Neil Wallis and the Ben Webster Article

Update – Aug 26,2011: the article placed by Wallis has been resolved with information obtained by Andrew Montford under FOI – see here. It was the Richard Girling “poor Phil” piece.]

We learned recently that the University of East Anglia retained Neil Wallis and the Outside Organisation to strike back at its critics. East Anglia has delayed responding to Andrew Montford’s FOI request for information on its relationship to Outside Organisation while it ponders the “public interest” – or more precisely, to give it additional time to try to think up reasons for refusing these documents.

Outside Organisation claimed to have almost immediately secured favorable coverage for the university, but, to date, contemporary news articles have not been surveyed to identify the fruits of Neil Wallis’ intervention. Hilary Ostrov begins the examination here (ht Bishop Hill here)

Update: 10 pm – Subsequent to the post, I sent an email to Ben Webster asking him about the article and received a cheerful reply including the following:

I have never spoken to Wallis and have never spoken to anyone from Outside Organisation in relation to UEA. I did not know until I read it recently that Wallis had worked for UEA.

So read the following with this in mind. Without confirmation of Webster’s source, the fact that Webster didn’t talk to Wallis doesn’t preclude the anonymous “source close to the investigation” referred to below having been coached by Wallis as part of their “covert” operations. Webster’s article, for the reasons outlined below, still seems to me the most likely fruit of Wallis’ endeavours relative to other candidates, but it’s just speculation for now.

Ostrov’s article includes a short review of articles in the run-up to Copenhagen worrying about failure. I disagree with the interpretation that the article advocates, but don’t have time to argue it here. Instead, I’m interested in the narrower question of what coverage Neil Wallis might have achieved and, in doing so, looked back at the contemporary news articles in this time frame.

At this point, it seems likely that the University of East Anglia retained Neil Wallis and the Outside Organisation in the last week of November 2009.

With this knowledge, it’s interesting to read a Nov 24, 2009 Guardian column by environmentalist George Marshall, arguing that East Anglia’s handling of Climategate was primarily a “PR” disaster.

One can only imagine that the UEA’s communications team is totally out of its depth. A less charitable conclusion is that they are defending the interests of UEA and are not concerned about (or have not understood) the damage to climate science.

I presume that Davies and Acton were reading the Guardian avidly at the time (the Guardian was first off the mark in UK press with coverage and continued to cover Climategate in more detail than other papers.) It’s not hard to imagine Acton and/or Davies reading this article and deciding to hire outside PR services. The selection of Outside Organisation nonetheless is an odd choice and we know little of why they were chosen, as opposed to a more conventional agency (e.g. Luther Pendragon).

Marshall’s article linked back to a Nov 20 article by Bob Ward in the Guardian where the supposed link to Copenhagen had been alleged early on. This was alleged early on in the New York Times as well. So it was in the air on the assumption that Neil Wallis came on the scene in the last week of Nov 2009 and would doubtless have been part of his briefing. In the Music World profile, Outside Organisation claimed to have obtained almost immediate results:

Outside The university’s Climatic Research Unit wanted Outside to fire back some shots on the scientists’ behalf after leaked emails from the unit gave climate change skeptics ammunition and led to an avalanche of negative press (left) [Daily Mail, Dec 2, 2009] about whether global warming was a real possibility.

“They came to us and said, ‘We have a huge problem – we are being completely
knocked apart in the press,’” says Sam Bowen. “They needed someone with heavyweight contacts who could come in and sort things out, and next week there was a front-page story telling it from their side.”

What are the candidate stories?

Ostrov draws attention to Ben Webster’s Dec 3, 2009 article in the Times (published by Rupert Murdoch) entitled “Climate e-mail hackers ‘aimed to maximise harm to Copenhagen summit’”. Webster’s lead paragraph is interesting as it cites a “source close to the investigation”:

E-mails alleged to undermine climate change science were held back for weeks after being stolen so that their release would cause maximum damage to the Copenhagen climate conference, according to a source close to the investigation of the theft.

Webster later referred again to the “source close to the investigation” as follows:

The computer was hacked repeatedly, the source close to the investigation said: “It was hacked into in October and possibly earlier. Then they gained access again in mid November.” By not releasing the e-mails until two weeks before Copenhagen, the hacker ensured that the debate about them would rage during the summit. Very few of the e-mails are recent. One, in which Professor Jones mentions a “trick” which could “hide the decline” in temperatures, was sent in 1999.

Webster had been placed in touch with Bob Ward as supposed authority on the timing (Ward made this argument as early as Nov 20 at the Guardian):

Bob Ward, director of policy at the Grantham Research Institute on Climate Change, based at the London School of Economics, said: “From the timing of the release of the e-mails, it seems that the intention was not just to inform the public but to undermine mainstream climate researchers and influence the process in Copenhagen.”

Webster’s story in the Times took a directly opposite line to a highly critical article by Jonathan Leake in the Times on Nov 29 (see here) entitled The great climate change science scandal.

The obvious question: who was Webster’s “source close to the investigation” who said that the emails “were held back for weeks after being stolen so that their release would cause maximum damage to the Copenhagen climate conference”? Was it someone at the UEA? If so, what was the reason for the source not being identified? Or was it Wallis or someone connected to him? Was it the police? Ostrov points to a new connection between the Norfolk Constabulary and Counter Terrorism. Nonetheless, the police seem to have been pretty slow off the mark and my guess is that a December 3, 2009 story would not have originated with them. But just a guess.

One doesn’t expect Webster to give up his “source” but equally it seems pretty likely that Webster’s story was related to Outside Organisation’s “covert” operations on behalf of the university.

Webster did a follow-up article on December 7 here.

David King, who subsequently made a number of curious statements, including an odd mention of phone hacking in an interview, also turns up very soon after the putative hiring of Neil Wallis. On Nov 30, King placed a short statement on climate in the Mirror on Nov 30.

The Russian theme was also pushed on Dec 6 by Will Stewart and martin Delgado in the Mail. However, this article did not refer to “sources close to the investigation”.

During this period, there were numerous stories in the Guardian/Independent advocating the Bob Ward-style line on Climategate. The UEA did not need Neil Wallis to get favorable coverage in the Guardian.

It seems pretty conclusive to me that we can now identify the article referred to in the following quotation by Neil Wallis’ associate:

They needed someone with heavyweight contacts who could come in and sort things out, and next week there was a front-page story telling it from their side.

I agree with Hillary Ostrov that it was Ben Webster’s article in (Rupert Murdoch’s) Times.

PS – I had a very pleasant beer with Ben Webster in London in July 2010 at an outdoor cafe on the Thames. It would have been fun to ask him about this. I haven’t blogged much about my interviews with journalists but the potential irony hasn’t been lost on me.


  1. Posted Aug 16, 2011 at 10:45 AM | Permalink

    A small detail Steve. The 29th November 2009 was a Sunday and Jonathan Leake writes for the Sunday Times, Ben Webster for the Times (Mon-Sat). The two titles, though clearly related, have completely different staff. Although it has been said for a while that this is about to change, with the Times moving to a seven-day operation, to cut costs.

  2. dearieme
    Posted Aug 16, 2011 at 11:42 AM | Permalink

    When you refer to David King, do you mean “Sir” David King, the former distinguished Surface Chemist and former preposterous Chief Scientist?

  3. KnR
    Posted Aug 16, 2011 at 1:53 PM | Permalink

    There was no source , this story was being used to down grade the impact of the e-mail contents. Just like the claims of Russian hackers etc it was part of the dirty campaign lurched by CRU to deflect attention away from the contents . Whose behind this dirty campaign , well the chances are it started in the links between CRU and Bob Ward, remember his job is to spin the message and smear the opposition so he is in good position to know the right sort of people for the job. Its probable from him that that idea of using Neil Wallis and the Outside Organisation came .

    Remember CRU admitted these e-mails where valid very quickly , that in a way was their first mess-up , so their next step was to downgrade their contents in any way they could . In the end perhaps two of the most interesting and unanswered question are who leaked these e-mails and why . Because if their is one thing that keeps Phil & Co awake at night its the knowledge that is was only a partial leak and there is more out there somewhere with somebody . The contents of which they don’t know for sure , but may be very worried about . Knowing who and why may make feel a bit better or a whole lost worse .

    As for the Guardian they actual sat on the story in the hope it went away , it was not until it was clear the e-mails had broken cover and gained public interest did they become ‘concerned’.

    • Steve McIntyre
      Posted Aug 16, 2011 at 2:39 PM | Permalink

      Bob Ward as the person who suggested Neil Wallis and Outside Organisation?? Makes sense, though we may never know.

    • Steve McIntyre
      Posted Aug 16, 2011 at 2:47 PM | Permalink

      You’re right about the “other” emails. Y’know, it’s funny how quiet the investigation of the emails have gone.

      A hypothetical question.

      Let’s suppose that U of East Anglia discovered who had the emails and also knew that the person had a big hold back that he’d secreted away somewhere. If you were Acton or Trevor Davies, would you be prepared to enter into a confidential agreement to drop all charges if the leaker turned over his copies of the holdback? It would be very tempting.

      If you were the leaker, would you be prepared to turn over all copies of the holdback in exchange for East Anglia dropping all charges and maintaining confidentiality? It would be very tempting.

