Log in

Denialgate: Gleick confesses to being intermediate leaker

Holy cow... there's a new development in Denialgate. John Callender has a summary, and a plausible theory of what actually happened behind the scenes.

Whoa. From climate scientist Peter Gleick, whose writing on water issues I've been following for a while, comes this bombshell: The Origin of the Heartland Documents. [...]

The question I can't stop wondering about is this: Who sent Gleick the original [2012 Climate Strategy] memo [from the Heartland Institute]? [...]

Some people are speculating that Gleick may have faked the strategy document himself. [...]

[But c]onsider this alternate scenario: Maybe the folks at Heartland themselves sent Gleick the strategy document, on purpose, hoping he would publish it. Then they could deny it as fake and discredit him. I confess that this was one of the first things I wondered when the story first broke [...]. But I abandoned the idea because it didn't seem to make sense: The real documents in the larger batch were the sort of thing Heartland would never have released on purpose.

But the timeline according to Gleick makes the "Heartland dirty trick" theory seem more credible. Heartland could have faked the strategy memo, including enough true-ish information to be credible, but not so much detail as to be actually damaging to them. They could have sent it to Gleick, hoping he would publish it, after which they could discredit him for releasing the fake. But they didn't count on his being crafty enough to get the other documents via the social-engineering attack. Confronted by the release of the full batch, they scratch their heads a bit, then settle on attacking the leak of the faked memo, as per the original plan, while blustering and hand-waving as to the other documents.

And Gareth Renowden once more points out Heartland's hypocrisy regarding the document leak.

So were Gleick's actions legal or not? Well, I think I wasn't too far off the mark when I wrote that

In America, an act can be as legal or illegal as you want, as long as the price is right. Actually the phrase "in America" is redundant, because in America, the whole world is America, and besides if someone doesn't like the IPCC [Intergovernmental Panel on Climate Change], they can always extradite Rajendra Pachauri, or bomb his house, or both.

Finally, there's still no word from HostDime about relay.sinwt.ru.

SwiftHack 2.0 site's Florida connection? relay.sinwt.ru has IP address in Orlando

February 19th, 2012 (05:37 pm)

frank -- Decoding SwiftHack | February 18, 2012 at 1:33 pm | Reply

More SwiftHack weirdness:

Not sure if this is a useful lead, but apparently one of the mail servers for the sinwt.ru domain name is relay.sinwt.ru, whose IP address is, which is in Florida.


-- frank

Rattus Norvegicus | February 18, 2012 at 4:11 pm |

Actually this may be really useful. You should contact the company hosting the mail service for relay.sinwt.ru (big hosting company in FL is ServerIntellect) and see if you can get any information from them (you might also point this out to DOJ and/or Brits investigating this...)

Will do that, once I get around to composing a nicely-worded e-mail. :)

Denialgate: likely real, and from insider, but DeSmogBlog and ThinkProgress PDFs differ at bit level

BigCityLib says this regarding Denialgate:

[...] two days into [the] scandal, [Heartland Institute's] CEO Joe Bast and the other players at HI have had time to write any number of blog posts, and a fund-raising letter [note: link fixed] but still...STILL!...haven't had time to go through the [leaked] documents and determine, as per their repeated claims, that they have been altered or are otherwise inauthentic.

Meanwhile, evidence continues to mount that they are in fact the real deal.

DeSmogBlog commenter "rumleyfips" points out that pulling off a social engineering attack, of the kind that Heartland claimed to have happened, is not easy:

The caller [who allegedly asked Heartland for documents] is interesting. Whoever it was a lot of knowledge was necessary.

After all , the information was sent willingly with no questions asked.

Who to call? Had to be someone used to such requests, with immediate access to the requested documents and no need for supervisory permission.

How to ask. The wording had to be usual to the organization or flags would have gone up.

What to ask for. Asking for something that didn't exist could cause [suspicion].

It would seem that only someone intimate with the upper levels of the organization could have done this. Joe Bast [fits] the profile.

