Signs of Action On Climategate Hacker Investigation: DOJ and UK Police Probe Denier Bloggers

Thu, 2011-12-15 14:08Brendan DeMelle
Brendan DeMelle's picture

Signs of Action On Climategate Hacker Investigation: DOJ and UK Police Probe Denier Bloggers

Fantastic news for a change - the Guardian reports that the UK police are finally making some concerted attempts to identify the hacker behind the criminal invasion of the University of East Anglia's Climatic Research Unit.

The Guardian reports:

On Wednesday, detectives from Norfolk Constabulary entered the home of Roger Tattersall, who writes a climate sceptic blog under the pseudonym TallBloke, and took away two laptops and a broadband router. A police spokeswoman confirmed on Thursday that Norfolk Constabulary had “executed a search warrant in West Yorkshire and seized computers”. She added: “No one was arrested. Investigations into the [UEA] data breach and publication [online of emails] continues. This is one line of enquiry in a Norfolk constabulary investigation which started in 2009.”

Tattersall posted on his own TallBloke's Talkshop blog that:

“I got the feeling something was on the go last night when WordPress [the internet host for his blog] forwarded a notice from the US Department of Justice.”

What excellent news to hear that the Justice Department is getting involved with this investigation, it's about time. Perhaps this came in response to the remarks by Rep Ed Markey (D-MA) last month?

Either way, it is reassuring to know that the investigation into the criminal hacking of climate scientists' emails is, in fact, ongoing.  Last month, we reported about troubling indications that the UK police effort seemed inadequate given the tiny expense reports divulged after a Freedom of Information request by a UK journalist. 

It will be interesting to learn what the investigation uncovers, if anything, from this week's actions. Since TallBloke's blog was one of the first that the hacker “FOIA” commented on when revealing the stolen goods, there may well be something of interest to investigators.

It's also interesting that Tattersall's first move after welcoming the police into his flat was to log out of his email. He writes on his blog:

I managed to log out of my email on the big lappy as they sat down, to the annoyance of the Computer expert.“ 

(Funny statement coming from a guy who has trumpeted the criminal hacking of the email accounts of climate scientists?) 

Only time will tell what investigators might learn from reviewing Tattersall's computers. Has he been in direct contact with the hacker? If not, has he communicated with any middlemen who might have relayed information that could lead to the hacker's identity? Perhaps they'll find an unlocked copy of the 220,245 encrypted emails that “FOIA” has teased the existence of, but so far have not been published online?

DeSmogBlog's Richard Littlemore has previously written about TallBloke's seemingly cozy relationship with the hacker FOIA. In his announcement about the release of the Climategate 2 batch, TallBloke refers to “our old friend FOIA. But later in the same post, he suggests he doesn't know the hacker's identity:

Message to ‘FOIA

Thank you, whoever you are, freedom of information is a principle worth upholding.

Tattersall is not the only target of the investigation by the UK Metropolitan Police, Norfolk Constabulary, Computer Crime Division and the U.S. Department of Justice Criminal Division. There are other denier bloggers whom the investigation is focusing on as well.

More from the Guardian:

“Both Tattersall and a US-based climate sceptic blogger known as Jeff Id said they had received a “formal request” via the blogging platform WordPress from the US Department of Justice's criminal division, dated 9 December, to preserve “all stored communications, records, and other evidence in your possession” related to their own blogs as well as to Climate Audit, a climate sceptic blog run by a Canadian mining consultant called Steve McIntyre. All three blogs had received messages from “FOIA” last month pointing to the link hosting a second tranche of emails first taken from the UEA in 2009.

During an interview with the Guardian last week before the seizing of his computers, Tattersall said that he had been questioned by Norfolk police “some two months” after the initial breach in 2009, but had heard nothing since. A number of climate scientists and bloggers are known to have been questioned by the police.”

Brad Johnson at ThinkProgress points out that “Jeff Id” is the online name of climate denier blogger Patrick Condon who runs “No Consensus” a.k.a. the Air Vent.

Peter Sinclair caught wind of the DOJ action first, see his post: Has Denier Karma finally Run over its Dogma?

If you're interested in following the real-time reaction to this news, check out this Twitter action on hash tag #climategate

The right-wing and climate-denier echo chambers seem to be freaking out that the police are actually doing their job to identify the criminal hacker. 