      Thinking in such terms, there isn’t a whole lot of incentive for the University to find the leaker or for the leaker to drop another bomb. Sort of a Cold War standoff. I wonder…

      • David Holland
        Posted Aug 16, 2011 at 3:10 PM | Permalink

        .. .. and if the hold back was nothing whatever to do with climate change who would ever figure it out.

      • Dave L.
        Posted Aug 16, 2011 at 3:47 PM | Permalink

        Since “the source close to the investigation” knew as early as December 3, 2009 that there had been multiple hacks into the computer, the identity of the hacker(s) already may have been determined by December 3.

        Rather than granting amnesty in return for handing over all the subject e-mails, suppose the hackers instead were faculty members on the staff with tenure. The latter would prove to be a huge embarassment. So perpetuating the theme that the e-mails were stolen by Russians or skeptics or other evil outsiders may be the actual PR at play.

      • johnl
        Posted Aug 16, 2011 at 10:41 PM | Permalink

        If I had hacked the emails, I might be willing to monetize that with a PR contract to help subdue the bruhaha they stirred up.

      • Duke C.
        Posted Aug 18, 2011 at 2:34 PM | Permalink

        (Your comment is awaiting moderation.)

        I think there is too much skulduggery in this scenario. What motivated the leaker? Pure altruism is not very likely. A possible motivation would be fear of losing one’s job, or fear of breaking the law. It can be easily inferred (through the email time-line) that Phil Jones kept raising the bar in his FOI obstruction efforts. Did it reach a point where an innocent staffer, undergrad, or colleague was getting dragged in to the fray? Would this person confront Jones and refuse to cooperate? Or, would he/she comply, and secretly start compiling a “cover my a**” file?. The latter seems more likely.

        • Posted Aug 20, 2011 at 9:18 AM | Permalink

          There are a couple of other possible motivations.

          A desire to defend the scientific enterprise from bad practises. More altruistic.

          Revenge for some perceived slight or prevention of publication. Less altruistic.

          Speculation on a postcard to the usual address…

      • Posted Aug 18, 2011 at 11:46 PM | Permalink

        There was no deal made.

        • Posted Aug 19, 2011 at 1:40 AM | Permalink

          OMG … speak of the saint (as I have just finished doing) … or a very coincidental imposter!

        • Posted Aug 19, 2011 at 2:07 AM | Permalink

          Impostor or not, he/she has the same gift for dead-pan conciseness.

        • John Silver
          Posted Aug 19, 2011 at 5:30 AM | Permalink

          So, you were not caught and you have more stuff?

        • Fred Bloggs
          Posted Aug 19, 2011 at 6:09 AM | Permalink

          I hope you have not been caught. You are a hero.

        • geronimo
          Posted Aug 19, 2011 at 12:31 PM | Permalink

          Got anything else for us RC?

        • Posted Aug 19, 2011 at 3:53 PM | Permalink

          Stay careful. They still have a crucifix in the basement for you.

        • Posted Aug 19, 2011 at 4:03 PM | Permalink

          RC, FOIA<

          Thank you very much for:

          1. What you did for science.

          2. What you did for policy.

          3. What you did for me for one rockin' week back in 2009. And it wasn't just you that week. It was a helluva week.

        • Posted Dec 23, 2011 at 12:45 AM | Permalink


          It was quite a week.

          Simon – the Moderator elsewhere.

        • Steven Mosher
          Posted Aug 19, 2011 at 4:29 PM | Permalink


      • TerryS
        Posted Aug 19, 2011 at 6:12 AM | Permalink

        enter into a confidential agreement to drop all charges

        Two things.
        1. If the leaker works for the UEA then it is unlikely that they have committed any criminal act. Even if the leaker’s identity is known to the UEA they would find it difficult to even terminate their employment due to the Public Interest Disclosure Act 1998
        2. If a criminal act has taken place then the decision to drop all charges is not the UEA’s. It is the Crown Prosecution Service who makes that decision. A lack of co-operation by the UEA would obviously influence their decision, but the UEA could not guarantee the leaker that there would not be a prosecution.

  4. mpaul
    Posted Aug 16, 2011 at 2:40 PM | Permalink

    There’s a big difference between hiring a PR firm for crisis management (where its necessary to manage information going to the press and to place facts in context) and hiring a PR firm to undertake a disinformation campaign. If OO was planting information with the press that had no basis in fact and whose purpose was to create a false impression in the minds of the public, then I think that’s a problem. In the US, using public grant money to wage a disinformation campaign is a crime. I don’t know if its a problem in the UK, but it sure wouldn’t look good. Perhaps there are still a few journalists out there who don’t like being played for a foul and would muster up some curiosity on this subject.

    • Posted Aug 16, 2011 at 4:18 PM | Permalink

      In the US, using public grant money to wage a disinformation campaign is a crime.

      It has to be the same over here. But this ignores the probable involvement of some of the Norfolk police in the disinformation campaign. That presumably makes everything OK.

      I believe these chickens will eventually come to roost but it will take a little while. I’ve felt it from the moment the Neil Wallis role at UEA was revealed.

  5. Posted Aug 16, 2011 at 3:10 PM | Permalink

    In July 2010, just ahead of my GWPF report on the Climategate inquiries, Ben Webster was the source of a very strange article that attempted to link sceptics to big oil funding. The article is paywalled, but GWPF’s response is here.

    This was completely out of the blue at the time and there was a certain amount of headscratching as to what or who had prompted it.

    I guess we know now.

  6. Posted Aug 16, 2011 at 4:02 PM | Permalink

    Dave L

    From the minutes of the Russell panel it becomes clear that UEA had fallen for the “Paul Hudson had the emails in October” thing (he didn’t – he just had the ones that had been sent to him by the Hockey Team and which later turned up in the Climategate emails). This led them to believe that the server had been accessed twice – once in October and once in November.

    My guess is that UEA then repeated this error to Wallis who passed it on to Webster.

    • Posted Aug 16, 2011 at 4:13 PM | Permalink

      This is my view too. What this would mean is that ‘The Mosher Timeline’ thread on CA was and remains way ahead of the official investigation, anti-terrorist unit and all. Cheaper too.

  7. KnR
    Posted Aug 16, 2011 at 5:17 PM | Permalink

    Frankly if the full truth ever comes out it will be a long time coming and perhaps not until after CRU has disbanding in all but name .
    By they who will remember who claimed what and when, although its comforting to think the public are as interested in this subject as people on here.
    The cold reality is that as the public will to support AGW drops off so does the public interest in the subject in any sense too.
    As the saying goes ‘Today’s news is tomorrow’s chip wrapper ‘ the irony is the death of the AGW scare is also the death of most interest from the public in those that critic it . Sometimes the measure of your successes is making your self redundant and finding that few even remember what you did only that things are better .

    • Posted Aug 16, 2011 at 5:50 PM | Permalink

      I don’t agree with this, partly because, as we’ve been thinking about on Bishop Hill today, ‘carbon reduction’ policies involving vested interests, like biofuel subsidies, will take many years to remove from the system, even after the ‘death of the AGW scare’. This long and painful process will bring home to many other neglected truths. We should aim not to be remembered but to make the most of the changes that will become possible from this process.

      • JEM
        Posted Aug 17, 2011 at 1:04 PM | Permalink


  8. Steven Mosher
    Posted Aug 16, 2011 at 5:32 PM | Permalink

    This story originally got my attention because of the mention of two different hacks.

    The files as I’ve mentioned have had the date time bleached.

    But not just to one date. To two different dates. Like it was done on two different occasions.

    • Posted Aug 16, 2011 at 5:58 PM | Permalink

      Mosh — What does “bleaching” a time-date entail? Is it a deliberate attempt to hide the time-date, or is it just an unintended overwrite of the original time-date with the time of recopying? Why is it relevant to the Climategate e-mails?


      • Atomic Hairdryer
        Posted Aug 19, 2011 at 7:26 AM | Permalink

        There were two aspects to date/time.

        One was changing the file creation date/time. All the emails were set to 1/1/2009, which is easily done with the Unix Touch command. Some, but not all the files in the Documents directory were also rewritten to the same date.

        The other was the email file name. That’s based on epoch time and there may be some inconsistencies in those along the lines of mpaul’s suggestion. 1236958090.txt shows a possible offset that lead to the idea it was a US ‘hacker’, but I’m unconvinced.

        • Duke C.
          Posted Aug 19, 2011 at 1:04 PM | Permalink

          Atomic Hairdryer said-
          “…possible offset that lead to the idea it was a US ‘hacker’, but I’m unconvinced.”

          Maybe not the primary hacker, but I am convinced that one or more Americans were involved somehow in the distribution and release. the 4/5 hour offset in the mail filenames, and the same 4/5 hour offset in just about all of the document files is just too big of a clue.

          This would mean that the email folder was created AFTER it was opened on a *nix machine with the system clock set to the Eastern time zone. Something that I find interesting is that whomever created the FOIA zip archive could have erased the local system time info simply by adding “-X” to the command line. So his/her knowledge of Zipinfo 2.3 is average at best.