Then again, it's also possible that there was no social engineering involved, and instead the documents were deliberately leaked by someone from inside Heartland.

Lastly, for the sake of completeness: I noted that the DeSmogBlog copy and the ThinkProgress copy of the leaked PDFs differ at the zeros-and-ones level, though their wordings are identical (including the OCR misspellings in 2012 Climate Strategy.pdf). Thus, even if the documents are genuine, it's likely that they're not in the same file format as initially sent out from Heartland.

Denialgate, the Heartland 2010 prospectus, and Operation Angry Badger

Yep, the story's up on DeSmogBlog:

An anonymous donor calling him (or her)self "Heartland Insider" has released the Heartland Institute's [q. v.] budget, fundraising plan, its Climate Strategy for 2012 [disputed] and sundry other documents (all attached) that prove all of the worst allegations that have been levelled against the organization.

Gareth Renowden points out Heartland's hypocrisy in their response to the leak. Michael Tobis asks, "Is Turnabout Fair Play?" Brian at Rabett Run discusses a separate but related story. As for me...

  • I'd like to point out once more a diagram from Heartland's 2010 opus (not leaked). Check out that diagram if you haven't. Yes, really. I mean it.
  • There's a lot to chatter about regarding their 'strategy' for climate inaction, but I think what's potentially most damning is their suggestion (in (1-15-2012) 2012 Fundraising Plan.pdf, p. 14) to "[r]ecruit and promote superintendents who support [Wisconsin] Act 10". Is Heartland seriously trying to entice public servants into becoming mouthpieces for their rich funders, or did I miss something?
  • Will US politicians start launching tens of inquiries into Heartland's workings? And will activist groups file scores of lawsuits against Heartland to compel it to release its e-mails?

Claims of "misconduct" based on FOI*.zip get this response from me

frank -- Decoding SwiftHack | February 13, 2012 at 12:01 pm |

Deep Climate, Snapple:

McIntyre [q. v.], and climate inactivists in general, should give a straight answer [to] this question: Did FOI2009.zip or FOIA2011.zip reveal any actual, specific, actionable instances of attempts to falsify data or results, or attempts to suppress good, solid science?

But of course they won't answer the question -- because they know that the true answer is "no".

So instead, they make a lot of irrelevant noises about 'oh noes climatologists said unflattering things about skeptics', etc. etc. etc. Last I checked, saying unflattering things about people one doesn’t like is in no way a scandal, and in no way a firing offence. But you won't find people like McIntyre pointing that out. It's all spin -- spin for the purpose of avoiding the key questions.

-- frank

And (via Prof. Michael Mann) as an aside, for some reason I find the Mother Jones story The Frog of War to be really ... hilarious.

Hack or leak? Diagram of IP addresses known to be involved in SwiftHack 1.0 or 2.0 (except blog IPs)

"I'm FOIA™": commenter "RC" on Planet3.0 blog

February 7th, 2012 (07:01 pm)

February 3, 2012 | 10:33 am

"....I think it was Ross Gelbspan who reported a few years back about how CNN had to abandon mention of global warming and climate change in the context of weather reporting when the advertisers clamped down...."

Mighty big hole in that particular argument, [...]

February 5, 2012 | 9:19 am

(Aside: does "RC" have any relation to the "RC" (a.k.a. "FOIA") of CRU cyber-attack fame, I wonder?)

-- frank

February 6, 2012 | 6:07 pm

[...] Regarding commenter "frankswifthack"'s question, yes, I'm FOIA™.

February 7, 2012 | 9:48 am


Regarding commenter "frankswifthack"'s question, yes, I'm FOIA™.

Interesting claim. Speaking of which, what's your relationship with whoever is running the Russian server sinwt.ru? (You can e-mail me instead of cluttering up this thread, if you prefer.)

-- frank

Hmm. The technological commentary site Ars Technica has a section labelled "Law & Disorder". I think I'm starting to get the sentiment behind this label.

