiently organise the file. They would also know how to dump a file in an anonymous ftp in Russia, and how to point to that file without revealing their identity. The most recent document is from the 11th November 2009. Someone collating a ‘vengeance file’ would collect information till the last possible moment, which is after the 12 Nov. They would have to have root access to do this and be able to cover their tracks. Or, during the many years they have been working at CRU, they already had a personal archive of all the relevant documents and source code files, copied as a part of their routine work process. This would not explain the inclusion of emails to which they did not have access privileges on the system. No matter how these files were released, the fact that emails from all the people involved were released and not just to or from a single account means that a complete copy of the email archive of CRU, either from tape or a live system, was made, and then subsequently sifted through.

3: The files were released by a Cracker, who, with root access, remotely made copies of large sections of the CRU filesystem, and who then took months to parse through the copied files, by herself, to produce the archive that was dumped in Russia.
Unlikely, but possible. She would have to freshen the archive with the most recent emails and docs for completeness sake. Doable, but why sit on the greatest scandal in the history of science for months when you can have the same impact immediately? Then again, why not wait? And if she did it by herself, it would take months to go though that mountain of data. The FSB of course, has the manpower to sift though a mountain of data like this much more quickly, but then, why not blame the NSA, Mossad or MI5? They are just as skilled as anyone else, and their motives are just as weather like.

Whoever the hero that did this was, wether it was one person or a group of people, one thing is for sure; they had intimate knowledge of either the internal layout of CRU, or intimate knowledge of the CRU network. They also know something about climate research and the personalities involved in it (or they were told who to examine and what to look for).

Finally, all of this is a total distraction.

The only thing that matters is that the Climate Change / Global Warming / Climate Chaos hoax is blown to smithereens. The earth is not going to heat up and die, polar bears are not going to drown and the ice caps are not going to melt because of man’s use of fossil fuels, and it is now irrefutable and proven that these theories are not based on science, but are instead based on fraud. It is now on the record forever. That newspapers are focussing on this rather than the scandal of the trillions in capital that the sheep are planning to divert into pointless and very harmful schemes is a scandal on top of a scandal.

Leave a Reply

You must be logged in to post a comment.