          And there has been relatively little discussion about the provenance of the dossier. The version that went viral was named “”, which contained a parent directory named FOIA.

          The link posted by RC in the strip bark thread resided on the root directory at realclimate, and was simply named “FOIA.ZIP”. Why two different archive names?

          The release/distribution of link(s) to to TAV, WUWT, The Blackboard, (and one or two others) appeared to be a coordinated effort with all involved having the same mindset. It kind of seems like one person inside the loop (RC) decided to go rouge; Left the reservation, if you will.

        • Atomic Hairdryer
          Posted Aug 20, 2011 at 7:45 AM | Permalink

          Out of interest, why do you say Zipinfo 2.3? That prompted me to run the zipfile through a hex editor and noticed it shows the filenames. That shows something a little odd and may show how the zipfile was created because the files don’t look to have been added in any typical order:

          ———- FOI2009.ZIP

          That’s from doing a quick find “txt” in FOI2009. Newer zip programmes compress the file/directory names, older rezip the files in order of filename. I’m not sure if this shows the order files were added to the archive, or if there’s any theme or meaning to the content order.

          On file times, it’s not the file dates that looking interesting, those are easily modified. Why the documents didn’t get the same treatment may be. 18/72 items got touched to 1/1/2009, 4 ended up 30/12/1899 for some reason. The rest have normal looking dates.

          The email file names are more curious to me. Those are created based on epoch time, some show the offset. That doesn’t make sense if they were taken from the CRU backup server but may make more sense if it was someone’s personal backup system and their system time changed periodically, ie they were somewhere else at that time. I think the Russell review confirmed the emails weren’t the same as held on that server as well.

          The way the files have been manipulated and cleaned makes me think insider rather that hacker though. There’s no need for a hacker to remove header info or email addresses from the mails as they wouldn’t ID any external hacker. I’m also not convinced it needed more than 1 person. The ftp site and proxies used were common knowledge. The RC drop failed, so drop it somewhere else and point people at it.

        • Duke C.
          Posted Aug 20, 2011 at 1:20 PM | Permalink

          Out of interest, why do you say Zipinfo 2.3
          Central directory entry #1:


          offset of local header from start of archive: 0 (00000000h) bytes
          file system or operating system of origin: Unix
          version of encoding software: 2.3
          minimum file system compatibility required: MS-DOS, OS/2 or NT FAT
          minimum software version required to extract: 1.0
          compression method: none (stored)
          file security status: not encrypted
          extended local header: no
          file last modified on (DOS date/time): 2009 Jan 1 00:00:00
          file last modified on (UT extra field modtime): 2008 Dec 31 21:00:00 local
          file last modified on (UT extra field modtime): 2009 Jan 1 05:00:00 UTC

          32-bit CRC value (hex): 00000000


          The Final FOIA.ZIP dossier was archived on a linux machine running zipinfo version 2.3 , which was bundled with pretty much all of the linux distros up until 2008. (CRU was running a 2006 version of Redhat Scientific linux in Nov.’09 so 2.3 was part of that bundle)

          What the leaker overlooked is that by adding “-X” to the command line the archive headers would have looked like this:

          offset of local header from start of archive: 0 (00000000h) bytes
          file system or operating system of origin: Unix
          version of encoding software: 2.3
          minimum file system compatibility required: MS-DOS, OS/2 or NT FAT
          minimum software version required to extract: 1.0
          compression method: none (stored)
          file security status: not encrypted
          extended local header: no
          file last modified on (DOS date/time): 2009 Jan 1 00:00:00

          32-bit CRC value (hex): 00000000

          Voila. No extended time attributes! A top level IT guy would know this, someone with average computer skills would easily overlook it.

          18/72 items got touched to 1/1/2009, 4 ended up 30/12/1899 for some reason. The rest have normal looking dates.

          There are backwards compatibility problems with Microsoft system times. If the time value bytes are corrupted, (a newer version of a utility/program expects to see one value, and finds something it doesn’t recognize) it will return a null default value. In the case of Microsoft, that will be Jan 1 1980 or Jan 1 1900. I think that Mosher is wrong wrt his second timestamp bleaching theory. The time value bytes are corrupted in those files, and have been reset to null.

          One other thing-

          Zip 2.3 had a vertical permissions vulnerability bug, which would give low level users higher level access to protected archives:

          Check out the downstream comments in the CA Climategate posts from Nov. 2009 forward (especially “The Mosher Timeline”). Several CA readers (ErnieK, James Gibbons, GregF, etc.) made some valuable contributions regarding the forensic details.

        • Steven Mosher
          Posted Aug 20, 2011 at 4:53 PM | Permalink

          “18/72 items got touched to 1/1/2009, 4 ended up 30/12/1899 for some reason. The rest have normal looking dates.”


          Now check the documents folders

      • Steven Mosher
        Posted Aug 19, 2011 at 10:09 PM | Permalink

        Hu, there are two reset dates. One was the mails being reset. However if you look at the documents there us a second reset date on them.

        The issue isnt HOW the dates are reset. That’s trivial to do. The issue is why? and why two different dates.

        One theory is that the dates are reset to cover the time at which the deal was done. So if I copy the files at 2pm I want to hide that I did the copying at that time. Perhaps to hide when the system was logged into. So when I saw the two different reset dates I suspected two discrete events. And at each different event they selected a different reset time. Just a theory. So when I read that they thought their were two intrusions that made sense. But again all speculation on the barest of facts. nothing more.

    • mpaul
      Posted Aug 16, 2011 at 6:20 PM | Permalink

      Steven Mosher, you said,

      The files as I’ve mentioned have had the date time bleached.

      I’ve been poking around on this a bit because its something that might invalidate my favorite theory (that the emails were pre-compiled by UEA for some purpose).

      Here’s something interesting. At the time, there was a known bug with gmail.

      Messages uploaded or copied into Gmail using IMAP may display the wrong date in your inbox or other labels. The correct dates should appear in conversation view.

      The explanation for this was that

      When uploading messages, the IMAP client is supposed to specify the “internal date” of the message as one of the arguments to the APPEND command. If the client omits this parameter, the server is supposed to use the current time. RFC 3501 section 6.3.11 states in part:

      “If a date-time is specified, the internal date SHOULD be set in the resulting message; otherwise, the internal date of the resulting message is set to the current date and time by default.”

      In Gmail, the client is specifying the date and Gmail is ignoring it. this is a bug.

      So its possible that the “bleaching” occurred because the leaker/hacker had accessed the UEA mail server via IMAP from a gmail account. Gmail then grabbed the date from the RECEIVED header rather than the DATE header.

      This might explain one curiosity: why did some of us who submitted a FOIA get interviewed by the police while others did not. The explanation might be that the investigators determined that the leaker/hacker used gmail to access the mail server. I submitted my FOIA via a gmail account. So perhaps they only interviewed people who submitted FOIAs using gmail accounts.

      • Posted Aug 16, 2011 at 7:10 PM | Permalink

        I did not use a google mail account.

        By bleaching, Mosh means the txt files all have a creation date of 1/1/2009 12:00 am. This is to cover when the files were created. This had nothing to do with IMAP access. This is a deliberate covering of tracks, an erasure of traceable clues.

        • Posted Aug 16, 2011 at 7:55 PM | Permalink

          Or a dying battery…… probably deliberate, but I’ve had it happen. Time stamps come from the comp time which is held by the battery when powered down. If one was to hack and whatnot, then one would want to use a computer that isn’t typically associated with that person.(Different NIC.) For instance, if I were to undertake some nefarious activities with a computer, I’d use one of the PCs I have that are powered down. One of them, I have no doubt the time stamp will be something silly. Its been unplugged for several months.

          I keep it for nostalgia, and information on CC I gathered a few years ago. I used to fire it up from time to time until that commercial came out about making fun of the guy that had a triple boot PC……. 😐

  9. Posted Aug 16, 2011 at 8:29 PM | Permalink

    I understood the emails, at least a limited number of them, were sent to Paul Hudson at the BBC about 5 weeks before they appeared through the Russian outlet. Has anyone talked to him? They must be traceable on his computer? What did he do with them? It appears he didn’t release them because he had already been chastised by the CRU gang through their BBC contact Richard Black.

    Steve – the Hudson story has been discussed long ago. Your understanding is incorrect. He only had his own emails.

    • Posted Aug 17, 2011 at 2:45 PM | Permalink

      Does this mean this report was wrong?

      Steve: Newspaper articles are sometimes wrong or misinterpret things. Hudson did NOT have the Climategate dossier. This has been discussed exhaustively. You can look back through discussions at the time.

      • Anthony Watts
        Posted Aug 17, 2011 at 9:44 PM | Permalink

        I agree with Steve, Hudson never had the emails. The confusion stemmed from him being actually in one of the CRU emails that was released. I examined and discarded this concern long ago.

        So yes, the Dailymail article is wrong.

      • clivere
        Posted Aug 18, 2011 at 4:41 AM | Permalink

        Tim Ball – see the following which contains the explanation

        “As you may know, some of the e-mails that were released last week directly involved me and one of my previous blogs, ‘Whatever happened to global warming ?’