Chris Horner seems particularly verklempt over this, bizarrely expressing sympathy for the criminal hacker in his op-ed today, as Media Matters For America points out:

“It speaks to the twisted pathology of climate science deniers that they'll condone, even defend, this sort of behavior.”

Of course, we've seen this behavior repeatedly in our five years covering climate denial on DeSmogBlog, but it's absolutely still shocking to see the lows that they'll go to, and Chris Horner provided another example today.

Image credit: Elnur/Shutterstock

Comments

This is so exciting. I am really happy. I never doubted that the authorities were trying to catch the culprits.

Oh……. I’m so happy for you Sweety! :)

Back to reality, this is a show of force for the police over there. They’ve been shamed for doing so little about the first release in 2009 they had to do something. Don’t be too disappointed when nothing come from this.

That the copies is question tunred up on a Tomsk State University server suggests involvment by certain Russians.

Can a whistleblower be considered a ‘hacker’?

I though whistlerblowing was legal??

“http://en.wikipedia.org/wiki/Bradley_Manning”

Apparently the US Government doesn’t think so:

http://en.wikipedia.org/wiki/Bradley_Manning

At least Manning was exposing atrocities & released the entire repository of files he had. The hacker/s involved in the CRU have only released a portion of the 200k emails stolen. Why not release the whole thing? Afraid of context? Afraid of the truth?

 

This would be the same US government which just got caught selling thousands of guns to Mexican drug gangs?  Guns which have been used to murder at least 600 people, including a US border patrol officer?  All in a botched attempt to puff up illegal gun statistics, in order to justify heavy firearms control laws they want to introduce?  That US government?

Yeah, I’m sure it’s all perfectly legit.

“which just got caught selling thousands of guns to Mexican drug gangs?  Guns which have been used to murder at least 600 people, including a US border patrol officer?”

Well thats not good.

“heavy firearms control laws they want to introduce?”

But that is.   :)

 

So you’re in favour of a government fabricating evidence to justify spurious legislation which will remove constitutionally guaranteed rights from its citizens?

Good to see who’s putting all their cards on the table.

“So you’re in favour of a government fabricating evidence to justify”

No, don’t project.

“which will remove constitutionally guaranteed rights from its citizens?”

Another example of policy created by vested (NRA & weapon manufacturers) interests instead of public interests.

“Good to see who’s putting all their cards on the table.”

Yep, thems ma cards.

 

The NRA and weapons manufacturers wrote the US Constitution?

Do tell.

It was written into the constituion over a hundred years ago. In a time where they had no idea on what the impacts of those decisions would make a century later. A countries constituion is not an imovable thing. While changes are few & far between, a constituion can be ammended. Naturally if amendments to the constituion were to affect profits of vested interests, then they wouldn’t be too receptive of this change to the policy now would they?

Same PR bullshit as AGW denialsm. Create red herrings like they “will remove constitutionally guaranteed rights from its citizens”. When in actual fact it’s the same product defence mechanisms that are employed by fossil fuel & tobacco companies. Defence of profit & manipulation of the gullible or those in tune with the dog whistle.

 

“While changes are few & far between, a constituion can be ammended.”

Are you now telling us the Second Ammendment of the US Constitution has been revoked?

When did that happen?

“Are you now telling us the Second Ammendment of the US Constitution has been revoked?”

Again with the projection? It’s getting a bit old now isn’t it Marko?

When did that happen?”

Sorry Marko. Life is real outside the snow dome. You seem to be confused between the word “can” & “did” or “have”.

 

Anthony Watts certainly thought the hack was worth a hat tip:

http://tallbloke.wordpress.com/2011/11/22/breaking-news-foia-2011-has-arrived/#comment-9681

 

It would be interesting if someone uploaded the contents of Tallbloke & Patrick Condons hard drives to the web. Just sayin.

I would say members of the denialosphere like Watts, Mcintyre, Eschenbach & co are doing some serious house keeping on their computers right now. Fortunately forensic computer science has advanced to the stage of where you would need to practically melt the hard drives to stop file recovery techniques these days.

 

has enough nous to avoid any such embarassment from:

Fortunately forensic computer science has advanced to the stage of where you would need to practically melt the hard drives to stop file recovery techniques these days.

