[clug] Hack attack on University of East Anglia's Climatic Research Unit

Paul Wayper paulway at mabula.net
Sat Nov 21 18:35:07 MST 2009

On 21/11/09 21:01, Kim Holburn wrote:
> When you have the money in the major energy industries arrayed against
> you, trillions of dollars, you simply aren't going to keep people out.
> No matter what technology you use there are always people involved.

Even though I'm all for sticking it to the fossil fuel industry, I don't think 
they're sophisticated enough or desperate enough (yet) to go attacking a 
university's email system just to find emails that might do 'something' for or 
against them.  What would they be looking for anyway?  They're still happily 
paying for perfectly valid scientists to cook up perfectly reasonable-looking 
experiments to prove whatever they want; they're about as far away from 
hacking into university email accounts as a tiger is from using rabbit-traps.

If there was an attack on the economics department's mail server, it'd be 
blamed on those evil corporations.  If it was the law department's server, 
it'd be rival universities.  If it was the humanities department's server, 
it'd be all those neo-Nazis.  If it was the maths department's server, it 
wouldn't even rate a mention.

And as Daniel says, universities also have conflicting security goals.  They 
have a faculty and staff who still think dot matrix printers are pretty neat; 
they have a huge body of hackers (who we outsiders know as 'students') trying 
to catch every virus, attack everything else and cheat on their exams; they 
have researchers who want to give access to sensitive equipment to other 
researchers from untrusted sites around the globe.  This is not an environment 
where one can come up with neat, simple security models.

Have fun,


More information about the linux mailing list