        These took the form of complaints about its content, and I was copied in to them at the time. Complaints and criticisms of output are an every day part of life, and as such were nothing out of the ordinary. However I felt that seeing there was an ongoing debate as to the authenticity of the hacked e-mails, I was duty bound to point out that as I had read the original e-mails, then at least these were authentic, although of course I cannot vouch for the authenticity of the others.”

  10. Posted Aug 16, 2011 at 8:51 PM | Permalink

    With this knowledge, it’s interesting to read a Nov 24, 2009 Guardian column by environmentalist George Marshall, arguing that East Anglia’s handling of Climategate was primarily a “PR” disaster.

    Maybe from your browser this was a Nov. 24 piece, but the view from here is that this was dated Nov. 23 (with an unspecified update on Nov. 24) … I won’t clutter up your thread with the details, but there are some additional curiosities (anomalies?!) wrt to Marshall’s piece that I noted in my response to your comment on my post, Steve.

    Btw, Fred Pearce’s Dec. 10/09 “Climategate: Anatomy of a Public Relations Disaster” on Yale’s environment360 is, IMHO, worth a read.

    Apart from failing to fact-check the “birth” of the GWPF, and – of course – his obligatory mention of “trouble-making climate skeptics” and “bellicose skeptic Sen. James Inhofe [who] can be heard on Capitol Hill inveighing once more against the climate conspiracy”, his take is interesting and, IMHO, reasonably balanced.

    But then this could be “confirmation bias” on my part, since he also mentions:

    What about Copenhagen and the climate negotiations? In the short term, the fracas is unlikely to alter things much. The negotiators live in their own cocooned world. They have long since received their orders of engagement for the climate talks.

    “We don’t know how this will play out,” says Ben Stewart, media director at Greenpeace UK.[…] [emphasis added -hro]

    That aside, there are a number of other good points that Pearce makes, including:

    Whoever was responsible for the original hacking (and the supposed miscreants range from Russians in cahoots with the Kremlin to Norwich interns on a night out), the heat rose because of the context.

    The Canadian skeptical researcher Steve McIntyre had submitted a blizzard of freedom of information applications to the University of East Anglia, demanding access to global temperature data assembled by Jones. The e-mails appeared just as the university was preparing its case for not releasing the data.

    I particularly liked his closing paragraphs:

    I have been speaking to a PR operator for one of the world’s leading environmental organizations. Most unusually, he didn’t want to be quoted. But his message is clear. The facts of the e-mails barely matter any more. It has always been hard to persuade the public that invisible gases could somehow warm the planet, and that they had to make sacrifices to prevent that from happening. It seemed, on the verge of Copenhagen, as if that might be about to be achieved.

    But he says all that ended on Nov. 20. “The e-mails represented a seminal moment in the climate debate of the last five years, and it was a moment that broke decisively against us. I think the CRU leak is nothing less than catastrophic.”

    Reading Pearce’s mention of “confidentiality agreements” reminded me of my initial thoughts at the time that the Wallis-CRU connection surfaced: I’ll bet the powers that be at UEA are kicking themselves for not having insisted on a “confidentiality agreement” with OO – prior to engaging their services (or at some point during this engagement).

    My guess was that they’re probably as sorry for this error of omission as Briffa must have been when he realized that he’d failed to delete Amman’s E-mail, in reply to his call for assistance in responding to the Reviewer Comments on the SOD 😉


    • Steve McIntyre
      Posted Aug 16, 2011 at 9:17 PM | Permalink

      I sent an email to Ben Webster asking him about the article and received a cheerful reply including the following:

      I have never spoken to Wallis and have never spoken to anyone from Outside Organisation in relation to UEA. I did not know until I read it recently that Wallis had worked for UEA.

      Doesn’t preclude Wallis having talked to the source of Webster’s source. Otherwise I wonder what was the story that Outside Organisation claimed responsibility for.

      • Posted Aug 16, 2011 at 11:07 PM | Permalink

        Interesting response from Webster, Steve. If I had a suspicious mind… and of course I trust anything and everything a journalist tells me these days, so I’m not in the least bit suspicious!But if I were, my take on this would be ….

        Hmmm … OK, he’s never “spoken” to Wallis. This doesn’t preclude emails, does it? Nor does it preclude Webster having “churnalised” a press release, ostensibly from one of a possible multitude of UN desktops but (perhaps unbeknownst to Webster, if one were inclined to give him the benefit of the doubt) prepared by Wallis and/or Bowen – bearing in mind OO’s known “strategy” of “planting rumours in the press”. Then, of course, there’s always the possibility of the Hayman connection (could be your “source of Webster’s source”?)

        Webster also says he’s “never spoken to anyone from OO in relation to UEA” [my bold].

        This doesn’t necessarily mean he’s never spoken to anyone from OO; not to mention that the major thrust of Webster’s article was the IPCC – rather than UEA which, in this piece, was mentioned almost en passant, i.e. for “context”. Resulting in a “bonus” for this particular part of OO’s “mission”, in that Webster’s article takes considerable heat off UEA, and places it on the IPCC – and its “parent” [UNEP] and “godfather” [UNFCCC].

        Maybe no one at UEA knew that the Copenhagen deal was doomed, but this triumvirate most certainly had to know. They just might have jumped at the opportunity to make use of a diversionary scapegoat (regardless of how far-fetched the words attributed to them might have been).

        But, of course, only someone with a suspicious mind would think along such lines. So it must all be simply coincidence, I’m sure;-)

      • geronimo
        Posted Aug 17, 2011 at 1:23 AM | Permalink

        Steve, read it carefully. He says he hadn’t spoken to Wallis or anyone from OO. What about the UEA? They could easily have contacted him directly at the behest of OO.

    • Steve McIntyre
      Posted Aug 16, 2011 at 11:40 PM | Permalink

      Fred Pearce went into the matter in detail subsequent to the article that you linked to. While I disagree with many details, his book The Climate Files is a very interesting and fair take on the affair from a green reporter.

  11. justbeau
    Posted Aug 17, 2011 at 12:23 AM | Permalink

    Thanks for keeping an eye on Wallis. He is a marvelous new character for inclusion in this comedy of errors.

  12. Stuck-record
    Posted Aug 17, 2011 at 4:58 AM | Permalink

    I don’t think anyone should get hung up on the idea of ‘multiple hacks’.

    The University, and their apologists, were spinning this line right from the beginning. Equally, it’s been clear to anyone with a shred of common sense that the information released was the same information that had been compiled against the possibility of losing a particular freedom of information request.

    The University and its allies have perverted the use of the word ‘hacking’. They are using it in a postmodern manner. What they describe as ‘hack’ is simply somebody taking something off their server without their permission – even if it was legal to do so.

    If you remember, in the months leading up to climate gate there were several instances of the University’s appallingly chaotic FTP management. Files that were not intended for prying eyes were left on completely unprotected public FTP sites. Where, quite legally, people helped themselves.

    My reading is that it is these events that the university is referring to as the previous ‘hacks’.

    As for Bob Ward being the link between Outside and the University. It is tempting to believe that he is the common link, but it’s hard to imagine how a professional organisation like Outside would tolerate such an appallingly disastrous series of interventions, such as those made by Bob Ward in the post-ClimateGate period. Every time it was possible to pop up and put his foot in it, Mr Ward did so.

    I find it very difficult to believe that the agency would not have stamped very hard on these kind of interventions if there was any coordinated activity between the two.

    My $.02 worth.

  13. pesadia
    Posted Aug 17, 2011 at 5:07 AM | Permalink

    There is a veritable feast here for a good investigative journalist.
    Where is the journalist.

  14. Posted Aug 17, 2011 at 7:06 AM | Permalink

    I had a very pleasant beer with Ben Webster in London in July 2010

    As I recall you arrived on Sunday 11th July and returned the following Saturday, 17th. The Global Warming Policy Foundation hosted the first public meeting at which you spoke in London, on Tuesday 13th July. On Monday 19th July, the first day the Times was published after your departure, Webster no doubt in appreciation wrote the front-page article attempting to smear Benny Peiser and the GWPF by ridiculous, non-association with Exxon Mobil referred to by Bishop Hill above.

    It was only on 7th October though that Webster included Steve McIntyre in the list of five science ‘heretics’, to be contrasted by the discerning reader with 100 ‘greatest scientists’, in the Times’s new Eureka science supplement. In this instance McIntyre was no doubt expected to share his beer with Bjorn Lomborg, Lord Lawson, Christopher Monckton and Sarah Palin – a wild party if ever I saw one. Eureka is, like the previous article, hidden behind the Times paywall but Fraser Nelson I’m sure got the details right the same day in the Spectator.

    I feel a new verb coming on: to webster someone meaning to drink beer with them, smear their friends before the week is out and, when the coast is clear, do the same to the person concerned, all for the money. The love of science made manifest.

    • Steve McIntyre
      Posted Aug 17, 2011 at 8:07 AM | Permalink

      Richard, nonetheless, I had a pleasant beer with him. Both the weather and the riverscape over the Thames were great. What’s wrong with that?

      I’ve gotten along fairly well on a personal basis with some green reporters, some of whom appreciate that there’s a difference between my interests and the more politically minded people that you mention. They’re still going to go their own way. Nothing wrong with that.