OTOH the ‘net has a kinda of collective memory that can produce nuggets from seeming dross.

I am sure I have come across comments by a Jeff Id somewhere, he has had occasional mentions on DESMOGBLOG, a simply search on the name will bring up some. If using a text search within web pages one sometimes has to enter ‘Jeff’ as ‘jeff’ to pick them out.

 

Computer Forensics hasn’t developed to the point where;

Fortunately forensic computer science has advanced to the stage of where you would need to practically melt the hard drives to stop file recovery techniques these days.

Computer forensics peaks into the deleted bytes of your hard disk.  It can also find stuff you accidentally left lying around in the wrong directory.  (Ever drag and drop and forgot where you put it?)

You can thwart computer forensics by deleting the evidence, and reformating your hard disk.  Case closed.  (The military is a different story, they can use electron microscopes to extract bits… this is expensive, and not used for law enforcement.)

MAC addresses on the PCs are the most incriminating evidence.  (However some Ethernet cards can clone new values, which any computer guy knows.)

A friendly RCMP officer told me to use encryption.  http://www.truecrypt.org/  That stops computer forensics cold.  (Not entirely… you need a very good password to thwart cyber cops.  They literally have multi-terabyte look up tables which can crack most algorithms fast.)

The only way this guy is getting caught is if he has the not done anything to protect himself.  An encrypted computer hidden at a friend’s house and a drive by download should do the trick.

“Nope Computer Forensics hasn’t developed to the point where;

Fortunately forensic computer science has advanced to the stage of where you would need to practically melt the hard drives to stop file recovery techniques these days.

Computer forensics peaks into the deleted bytes of your hard disk.  It can also find stuff you accidentally left lying around in the wrong directory.  (Ever drag and drop and forgot where you put it?)”

Sorry my Oilman mate, but I’m gonna have to give your nope a yep, I’ll buy you a beer later. I can speak from personal experience. Case 1: Years ago I a little accident where my external hard drive came up on the screen with unable to access the disk, do you wish to format? Unfortunately, I wasn’t home at the time & my wife not being too tech savvy, said yes. This had our family photos & home movies of the kids on it. I hadn’t backed it up for nearly a year, just stoopid. A mate told me about this software “Recover my files”. http://www.recovermyfiles.com/ .

Recover My Files - Data Recovery Software

Solution

Recover files even if emptied from the Recycle Bin

File recovery after accidental format, even if you have reinstalled Windows.

Disk recovery after a hard disk crash

Get back files after a partitioning error

Get data back from RAW hard drives

Recover documents, photos, video music and email.

Recover from hard drive, camera card, USB, Zip, floppy disk or other media

Learn how to recover your files here.

I can vouch for one, that this software works as it states. I recovered all my files from a formatted drive. Ive since used it just 2 weeks ago on computers where family have inadvertently chosen restore options on their windows 7 laptop where it installed a new OS over the top of the old automatically & wiped out the old system. 24hrs of scanning & they had it all back.

Case 2: A few years later after case 1 a friend had a break an enter into his business. It must have been teens or amateurs, because they stole nothing despite there being 4 $10k servers there & collectors memorabilia worth another $50k. They instead smashed everything up & set fire to the place. Luckily they couldn’t even do that right, because the  fire put itself out. Unfortunately the servers were totaly inaccesible. A mate of mine from uni put me in contact with these guys.

http://www.cbldatarecovery.com.au/hard-drive-data-recovery.html

Similarly: http://www.datadetect.com.au/forensics.php

A week later they had 80% of their data back. Amazing.

“You can thwart computer forensics by deleting the evidence, and reformating your hard disk.  Case closed.”

Fortunately, or unfortunately for some, that is not the case anymore.

“(The military is a different story, they can use electron microscopes to extract bits… this is expensive, and not used for law enforcement.)”

That technology is now available to the public…. :) As Martha & the Vandella’s would say    “nowhere to run to baby…nowhere to hide”.

MAC addresses on the PCs are the most incriminating evidence.”

And above layer 2 (datalink layer) on layer 3 (network layer), the IP is just as incriminating. Police can ask for access to the ISP’s logs & match up IP’s, even if they are dynamic. As well as smtp logs. Most ISP’s archive these for between 30-90 days.

