« Mike's Nature Trick | Main | Your New Overlords - Welcome Them »

November 21, 2009

Who is FOIA?

I've been following with glee the mayhem unleashed by the seemingly innocuous act of posting 63 Megs of emails and documents that the Global Warming Fanatics didn't want us to see. The post was made under the generic/anonymous name of "FOIA" (Freedom of Information Act), at almost the same time that Steve McIntyre's appeal for his FOIA Request was settled unfavorably. Someone wanted the truth to get out.

Currently, I've seen a lot of talk about the Climate Research Unit (CRU) at the University of East Anglia (UEA) was hacked. Although this is possible, the more probable scenario is that this was posted by someone inside the organization in the IT department. You can bet your sweet @ss that the CRU at UEA is going to be filing suit in federal courts (in the U.S. and the U.K.) to get access to the web server logs showing the IP address that the post came from, although I think it's a fairly safe bet that, whoever posted this would be smart enough to go through several proxies to make sure they're pretty much untraceable.

The reason I think it's an inside person as opposed to a hacker is that, plain and simple,it's more likely to have been an inside person. Consider the following - every organization has to have an IT department, it's a necessary evil. So, you have a group of people that run your email server, and your network. This is not one or two people. My guess is we're talking about a fairly large IT staff. It's public sector, after all. So, I'm guessing that there's probably at least 30 people inside the org that have acess to all network files and emails. Any of these people could easily take out 60 megs of data on a thumb drive. They could easily take out 30 gigs of data out the door on a CF card. Then, you run some software to spoof your Mac Address and go war driving until you fine an open Linksys network with no WEP/WPA. Some noob that broadcasts the default LINKSYS SSID with no encryption and no password required. Then, you daisy chain about six proxy servers together behind PimpMyIP and post the files anonymously.

This is a fairly simple scenario. The scenario that's much less likely is what they're all claiming...that they were hacked. I'm not saying it didn't happen, I'm saying it's much less likely. The reason is that the hackers really have no idea what data is inside of that CRU EAU organization. So, they'd have to hack in, hoping to find something, find it all, get out, and not leave any tracks. And, all of this happened within a day or so of the results of the FOIA appeal being denied. It's just not that likely, IMHO.

Whereas, someone on the inside would have seen the emails over the years. Would have been smouldering over the flagrant violations of ethics. Would have had a front-row seat to watch the devout followers of Global Warming religion. And then, when the FOIA appeal was denied, all they had to do was walk out with a CF card. (They could have easily opened a VPN over an RDP tunnel and uploaded them from within the ogranization, but I doubt they would have done this just to be belt-and-suspenders safe.) The best way is to copy them onto a CF card and walk out the door. There can be no way of tracing that unless you catch them with the CF card in their hands and take it away from them and read it. Short of this, there's no way to track it. Period. End of story.

Update: This guy appears to agree with me that the anonymous FOIA is an insider at CRU.

Posted by Rob Kiser on November 21, 2009 at 3:48 PM


Post a comment

Remember Me?

(you may use HTML tags for style)