      • Posted Aug 17, 2011 at 10:48 AM | Permalink

        Nothing wrong with you having the beer with Webster. But I was genuinely shocked earlier when I looked back at what he then chose to write. The smearing has to stop. Those responsible should be accorded the same respect as those who recently looted our streets. However brainy Webster is he didn’t show the courage in his work of PC Gordon Murphy, who protected my local shopping centre a week ago. (Best example I know, from anywhere in the country. No injuries, no damage, just sheer courage.) Of course there’s pressure on these guys to conform but so is there on kids in the street. Forgive me but I think it’s just done for the money and I think it stinks.

    • Posted Aug 17, 2011 at 3:38 PM | Permalink

      Wow! I just might have to develop a more “suspicious” mind – particularly wrt Webster.

      Now this may simply be yet another “coincidence” … But the October 7th, 2010 date of this attempt to denigrate Steve follows fairly closely on the heels of … Sept. 27, 2010, when the New Statesman had accorded Steve the (very well-deserved) honour of being among their selection of “The 50 People Who Matter 2010”.

      No idea what the publishing deadline for Eureka’s debut might have been, but I don’t doubt for a moment that (considering the level of support for Steve in the comments at the NS), a dedicated greener would have moved heaven and earth to stop the presses in order to “fire back a shot on the scientists’ behalf”.

      And while I’m here …


      Ostrov draws attention to Ben Webster’s Dec 3, 2009 article in the Times (published by Rupert Murdoch) entitled “Climate e-mail hackers ‘aimed to maximise harm to Copenhagen summit’”. Webster’s lead paragraph is interesting as it cites a “source close to the investigation”

      First of all, my apologies …

      I just realized this morning (when I read your post more carefully, and followed your Webster link in the above) that you and I were talking about 2 different Webster pieces! No doubt I confused myself because my post shows a date of Dec. 4 (while my original notes had Dec. 7 … I’ll amend my post) However, speaking of “coincidences” ….

      Even before I read this comment from Richard, my impression of this Webster article was that it would not surprise me to learn that his “source close to the investigation” might well have been (perhaps, at that point, not-so) “poor Phil” … who certainly could be “honestly” described as “close to the investigation”, don’t you think? After all, December 3 was the date of the announcement of Muir Russell’s appointment.

      • Posted Aug 17, 2011 at 5:17 PM | Permalink

        Hilary, our minds have been working exactly the same way re the Eureka piece being a PR response to the ‘honour’ of the New Statesman 50. It’s the mind-numbing stupidity that gets me. McIntyre lumped in with Sarah Palin. What a sophisticated analysis of Steve’s painstaking critique of dendrochronology that is, Mr Webster.

        But getting on the train in London tonight revealed another string to the journalist’s bow at the moment. I seldom read a physical newspaper these days but I’d already seen on the web that both Murdoch papers hadn’t spared their proprietor on the latest very bad news (for them) regarding the Clive Goodman letter and the fight back from News International’s old lawyers Harbottle & Lewis. (I won’t go into it here but it’s looking bad for James Murdoch, as predicted on a previous thread.) What I was surprised to see is Ben Webster’s name on the byeline on the Times front page and inside on this most sensitive of subjects. I rather respect the paper for fronting up on this. Complex world.

        • Posted Aug 17, 2011 at 9:16 PM | Permalink

          It’s the mind-numbing stupidity that gets me. McIntyre lumped in with Sarah Palin. What a sophisticated analysis of Steve’s painstaking critique of dendrochronology that is, Mr Webster

          Richard, I’m not so sure about the “mind-numbing stupidity”. At this point, willful malevolence which assumes stupidity on the part of the reader, is how I would characterize it.

          That aside, it occurs to me that perhaps journalist-advocates, such as Webster, were beginning to realize (even if the leading lights**, lesser lights and acolytes of “climate science” were not) that the notes of their standard litany of smear-memes were beginning to fall, well, flat – as more and more people were becoming attuned and … tuning out.

          So Webster needed a different smear-meme to strike a chord which would rally the troops. IOW, his Palin ploy was a not so subtle variation on an intellectually dishonest (and unoriginal) theme.

          [**With the notable exception of Mann, whose performance in his Dec. 18/09 WaPo OpEd introduced Palin as the evil anti-science incarnate … Slight exaggeration, I agree; but it’s a “trick” I picked up from watching “climate scientists” paint their big pictures!]

          But other than that, I agree … our great minds think alike on (much of) this 😉

          P.S. I read about the latest disclosures in Murdochland in the Guardian late last night; I’ll go along with the credit you give the Times – but, in light of this thread, I’m exercising my right to reserve judgement on Webster and his role.

        • Posted Aug 19, 2011 at 2:16 AM | Permalink

          Mind-numbing stupidity speaks of the end-result, not the intellectual potential of the brain that produced it. What is perhaps most disgusting is 100 ‘greatest scientists’ enlisted in apparent support of such a crude smear of five living peoople whose only thought-crime has been to ask questions about the current orthodoxy of climate science and policy. (And certainly Steve’s critiques, unlike the Alaskan politician, one assumes, have been a model of scientific rigour.) Lysenko and other real scientific charlatans, from whose antics we could certainly learn a great deal at the moment, don’t get a look in. Never has the argument from authority been so contentless and vain. So I stand corrected. Mind-numbing stupidity was too kind.

          I wasn’t suggesting that the Times broke the story of the latest troubles of the Murdochs and Andy Coulson, just that the reports in the paper were more robust than one might have been expected from the recent past.

  15. KnR
    Posted Aug 17, 2011 at 8:53 AM | Permalink

    I think Bob was just the link man in this , his useful becasue he is ‘independent’ to CRU and of course someone else picks up his pay packet while his the sort to now how to do this short of work or to know others that can do it . Its not easy to plant stories in newspapers you have to know which buttons to press and whose buttons to press. His ‘abilities’ do speak for themselves but remember even CRU think they handled this badly so you can’t rule him out on those grounds.

    Its just a guess be he does seem to be the go to man for the RS etc when it comes to ensuring a ‘friendly press’

  16. Kenneth Fritsch
    Posted Aug 17, 2011 at 11:16 AM | Permalink

    Episodes like this one say more to me about journalism than an individuals’ or groups’ attempts at PR and spin. We often hear: a source close to the investigation, a source with inside information, a leading authority, but never an unnamed source who was attempting to put some favorable spin on the account of the events.

    Do thinking people or even casual readers take these published comments all that seriously?

  17. gnomish
    Posted Aug 17, 2011 at 3:35 PM | Permalink

    i give no credence to the notion that there is an ‘additional stash’ for ‘security’ or ‘bargaining’.
    my theory is that the emails were downloaded and studied so they could be included in a book released at the peak of interest after the public release.
    further to that, the author, having claimed his bit of fame and learned the realities of printed books in the internet age, could not give up his craving for celebrity and went on to become a fussbudgety old one.trick.pony with vanity issues…lol
    but it’s just one hypothesis of many plausible ones.

    • Coalsoffire
      Posted Aug 17, 2011 at 4:07 PM | Permalink

      Who ever it is that released these emails is not afflicted with vanity issues or seeking “his bit of fame”. He/she has shown remarkable patience and reticence. It’s almost as if revealing his/her identity would be a significant risk to that person. The person is either protecting something, a job, a reputation, or financial interest or he/she is hopelessly shy. Of course he/she could be protecting the ability to do this again. I hope that’s true.

  18. Follow the Money
    Posted Aug 17, 2011 at 3:50 PM | Permalink

    For the record, there was a Russian connection: the Russian server where the climategate emails were parked. Or hidden, to cloud a trail from Turkey and parts beyond. But there was a Russian “connection.” And IIRC the earliest emails involved Russian tree scientists asking for funding??

    All the email addresses on the emails were scrupulously cloaked to protect privacy. I doubt Putin’s KGB would spend one second doing that.

  19. John Whitman
    Posted Aug 17, 2011 at 7:31 PM | Permalink

    A couple of observations about OO’s possible initial PR spins for UEA.

    Just because it is not correct that Paul Hudson at the BBC had all the Climategate emails weeks before they appeared through the Russian outlet, it does not mean there weren’t possibly anomalous incidents in UEA’s IT systems prior to climategate that could have been found by the police to be related. The police have been reserved in relating anything, that is probably OO’s initial achievement; influencing police PR strategy.

    Also, the initial source for OO’s involvement with UEA is Sam Bowen in the Music World article. Consider the case that he was exaggerating OO’s role. From my experience in the business world it is often the case that a company’s role is exaggerated like that by the company. I hesitate to read too much into his statements. Other, less self interested sources are needed.


  20. Anthony Watts
    Posted Aug 17, 2011 at 9:24 PM | Permalink

    One of things I had been puzzled about is why out of all the time elapsed for investigation, I was never interviewed by anyone from UEA or the Norfolk Constabulary.

    Reading the comments above, I think I know the answer now.

    From a curious investigator’s viewpoint there are several thing that would seem to put me into the category of “person of interest”.

    1. Of all skeptics involved, I was the closest to UEA at the time, being at a conference in Brussels. One could even say the timing was too odd to be coincidental, since I had never been to Europe before.