Note sure how that helps considering the intial hack was years ago, but maybe they ( the police) got a copy of the logs a few years back & needed to build on that evidence. They may have needed to sit back & monitor suspects for a while.

Let’s hope we are reading about a conviction or possible conviction next week. Would be a nice Xmas present.

 

 

 

 

 

 

 

 

 

 

 

   

I participated in a hunt for stolen IP at a company I worked for.

For that process I was paired up with Ex RCMP officers who used the same software the police use to scan for missing documents.  We’d enter a series of words, and their software would skim through every byte on dozens of hard drive copies. Typically when you delete a file, all your PC does is wipe the ‘pointer’ to that file, and it doesn’t actually byte by byte erase the file.

For that, you need a file shredder;  (I prefer the MP3 method myself, its less incriminating.)

http://www.fileshredder.org/

The answer to your first example is that you have the option of zeroing the hard drive when you format it. (Its called a ‘full format’, and not a ‘quick format’.) If you don’t fully format it then the data will still be there and it can be recovered.  (Forensic software is designed to look for that data and even fragments of files.)

In your second example, you are talking about damaged electronics.  If the drive platter itself is fine, they you can simply swap in new electronics.  The best way to physically destroy a drive is to drill a hole in it.  (They don’t spin too good after that.)  And if you’re paranoid, pour acid inside.

In our case, two of the drives we scanned had been fully reformated the week before the employees in question left. (I suspect that they knew we were going to look.) The third drive had been erased, then filled up with MP3s.  But the fourth drive had the only really incriminating evidence in the form of a fragment of a deleted file.  They deleted everything but they didn’t think to wipe the deleted space.  (See MP3 example above.)

We had hard drives from an old RAID array, and we managed to recover those after fixing some ‘broken’ hardware.  We didn’t find anything amiss in the recovered data.


You are right about IP addresses.  They definitely put the perpetrator on the defense.

I too have been involved in data recover and further more under different operating systems, MSDOS, DRDos, RISC OS (on the British Acorn 32-bit systems) and even that of a quaint database running under Acorn’s 8-bit 6502 based OS. I used to run MSDOS DRDos, Win 3.1x variants and Win 95 behind RISCOS on those Acorn 32-bit machines of various types, using emulators and a co-processor - across a SCSI bus with the latter at that.

I consider one way of ensuring data erasure is to format the drive under a very different OS to that under which it was used and then use some, self generated in my case, write a file calculated to fit a sector or multiple sectors exactly and repeatedly, the software being run from a drive other than the one being processed.

There are other methods of course. ;-)

 

Let’s watch what nasties scuttle out when the stones get lifted.

Delingpole joined in on the echosphere as well, on his Telegraph blog:

“We can but feverishly speculate. My personal favourite theory so far – lent credence by several of the wise comments at Watts Up With That – is that it concerns all those encrypted emails that FOIA 2011 claimed to have in his possession when he unleashed Climategate 2.0. In other words, there may be more juicy stuff – much, much more juicy stuff – to come. It may also be that the names incriminated are not merely those of low-rent types like Phil Jones and Michael Mann, but senior politicians and businessmen with much more to lose if they’re ever found out.

So let’s hope they are, eh?”

I’d like to see his reaction if, instead of low-rent types such as Tallbloke, senior politicians and businessmen, such as Inhoff and Koch were found out.  They really do have a lot to lose.

Ever notice how the extreme left gets so deliriously happy when the heavy 1984 jackboots of the state are used on a private citizen they don’t like?

Ever notice how strongly the extreme left becomes filled with spluttering outrage at the mere thought computer data hacking (unless, of course, we’re talking about Julian Asange, who obviously is a hero, or the private citizen who’s been hacked is Sarah Palin – then it’s perfectly fine and hilarious).

Ever notice how the environmentalist mask keeps slipping, revealing themselves to be nothing more than hypocritical thugs?

And while I like the idea of Wikileaks I worry that its not exactly an appropriate place to do your laundry.  Lots of things Joe public considers bad is done or discussed behind the scenes.  I’m OK wit dat.

I mostly sympathize with governments unless they are doing something deliriously naughty.  (Like invading Iraq under false pretenses…)

So in the case of Climategate, where someone leaks evidence that the government is involved in a widespread conspiracy to defraud taxpayers – and they arrest someone they believe is the leaker?!

And you’re okay with that?