Another dead end -- Greg Laden blog's mysterious 18 Dec comment

January 30th, 2012 (04:40 pm)

I asked blogger Greg Laden about his remark on his blog [cached] saying,

This morning (Dec 18th [2011]) someone tried to post a comment on this blog post [...] with what appears to be a link to a set of computer files containing what may be stolen emails. I did not look though this material at all, but based only on context that is my guess as to what the numerous files seem to be. It is also possible that this is a farce of some kind, or an attempt at distributing a computer virus. [...] The comment seemed to originate from France and there seemed to be links to other countries as well, so I reported the incident to Interpol. I don't expect to hear back from them.

When I asked Laden for more information about the comment, though, I was informed that "the comment was deleted" due to a "database" "screwup".

I hate dead ends...

A glimpse at QinetiQ's attempt to extract CRU e-mails, and issues faced

OK, so climate inactivists such as Andrew Montford and Roger Tattersall are trying to conjure up some vast 'global warmist' conspiracy involving CRU scientists, UK policemen, the UK Information Commissioner's Office, the Muir Russell inquiry, and what not.

That aside, though, the actual information release by the Norfolk constabulary is mildly interesting, in that it gives us a glimpse into the thinking of computer forensics practitioners, and the issues they face in this particular investigation. A quote from the release, apparently from someone at the contractor firm QinetiQ, said this:

In relation to the latest request from the [? Muir Russell] enquiry, I understand that they would require all emails sent and received by [CRU's] Prof Phillip Jones, Prof Keith Briffa and Dr Tim Osborn if possible on a portable hard disk drive by Monday 26th April 2010. [...] In order to provide the enquiry with their request we have estimated that the cost will be £8910.00 ex VAT. We have identified seven machines belonging to the individuals concerned and also the significant number of backups of each of these machines.

And later on:

John quotes about £15 000 to resolve question 1 below [i.e. extraction of all e-mails]. [In a subsequent e-mail, the finalized total cost was stated to be £55,400.00 ex VAT.] This will cover the uncompressing of 3 Terrabytes [sic] of data to 7 Terraytes and sifting through that data. This will have to be a manual search as there are no keywords to allow the machines to run automatic searches.

To put this in context, here's an account of CRU's backup regime by CRU system administrator Mike Salmon, which is part of the Muir Russell inquiry's evidence release:

The entire "C:" partition of a Windows PC, or the "Users" directory of a Mac, or the "/home" directory of a Linux PC would be backed up [to a server in UEA's Central IS], with certain exceptions: some Windows system files and directories were ignored [...] and two directories intended for storing data that did not need backing up (scratch, static). In addition, specific directories could be excluded where the size would overwhelm the server. [...]

Only one researcher elected to manage his own backups. All machines that were backed up to the server may have contained emails if the user used an email client that stored their email on their desktop machine, which has been the common practice in CRU.

This suggests that the entire e-mail archive of each user was backed up at regular intervals. Thus if (say) the backups were done once a month, and the e-mail archive contained messages from 1990 all the way to 2009, then each and every month the backup server in UEA's central IS would receive another copy of the entire 1990--2009 cache, possibly with some additions, deletions, and movements along the way.

So, unless all this material had been suitably indexed beforehand, QinetiQ would have no choice but to go through all the monthly backups, duplicates and all, to ensure they didn't miss even a single e-mail. That's not easy no matter how one slices it.

(Commenter Jace at Montford's blog wrote,

FOIA [i.e. the SwiftHackers] did £55,440 worth of email filtering for free wow

...but that's not really true; the SwiftHackers didn't have a requirement to extract all e-mails, so they could choose which particular backup to use.)

Mindless Link Propagation, 25 Jan 2012

Obama's State of the Union address? What's that? Meanwhile:

Puppets on a string: US think tank funds NZ sceptics shar.es/f367l

Hearing both the BMJ and Lancet are now formally supporting @Request_FOI's attempt to reveal GWPF's funding [...] #eg

How to deal with an internet troll bit.ly/xDN6rX