    2. Of all the people involved, I was the quietest about it up until the time I cleared customs at Dulles, then I opened the floodgates. Steve, Charles, and Mosh respected my wishes to stay quiet about it until then as I was fearful of the timing also. At the time I didn’t know anyone else had the files, or that RC had been hacked. I was concerned these were dumped on WUWT’s lap and I was being “set up” for some purpose. My first thought when I saw the files was “why now?”, as I was about to go through EU’s security in Brussels in 4 hours. My presence there was public knowledge, having been announced in the agenda for the conference at EU headquarters. I’d been told to expect heavy security and that my computer would be inspected, which is why I purged my laptop of the files after I first examined them in Brussels and then never said another word until I was back in the USA. I didn’t have any of the files in my possession after that purge I did in Brussels with the DOD rated wiping software I downloaded and ran that day. I wrote my blog post announcing the event while in Dulles airport gate area from my own recollections and other reports that were just then published, mostly Mosh’s samples of emails in CA comments that he started posting once he knew I had cleared customs.

    Steve has more on this in his “dog that didn’t bark” section of the Mosher timeline:

    3. From an investigator’s standpoint, a simple look into me would show that I’m the most computer savvy and with means of the group of skeptics central to those days. I operate a server room, have my own domain name servers, multiple domains, multiple email servers, and I build this technology from scratch. An example is that I built and deployed the Climate Audit server for Steve at the time (which soon got swamped by the traffic).

    So with these things taken together, you’d think a truly curious investigator would have wanted to interview me. Oddly, that’s never happened.

    I think I know why now. I think they already identified the hacker/leaker, struck a deal to avoid any further embarrassment to UEA/CRU, perhaps to squelch any holdback, and the rest of the “investigation” since has been simply theater.

    Just my theory.

    Addendum: I should make it clear for readers that I had nothing to do directly or indirectly with this hack/leak incident, nor have I ever visited UEA’s computer systems in person, or in electronic form beyond the public web and FTP pages that are available to everyone. – Anthony

    • Posted Aug 18, 2011 at 12:40 AM | Permalink

      No longer just your theory … but mine too 🙂

      • Posted Aug 18, 2011 at 4:07 AM | Permalink

        Assuming you are wrong Anthony, and given the competence at which the various investigations have proceeded…now you will be questioned.

    • KnR
      Posted Aug 18, 2011 at 3:01 AM | Permalink

      The only proof that RC had been hacked was the claim from RC, and I happily bet ‘script kiddies ‘ have a go a web sites for no other reason they because they can all the time so even if it was there it my have had nothing to do with these e-mails .
      Lets be clear RC did have something to gain by throwing dirt given who is actual behind RC and who is in the e-mails , RC have never allowed any external investigation of the alleged hack instead they seem to deleted the ‘evidenced’
      Was RC hacked, possible we just don’t know , was it to do with these e-mails , possible or could have just been some one having ‘fun’
      The trouble is we sure can’t take RC’s word for it given their reputation and how is actual behind RC.

      • Wijnand
        Posted Aug 19, 2011 at 11:22 AM | Permalink

        Someone “having fun”? Going through thousands of emails on several servers and deleting all the “I’ll be home after diner sweetie” emails? Does that sound like script-kiddie fun to you?

    • Posted Aug 18, 2011 at 8:18 AM | Permalink


      Interestingly enough, I was concerned that they would understand my own computer background and want my machines. I also have set up and maintained computer networks for corporations but my programming background is more varied and extensive than most and gives me a reasonable understanding of the inner workings of a computer. They never asked any questions though about my skill level with computers.

      Potentially having direct access to the server would have made the task trivial so your location in Brussels should have been a little interesting to them. A reasonable person wouldn’t have messed around with the RC server though. I’ve had a similar theory about it being a student who was identified. The student cuts a deal, is allowed to keep his/their life, and the rest of the information disappears. No money required.

      • Anthony Watts
        Posted Aug 18, 2011 at 11:15 AM | Permalink

        Strange that they never inquired about your skill level with computers. It suggests they aren’t interested in that angle.

        • Posted Aug 19, 2011 at 1:09 AM | Permalink

          It is very strange – as are many of the apparently unasked questions (and uninterviewed persons)!

          When it comes to “big pictures”, I’m a-dyed-in-the-wool pattern-picker-outer from way back when. So, to my eyes, unasked questions and uninterviewed parties are two very strong patterns that emerge from all the official so-called “investigations”: Mann, Oxburgh, Muir Russell … and the Norfolk Constabulary!

          Speaking of the latter … I might have missed it (or perhaps my memory just ain’t what it used to be!), but I don’t recall seeing in the accounts from those whose blogs were the initial “beneficiaries” of the fruits of the leaker’s/leakers’ labours, who were interviewed, whether or not they were asked for the IP address of the person who posted the Nov. 17 “announcement” on their respective servers.

          Jeff, Steve, Charles et al … during your respective “interviews” were you asked this question?

          No doubt proxy-servers were used for the postings. But surely if such a serious “crime” had been committed, the experts from Scotland Yard’s “e-Crime Unit” (who were supposedly assisting Norfolk’s finest) would want to know this – and would have ways of persuading those who needed to be persuaded to reveal the crucial details. Or am I naïve in thinking that such IP addresses would be a logical starting point?

          Also wonder if they interviewed Gavin (who, as I recall, for reasons probably best known only to himself – and possibly The Team – chose not to report the alleged security breach(es) on his server(s) to the police).

          And speaking of Gavin and RC … unless I’m mistaken, all the initial “beneficiaries” were US blogs, were they not (although this is not necessarily material)? But … thinking outside the Inbox for a moment, here’s my (possibly very) far-fetched hypothesis. Consider the following:

          1. “Honesty is the best policy” is not a motto or maxim that springs immediately to mind when one thinks of The Team.

          2. When rumours are planted, they often include a few grains of truth. For my hypothesis the grains of truth lie (strangely enough!) in the “multiple hacks” and October myth.

          3. Of all the initial known “beneficiaries”, RC is one that makes absolutely no sense. According to Gavin’s Nov. 20th RC post:

          We were made aware of the existence of this archive last Tuesday morning when the hackers attempted to upload it to RealClimate, and we notified CRU of their possible security breach later that day. [emphasis added -hro]

          If these alleged hackers had “succeeded”, why didn’t Gavin simply say “uploaded”? My guess is that he got his copy from the Russian server, just like all the … uh … first responders!

          Ergo suppose …

          That CRU and/or UEA IT and/or someone in their ICO office really had put together a dossier of emails pertaining to one or more outstanding FOI requests.

          Suppose also (and this could be the really “embarrassing hold-back”) there’s an E-mail from someone at CRU to someone at RC dated mid-to-late-October 2009, along the lines of “we’ve put this together in response to those damn FOI requests. We don’t yet know how the ICO will respond, but because you folks are mentioned, we thought you should be aware. You can grab it from our FTP server”. File is grabbed and placed on RC server as

          Suppose that very shortly thereafter, a Curious Informed Savvy IT Person (CISIP) stumbles across due to weak RC server security (or legitimate access?) and grabs it. Takes a leisurely stroll through the contents and finds a potential goldmine.

          CISIP has (or finds) a similarly minded friend at UEA … asks him/her to do some scrounging around for selected attachments and emails of interest from or to CISIP’s compiled list of persons with which to “pad” the initial S/he does this gradually (and perhaps less perceptibly) over next 3 or 4 weeks and catching wind of letter about to be sent to Steve with latest FOI decline, wraps up mission with last E-mail captured on Nov. 12.

          Then, CISIP spends next few days, “integrating” and rezipping as and on the 17th, uploads to the Russian server and then drops the “miracle” message (wittily/ironically in a thread entitled “Miracles and Stripbark Standardization”) using a nym “RC” bogusly hyperlinked to “” – which would be sure to catch Gavin’s attention. As we know it did. On the other “beneficiary” sites, CISIP dropped real link to Russian server and seems to have used FOIA as a nym (just in case Gavin missed it here, perhaps).

          No doubt Gavin did contact CRU about a security breach (in fact I’m inclined to think that they must have burned up the transatlantic phone lines between Nov. 17 and 19). And since it wasn’t until the 19th that files were first downloaded and examined by anyone (except Gavin?) they had two full days to develop their “storyline”.

          In summary: my hypothesis is that, yes, there was a serious security breach – back in October, when CISIP stumbled across – a much smaller file, and not at UEA, but at RC. Once The Team realized that there was a good chance they could not “redefine” the Internet fast enough to suppress this, they had to develop a storyline – and they had to stick to it.

          For whatever reason (perhaps because there would be far too much political heat if the spotlight was on this side of the pond – and/or a faster, more thorough and focussed police investigation) they decided to artificially change the scene of the crime. And it wouldn’t be the first time that The Team has resorted to artificiality, would it?!

          Plausible? Perhaps. Certainly starting with a “core” and building the padding around it would be far less onerous and time-consuming than ploughing through 15 years worth of emails etc., don’t you think?

          A scenario along the lines I’ve speculated would go some distance towards explaining Paul Dennis’ impression that the Norfolk police didn’t seem to know what they were looking for. And it might also explain why this still unresolved “police investigation” has so many unasked questions and uninterviewed parties: Perhaps unknowingly (or perhaps not) they’ve been led up the FOI garden path.