The date was a bit off, but George Orwell was exactly right.

“where someone leaks evidence that the government is involved in a widespread conspiracy to defraud taxpayers”

The evidence & subsequent enquiries say the opposite of what you say. The only thing you have to back you on this is………blog opinion.

“and they arrest someone they believe is the leaker?! And you’re okay with that?”

Sure. The hackers have helped to hold up meaningful action & policy on AGW for the good part of a decade, adding billions to the costs of mitigation, because the longer it is left, the more money is needed. Plus the potential lives that are at risk.

Had the hackers released the entire 200K the public probably would have seen the whole context of the emails & the whole thing would have been a non event. Instead, associates of the hacker, whether it be for ideological benefit or corporate benefit, chose to redact the emails, take them out of context & use them as a weapon to smear & delay action.

Whingeing about being called to account for this is being a bit precious isn’t it?

 

“The only thing you have to back you on this is………blog opinion.”

… and thousands of Climategate emails.

“and thousands of Climategate emails.”

Out of context. Why not release the whole lot? Why only a portion? I think the public can make up it’s mind whether the rest is irrelevant chatter, or adds weight to your argument or vindicates Jones & Mann again.

The truth will set you free………….or resign you to the dustbin of fail.

“Out of context.”

That’s a charge repeatedly made, but easily refuted.  They are completely in context, and the authors of the emails have acknowledged they are genuine.  Why do you think the government is so eager to bury this? 

You can read all of them for yourself here:

http://www.ecowho.com/foia.php

Let us know if you find anything that “vindicates” Jones or Mann.

“That’s a charge repeatedly made, but easily refuted.”

By ideological & corporate bloggers?

“They are completely in context,”

All 5000, out of 200,000? 2.5% worth of context?

“and the authors of the emails have acknowledged they are genuine.”

Of course they did. It’s their emails. Just portions of it thats all.

“You can read all of them for yourself here:”

All 2.5%? Charmed I’m sure.

 

There’s been no leak of any conspiracy.

If you think this has happened, please provide examples instead of misleading statements.

In any case, I sympathize with the governments in this case.

“left gets so deliriously happy when the heavy 1984 jackboots of the state are used on a private citizen they don’t like?”

Wasn’t 1984 about totalitarianism? An ideology of the right? Just sayin.

“Ever notice how the environmentalist mask keeps slipping, revealing themselves to be nothing more than hypocritical thugs?”

Why does it have to be about environmentalists? Will the masks of conservatives in european countries & NZ also slip if there is a conviction….because they are in on it too…..the prevailing science on AGW.

What, years of smear, bloodbaying & witchhunting by denialists & one round of applause by climate realists somehow puts us on an even footing? Get real.

 

“Wasn’t 1984 about totalitarianism? An ideology of the right? Just sayin.”

Evidently you haven’t actually read the book, then?

“Evidently you haven’t actually read the book, then?”

Why, I have Marko, hence the confusion:

http://en.wikipedia.org/wiki/Nineteen_Eighty-Four

“Nineteen Eighty-Four popularised the adjective Orwellian, which refers to official deception, secret surveillance, and manipulation of the past in service to a totalitarian political agenda”

http://en.wikipedia.org/wiki/Totalitarian

“The concept of totalitarianism was first developed in a positive sense in the 1920s by the Italian fascists.”

http://dictionary.reference.com/browse/fascists

fas·cist
 noun

1.

a person who believes in or sympathizes with fascism.

2.

( often initial capital letter ) a member of a fascist movement or party.

3.

a person who is dictatorial or has extreme right-wing views.

adjective

Your news is news to me.



 

So you haven’t actually read the book.

Thanks for clearing that up.

“So you haven’t actually read the book. Thanks for clearing that up.”

There is a difference between reading something and knowing what they are talking about. You might have read it, but projected your beliefs as to the meaning. It’s a common problem with biblical text. Interpretation is everything.  It’s ironic you were in fear of the right wing this whole time.

Totalitarianism is neither left nor right, but can be either. The definition.com entry is incorrect. The Soviet Union, East Germany, Mao’s China and Pol Pot’s Cambodia were totalitarian regimes of the left. Nazi Germany, Pinochet’s Chile and Mussolini’s Italy were totalitarian regimes of the right.

Yes, totalitarianism in itself is neither left nor right, but one thing you’ll notice is that it is a tool most often enthusiastically employed by the left.  That’s an historical fact.

And for the record, the Nazis were socialists – hence the title National Socialist Worker’s Party.  Also, Mussolini’s Italian fascists had their roots firmly in the Italian Socialist Party.  Many of Mussolini’s policies were undeniably socialist in origin.  That being said, the record of Twentieth Century (and 21st!) totalitarianism is overwhelmingly dominated by communists, socialists, and leftists of various stripes.

Now, whether you choose to accept those facts or not, at least we agree that the tactics used by the state against the Climategate whistleblowers is completely totalitarian in nature.

“you’ll notice is that it is a tool most often enthusiastically employed by the left.  That’s an historical fact.”

Where does this fact come from?

“And for the record, the Nazis were socialists – hence the title National Socialist Worker’s Party.”

Sheesh, not another fox news devotee attempting to rewrite history occording to Murdoch. Just because they had socialist in the party name, does not mean they were socialists. In the same way “The democratic peoples republic of Korea”, is not a democracy.

It’s been covered numerous times in discussion on this blog, most recently here:

http://www.desmogblog.com/attacks-climate-science-education-are-picking-steam#comment-721521

Maybe read a bit more wider than right wing blogs & you will find the truth. Peter Moss was correct. The Nazi’s were a right wing totalitarian party. Sorry to burst your bubble.

 

You should visit the Deltoid latest Plimer thread

http://scienceblogs.com/deltoid/2011/12/plimer_suffers_from_crank_magn.php

and pick up on what Gina Rinehart is about with her far right groups which include the execrable Plimer lately perveyor of mendacious pseudo-science. You should consider the position of FOX blowhards Beck, O’Reily. Hannity and their close kin Limbaugh as portrayed by their own statements.

Now what were you saying about historical totalitarianism? I can discourse at length on European history over centuries - can you? What was Napoleon about and the upper echelons of the British establishment during the eighteenth century and on. What is Harper about - certainly not Democracy in any true sense of the term.

The politics of the world has been slowly drifting to the right - driven by the likes of Milt’ Friedman and his Chicago boys. Pinochet’s excesses were not just a lone blip, unless you have your head up ‘seventh rock from the sun’.

None so blind…!

Foreign history in the book stores books about placed Americans went and kick butt.  There were no books actually discussing any other kind of history.  This I also found quite odd.  In Canada, our average chain book store has world history from other countries’ points of view.

This gives rise to another ‘ism’.  Americanism

You see the thing is that I was in the US just before they invaded Iraq.

Now the funny thing is that when I went to book stores (10) I found precisely zero books with a decenting opinion on the decision to invade.  When I came back to Canada I found a more appropriate mix of 50\50.  (It started sooner than that… the news on the flight wa decidedly nagative.)

So this generates a relevant question.  Precisely by what mechanism were the American store contents controlled?  Zero negative opinions is a very hard number to achieve by any stretch of the imagination.  The purchaser didn’t make a single mistake?  Ever look in the sale bin in a book store?

Furthermore if the populace’s only means of obtaning information is that flawed, you have to ask at what point it ceases to be a democracy.  Hence the existance of organizations such as Desmogblog.

Democracy is utterly dependent upon an electorate that is accurately informed. In promoting climate change denial (and often denying their responsibility for doing so) industry has done more than endanger the environment. It has undermined democracy.

I like Steve Horn’s “Kleptocracy’ idea.

“And for the record, the Nazis were socialists”

Marko, check out 4:50 of this video. You might find it interesting.

http://www.youtube.com/watch?v=ERqhS_BR8Fg&feature=player_embedded&list=PL152E8D1B0EBF9E87

“Totalitarianism is neither left nor right, but can be either.”

I know. I was being polemic. Marko & many like him, have it in their mind that only extremes of the left are to feared, when it’s both left & right extremes. They search for things to fit their world view & if it doesn’t fit, they make it. Case in point was his interpretation of Orwells 1984.

“The Soviet Union, East Germany, Mao’s China and Pol Pot’s Cambodia were totalitarian regimes of the left. Nazi Germany, Pinochet’s Chile and Mussolini’s Italy were totalitarian regimes of the right.”

Agree. Numerous facts support this.

 

political economics abounds.