          Considering the latest revelations from Murdochland, it might also go some way towards explaining why Neil Wallis would have been the perfect choice to assist in the rehabilitation of UEA/CRU’s self-inflicted “reputation” wounds.

          Hilary [Channelling Miss Marples]

        • Posted Aug 19, 2011 at 3:57 AM | Permalink

          I was not asked a single “interview” question as I preemptively gave a response to their request containing the information I would have given them whatever they asked.

        • Posted Aug 20, 2011 at 3:20 PM | Permalink

          Thanks, Charles. And I see that Steve had indicated in a Jan. 13/10 comment in the “Mosher Timeline” thread that he had published the IP address “at the time”. Which, coincidentally, makes Gavin’s Nov. 23 “If SM or JeffID want to share the IPs associated with the comments on their sites, I’ll be happy to post the IP address that was used to compromise RC.” somewhat disingenuous.

        • Posted Aug 19, 2011 at 4:58 AM | Permalink

          On the police contribution, Steve on an earlier thread suggested Inspector Clouseau rather than Sherlock Holmes. I would add Dirty Harry as a third option. I now totally accept Paul’s testimony that those interviewing him were decent men going through the motions, no doubt realising from Paul’s attitude that there was nothing of substance in that direction. It would be uncharitable to compare these guys to Clouseau – they had been misdirected by someone higher up. And certainly we can by now eliminate Sherlock Holmes. Such brilliant logic was nowhere near the scene. But was the misdirection a matter of Clouseau or Dirty Harry? I consider the explicit use of the counter-terrorism label as deeply inappropriate in first making contact with Steve McIntyre and others. The lack of rational questioning of anyone we know of adds to the impression of a deliberate attempt to find nothing. Blog speculation is all well and good but we should demand to know far more through official channels. I continue to think that uncovering the Neil Wallis contribution will be the hook for that in practice.

          It’s not that these areas are unimportant – far from it. It’s that we don’t have enough to come up with the ‘right answer’. But we have every right to ask the questions.

        • Posted Aug 20, 2011 at 2:54 PM | Permalink

          It would be uncharitable to compare these guys to Clouseau – they had been misdirected by someone higher up

          Richard, I agree. And from where I’m sitting, “misdirection” could be considered to be a hallmark of the outcomes of all the so-called “investigations”!

          But … speaking of “misdirection”, and setting aside the possibility of confirmation bias on my part … when I followed Bebben’s link (thanks, Bebben!) to Gavin’s Nov. 23 “reconstruction”, and scrolled through some of the other comments and responses thereto, I found something else that was, well, a rather curious coincidence.

          Guess who wrote and linked to “see the BBC blog by Hudson”. Yep, good ol’ Gavin – or another RC mod using his name. (Part of his response to questions in comment 170)

        • Bebben
          Posted Aug 19, 2011 at 3:59 PM | Permalink

          “And since it wasn’t until the 19th that files were first downloaded and examined by anyone (except Gavin?)…”

          Gavin reported that four downloads had been taking place from the Miracle Comment at CA:

          “The username of the commenter was linked to the file at Four downloads occurred from that link while the file was still there (it no longer is).”

          – but I can’t recall that any commenter at CA has said anything about downloading the zip file. Is it just a coincidence that no one has reported it (if this is correct)? If only four downloads took place, I would guess that at least one of the most frequent commenter would be among them. And to most readers of this blog the contents were dynamite. So this means…. well, anything at all? Just wondering.

        • thisisnotgoodtogo
          Posted Aug 20, 2011 at 3:39 PM | Permalink

          I tried the documentary from Sweden where Gavin talks about it, but the site says it’s no longer available outside of Sweden.

        • Steven Mosher
          Posted Aug 20, 2011 at 4:55 PM | Permalink

          See the comments in the mosher timeline. I think we identified 3 people who hit the link. None downloaded. I iamgine the hacker was the 4th. testing what he had done.

    • John Whitman
      Posted Aug 18, 2011 at 8:57 AM | Permalink

      Anthony said, “I think I know why now. I think they already identified the hacker/leaker, [. . .]”



      I see no evidence or logic that suggests just a single hacker/leaker. It makes just a much sense it was a some sort of effort involving more than one person. If I recall correctly a comment/message from the hacker(s)/leaker(s) used the plural pronoun ‘we’. Sorry, on my BB at ALB airport heading for SFO so I cannot dig up the actual message. Maybe someone has it handy?


      • Posted Aug 18, 2011 at 10:48 AM | Permalink

        The message was

        We feel that climate science is, in the current situation, too important to be kept under wraps.
        We hereby release a random selection of correspondence, code, and documents.
        Hopefully it will give some insight into the science and the people behind it.
        This is a limited time, very unofficial offer.

        see here.

        Of course this may be the ‘Royal we’ or the ‘academic we’.

        • John Whitman
          Posted Aug 18, 2011 at 11:54 AM | Permalink


          Thanks. That is the message I was referring to.

          Imagine there were multiple people inside UEA that were involved in the unauthorized release of the emails/files. Harder for UEA to cover it up in the long run than if it were a single individual. Also I think it would be harder to put pressure on multiple people.

          Also, consider the possible situation where there were insider(s) and outsider(s) involved. Then it gets intriguing.

          After 21 months of police inquiry . . . nothing reported . . . now that IS the most suspicious aspect of all wrt climategate.


        • kim
          Posted Aug 18, 2011 at 1:15 PM | Permalink

          Maybe ‘they’ were royally pissed, after all. After all. After all.

          Suddenly I’m reminded of ‘The Purloined Papers’ but the metaphor exceeds its error bands. Nonetheless, our saviour is hiding in plain sight.

  21. kim
    Posted Aug 17, 2011 at 10:18 PM | Permalink

    This may have been the safest course for the saviour. For all we know, that hero(ine) was more worked up about FOIA than about climate. I’d certainly like to think that such heroism was generated in a more complex fashion than such simple righteousness, but who needs a guinea stamp to holler cross the street?

  22. Posted Aug 18, 2011 at 4:06 PM | Permalink

    Re David King, I have a note that Davies spoke to King on 2 December 2009, i.e. after the article in the Mirror. I think it was to do with Oxburgh though. I think this came from David Holland’s FOI of Davies’ emails, but I’d need to check this.

  23. Matt Skaggs
    Posted Aug 18, 2011 at 5:27 PM | Permalink

    John Whitman wrote:

    “After 21 months of police inquiry . . . nothing reported . . . now that IS the most suspicious aspect of all wrt climategate.”

    I respectfully disagree, simply because that violates the principle that conspiracy should not be invoked when incompetence would suffice. I think that the most suspicious aspect was the hiring of a former tabloid editor from a fringe PR company to spit-polish the image of a University!

    • John Whitman
      Posted Aug 19, 2011 at 12:29 PM | Permalink

      Matt Skaggs

      Thank you for your comment.

      I do not think there is any conspiracy wrt to UEA and local police concerning climategate investigation. Just like I do not think there was a conspiracy for British news media to commit phone hacking nor a conspiracy for British police to contribute to the media’s phone hacking. It was just a malevolently accepted practice, apparently.

      So we do not need conspiracy where misguided and malevolent people just abusing power will work the trick.


  24. Geoff Sherrington
    Posted Aug 18, 2011 at 6:44 PM | Permalink

    It’s a bit academic as to whom the source was. It’s also a bit off course for a science blog because some players might deliberately use false statements as a modus and deliberate false statements are anti-science. Why don’t we distance our comments from those similar to ‘projections’ of future climate, replete with pet theories, weighted assumptions and an overall shortage of hard evidence? Sure, it’s interesting on the side, mea cupla also, but the scientific analysis topics are those that make Climate Audit great. Please read this as a soft suggestion.

    • Posted Aug 19, 2011 at 2:26 AM | Permalink

      Agreed – too much speculation for my own taste. However, the involvement of Neil Wallis and other PR professionals post Climategate, rather than total honesty from UEA, is strongly connected with the abject failures of the inquiries and the abysmal quality of the some of the reporting last year. Science requires radical honesty to work, as people as diverse as James Lovelock and Richard Muller said with great force after reading some of the emails. UEA chose the wrong path and it has to face the music for that.

    • j ferguson
      Posted Aug 19, 2011 at 8:43 AM | Permalink

      Geoff, “a bit academic” ?? Isn’t that the heart of the thing?

  25. ausiedan
    Posted Aug 19, 2011 at 6:44 AM | Permalink

    Agreed also.
    The real story of whodunnit will make a great book one day.
    But the more important issue is to hold the so called climate science up to the light and replace it wirh the unvarnished truth.

    On the otherhand, there is a huge political mountain to demolish as well. Otherwise this will just go on and on, regardless of the science and more and more economic damage will be done.

    Digging into this story and particluarly into the OO – police – Whitehall link may just unearth much more than any of us are expecting.

  26. Anthony Watts
    Posted Aug 19, 2011 at 8:33 AM | Permalink

    Guardian reports former NOTW reporter James Desborough arrested in phone hack scandal

  27. amoorhouse
    Posted Aug 19, 2011 at 10:50 AM | Permalink

    Looks like the Guardian has form now……

  28. Oxbridge Prat
    Posted Aug 19, 2011 at 1:43 PM | Permalink

    Personally I would be looking for a PostDoc who had recently arrived from the East Coast of the US and still had access to unix accounts in his old lab: access the files from inside CRU but clean and assemble the package elsewhere.

    But like most of the rest of this thread this is pure speculation.

  29. Turboblocke
    Posted Aug 19, 2011 at 2:13 PM | Permalink

    Strange that you’ve only recently heard about Wallis and UEA. Back in July the theory was that Wallis was a double agent for News Corp who sabotaged UEA’s media response.


    In October 2009, a one-man company run by Neil Wallis, received a £1,000-a-day contract from the Metropolitan Police Service, aka Scotland Yard, to provide PR services. Wallis formed the company just one month before starting. Wallis was given complete access to confidential police investigative information on both the phone and climate change hacking investigations. It has been revealed that Wallis, News of the World executive editor until late 2009, provided details about the two investigations to News Corp. and in doing so harmed the investigation. Specifically, Wallis kept Murdoch’s organization apprized of what and whom the police were investigating. At News of the World, Wallis had been put in charge of managing hacking activities. Wallis worked directly under then-editor Andy Coulson, who later became chief spokesman for Prime Minister David Cameron. Coulson was arrested for involvement in the hacking in July. While employed by Scotland Yard, Wallis sought to diminish media coverage of the scandal.

    During the hacking investigation, Wallis was also an adviser to the Conservative Party in the run-up to the 2010 general election. He worked for the Tory Party and current Prime Minister David Cameron. In a strange development, Wallis, who was still secretly working for News Corp, was also hired by climate change scientists to defend them in the area of public relations. It has been reported that the scientists received very bad advice from Wallis.

    Curious that there’s no barking from the dogs about this? Almost looks like you’re trying to spin the issue doesn’t it?

    • StuartR
      Posted Aug 19, 2011 at 2:37 PM | Permalink

      Re: Turboblocke (Aug 19 14:13),

      Back in 14th July is when the discovery of Wallis’s involvement with UEA CRU was first made on this blog – a scoop I would say.

      That’s the first link that was made anywhere in the world as far as I know, and there was some speculation along with that story in the comments, but none beats the “double agent” theory for imagination! 🙂

      But I would be interested to hear of this connection being made elsewhere before 14th July? 🙂

  30. DR
    Posted Aug 19, 2011 at 2:34 PM | Permalink

    Turbobloke: I took Steve’s ‘recently’ to mean July, when he posted on Neil Wallis:

    I’m interested to find out what you mean by this “It has been reported that the scientists received very bad advice from Wallis.” Can you tell me where that was reported?

  31. Posted Aug 19, 2011 at 5:04 PM | Permalink

    “We feel that climate science is, in the current situation, too important to be kept under wraps. We hereby release a random selection of correspondence, code, and documents. Hopefully it will give some insight into the science and the people behind it”

    Those are the words that accompaned the release of the Climategate emails.

    Firstly, my business is words so I recognise a precise usage of English when I see it. Focus on the word “selection”. The implication is they’ve got more they could release. Touch me if you dare …

    Secondly, putting the climategate whistleblower on trial would be the worst PR disaster imaginable for the alarmists. They’re not interested in catching the whistleblower. It’s the last thing they want.


    • kim
      Posted Aug 20, 2011 at 2:00 AM | Permalink

      It doesn’t seem random though.

  32. Posted Aug 20, 2011 at 3:03 AM | Permalink


    On “random”, I’d have to fall back on my original comment about the precision of the English being used. I don’t think the whistleblower would have used that particular adjective unless it was accurate. Don’t forget, the majority of the emails released were innocuous. Also, there appears to have been at least a decade’s worth of emails which would have been an enormous job to sift through for the suspect ones.

    Wouldn’t it be nice if they released the full payload? We can only dream …


    • David Holland
      Posted Aug 20, 2011 at 5:50 AM | Permalink

      Re: Pointman (Aug 20 03:03),

      I think the whistleblower had indeed provided a “random” selection of emails but only to hide the much fewer real jewels which are far from random. Had the jewels been released on their own there might have been a swift effort from the “team” get their distribution stopped. I also think the leaker found the jewels by searching with keywords that any regular reader of CA would know by heart.

      In my submission to the Russell Review (which they refused to publish or even to put in its entirety to to the UEA) I cited just 33 emails which are compelling evidence that when Jones, and Overpeck realised that the Reviewer for the US had demanded that all references to Wahl and Ammann 2007 be removed from AR4 WGI Chapter 6, because it missed the deadline, they decided with Solomon to retrospectively change it. I also suspected at that time that the determined resistance to my FOIA requests to the Met Office and UEA was to cover up the lie told by WGI told all 600 Expert Reviewer to explain the deadline change. I am now sure, that this was the case.

  33. Posted Aug 20, 2011 at 4:27 AM | Permalink

    You may not have considered one possible interpretation. It could be that Mr Wallis is a (typical PR) weasel and claims responsibility for Mr Webster’s article (or some other piece) when he really had no part in it.

    Just a thought.

  34. Britannic no-see-um
    Posted Aug 22, 2011 at 3:21 PM | Permalink

    hro said

    ‘Of all the initial known “beneficiaries”, RC is one that makes absolutely no sense.’

    I have yet to see a plausible explanation. Maybe I only see good guys and bad guys, like Bush.

  35. Posted Aug 23, 2011 at 1:34 AM | Permalink

    I dont think this will lead to any good. there’s still some details not shown in the article. and whats with the russian connection all about.?

  36. thisisnotgoodtogo
    Posted Aug 15, 2014 at 10:11 PM | Permalink

    “The selection of Outside Organisation nonetheless is an odd choice and we know little of why they were chosen, as opposed to a more conventional agency (e.g. Luther Pendragon).”

    Steve, if you google “Luther Pendgragon Climate audit”, the first find is this address

    luther pendragon « Climate Audit
    Oct 27, 2010 – Posts about luther pendragon written by Steve McIntyre.

    If you click, up comes a security warming page saying “Untrusted connection”

    I wonder how that comes about.

    sTEVE: is not a problem – without the https. don’ think that this is anything

    • thisisnotgoodtogo
      Posted Aug 16, 2014 at 11:02 AM | Permalink

      I found this about HTTPS

      “A site must be completely hosted over HTTPS, without having some of its contents loaded over HTTP, or the user will be vulnerable to some attacks and surveillance. For example, having scripts etc. loaded insecurely on an HTTPS page makes the user vulnerable to attacks. Also having only a certain page that contains sensitive information (such as a log-in page) of a website loaded over HTTPS, while having the rest of the website loaded over plain HTTP, will expose the user to attacks.

  37. Posted Aug 16, 2014 at 3:19 AM | Permalink

    While a CA Neil Wallis thread pops to the surface there was some surprise news about the old newspaper man on 30th July:

    News of the World former deputy editor Neil Wallis and former features editor Jules Stenson have been charged with conspiracy to hack phones.

    They were both charged as part of Operation Pinetree, a Scotland Yard investigation into allegations that News of the World features staff had obtained information in this way.

    Wallis, nicknamed ‘the wolf man’, and Stenson are both accused of conspiring to illegally listen to voicemails between January 2003 and January 2007.

    Wallis was previously arrested under the main phone hacking investigation, Operation Weeting, in a dawn raid in July 2011, and was told in February last year that he would face no further action due to lack of evidence.

    Today, he said he is ‘devastated’ to face a ‘swingeing, indiscriminate charge’ of conspiring to hack phones, more than a year after he was told he would face no further action.

    In February last year, Wallis’s solicitor said the journalist had suffered ‘a terrible ordeal’ by being left in limbo for nearly two years.

    He was employed by then-Metropolitan Police commissioner Sir Paul Stephenson as a PR consultant before his arrest in 2011, and Sir Paul was pushed to resign after the journalist was questioned by police.

    The former News of the World deputy editor also had close contact with then assistant commissioner John Yates, who also resigned after criticism of his links to the newspaper and the decision not to reopen the inquiry into phone hacking.

    Former News of the World editor Andy Coulson was jailed for 18 months for conspiracy to hack phones earlier this month.

    To this observer it felt as if a magic cloak of protection gained from helping to shovel sh*t at UEA after Climategate had mysteriously disappeared after the jailing of Coulson. But I have no inside knowledge of who knew what on phone hacking.

    • thisisnotgoodtogo
      Posted Aug 16, 2014 at 11:09 AM | Permalink

      I watched a UK video on climate communications, and noted that a Luther Pendragon representative was there and asked a question, so they are in the climate PR game.

4 Trackbacks

  1. […] McIntyre also has a post in which he provides his views on other aspects of news coverage in the same timeframe, one of […]

  2. […] response to this (because I thought at the time that Steve had asked Webster about the Dec 7 article, for […]

  3. […] Source: […]

  4. By Wallis and UEA « Climate Audit on Aug 26, 2011 at 1:53 PM

    […] arrive on the scene in February 2010, not in early December 2009 (as speculated in my recent post here.) Thus the front page article for which Wallis claimed credit was not the Ben Webster article of […]

%d bloggers like this: