Climate Science Glossary

Term Lookup

Enter a term in the search box to find its definition.

Settings

Use the controls in the far right panel to increase or decrease the number of terms automatically displayed (or to completely turn that feature off).

Term Lookup

Settings


All IPCC definitions taken from Climate Change 2007: The Physical Science Basis. Working Group I Contribution to the Fourth Assessment Report of the Intergovernmental Panel on Climate Change, Annex I, Glossary, pp. 941-954. Cambridge University Press.

Home Arguments Software Resources Comments The Consensus Project Translations About Donate

Twitter Facebook YouTube Pinterest MeWe

RSS Posts RSS Comments Email Subscribe


Climate's changed before
It's the sun
It's not bad
There is no consensus
It's cooling
Models are unreliable
Temp record is unreliable
Animals and plants can adapt
It hasn't warmed since 1998
Antarctica is gaining ice
View All Arguments...



Username
Password
New? Register here
Forgot your password?

Latest Posts

Archives

Bob Lacatena

Bob Lacatena is a software developer with a lifelong interest in and love of science and teaching, a love that was instilled by his parents, both college professors.  He has a bachelor's degree in computer science from Northwestern University.  He began his study of climate as a true skeptic, taking the time to put in the effort to truly learn everything he could about the science before recognizing that it is something that will greatly affect the life, prosperity and happiness of his daughter, her peers, and even more so any grandchildren that may some day follow.  Today, as a volunteer, he contributes to Skeptical Science with his primary talent (his computer skills) but wishes he could find more time to write as well.

 

Recent blog posts


Skeptical Science Widget Hacked

Posted on 1 April 2014 by Bob Lacatena

ANNOUNCEMENT — Widget Hacked


This is the widget as it appeared during the hack throughout April 1st.

Late last night, we discovered that the Skeptical Science widget website has been hacked. We are working hard to figure out what's going on.

Rest assured that all credentials and data on this site are well secured. The widget is hosted on an entirely separate server, which also — both fortunately and unfortunately — resides with a completely different host.

We do apologize to everyone who hosts and views the widget. If you are hosting the widget on your blog, there is no need to remove it. We will get it working properly soon. It's only a matter of time.

UPDATE (9:20 AM EDT)

We are working with the web hosting service to resolve the issue. For now, we don't really have a handle on how the hacker got control, or why we can't fix the widget.

UPDATE (10:43 AM EDT)

We have some idea now of how the hacker did it.  Doug is running some tests to confirm our theory.

The widget was designed to help to communicate to everyday people how much energy our planet has accumulated as a result of anthropogenic greenhouse gas emissions, and how quickly that energy continues to accumulate.  That rate is equivalent to a startling 4 Hiroshima atomic bombs per second.

Read more...

13 comments


A Hack By Any Other Name — Index

Posted on 24 March 2014 by Bob Lacatena

Introduction

In March of 2012, a "leak" — actually the results of a concerted, persistent and expert hack — of the Skeptical Science web site revealed the contents of the private contributors forum, as well as a useless list of deleted comments (we have intended for some time to make all deleted comments visible to everyone, and simply haven't gotten around to that task yet) and the site's registered users (culled to remove all pseudo-skeptics).

Read more...

1 comments


A Hack By Any Other Name — Part 7

Posted on 21 March 2014 by Bob Lacatena

Part 6 described the methods used by the hacker and detailed his activity on February 21st.

 

 

 

Ted: We're both stumbling around together in this unformed world, whose rules and objectives are largely unknown, seemingly indecipherable or even possibly nonexistent, always on the verge of being killed by forces that we don't understand.
Allegra: That sounds like my game, all right.
Ted: That sounds like a game that's not gonna be easy to market.
Allegra: But it's a game everybody's already playing.
eXistenZ (1999)

The Next Question

We were still left with a puzzle.  In the course of six hours, the hacker had infiltrated an administrative ID, uploaded his own program, viewed source code, downloaded the database, and then erased most of his tracks.  But early in the process, the hacker had jumped straight to user ID 4955, without ever doing anything to find it.  How?  What did he do in the 24 minutes between looking first looking at the table entry for John’s user ID and then switching to user ID 4955?

Obviously, February 21st wasn’t the first day of the hack.  He must have tried, and somehow succeeded, at doing more earlier. 

I was ready to send the FBI after him...

I ran one awk program, looking for other instances of the cookie edit trick.  One user, Andy S, turned up in my search in December of 2011.  He’s a Skeptical Science contributor, and his IP address magically switched a few times between his own user ID and John’s.  I was ready to send the FBI after him until I found out that John had been staying with him on the days in question, prior to continuing on to that year’s AGU meeting.  The “switching” of user IDs was actually John using his iPad, and Andy using his desktop computer, both within Andy’s home network.

When that search failed, looking at the previous day was the obvious choice.  We’d already done so and failed to find a trace of the hacker, but that had been earlier in the game.  By this point, we had a much better impression of his footprints.  We knew better what to look for.

A quick search for his user agent turned up enough hits...

One option would have been to test all 36,039 IP addresses that accessed the site on February 20th, to see which ones were Tor relays.  Tor IP lists are always incomplete, but if he went through as many IP addresses as he had on the 21st, there were bound to be more than a few matches.

Read more...

6 comments


A Hack By Any Other Name — Part 6

Posted on 18 March 2014 by Bob Lacatena

Part 5 explained how apache logs are structured, and explained some of the avenues the hacker used in his attack.

 

 

 

Ginger: For someone the NSA once listed as the most dangerous hacker in America, you sure don't look like much.
Swordfish (2001)

March 27, 2012 — 12:25 AM PST — Better Lucky than Good

How had the hacker deleted 12 hours of activity from the SQL injection log file from the 21s of February, the first day of the hack?

Doug hit on the right answer, at first for the wrong reason.  The corrupted SQL injection log file suggested that the hacker had uploaded something, probably an empty file, to overwrite that log file.  There seemed to be one way to do that through the application.  Authors have the ability to upload images, PDFs, and other supporting files.  It struck Doug that this was the most likely path to corrupting the log file.

This turned out to be not entirely true, because the upload program would not overwrite a file.  If the file already existed, it completed the upload request by adding a numeric suffix to the file name.  But the intuition was right.  A program that could put files into the system was dangerous, even if it was only available to authors and moderators.

Doug immediately asked that that capability be shut down.  The third security risk was now sealed.

But again, it didn’t explain how the hacker had gotten in, because one needed at least an author’s administrative capabilities to use the image upload facility.  And how did he get a dump of the database?

Read more...

6 comments


A Hack By Any Other Name — Part 5

Posted on 13 March 2014 by Bob Lacatena

 Part 4 described the technology behind the Skeptical Science website and our initial response to the hack.

 

 

 

 

Detective Del Spooner: Hansel and Gretel.
Susan Calvin: What?
Detective Del Spooner: Two kids, lost in the forest. Leave behind a trail of bread crumbs.
Susan Calvin: Why?
Detective Del Spooner: To find their way home. How the hell did you grow up without reading Hansel and Gretel?
Susan Calvin: Is that really relevant?
Detective Del Spooner: Everything I'm trying to say to you is about Hansel and Gretel. You didn't read it, I'm talking to the wall.
I, Robot (2004)

A Needle in a Field of Haystacks Made of Needles

Many websites use the Apache server program to deliver web pages and files to users or to execute programs that create those pages on the fly.  The Apache program, and indeed any web server, writes log files.  Those log files (commonly called the "apache logs") normally contain a fair amount of limited information on every request made by every visitor to the site, from those for web pages to every image or javascript script file or other file included on the web page.  This includes a host of information about the visitor which is of great value in compiling statistics about visitors.  It’s not complete, but it’s a start.

Read more...

8 comments


A Hack By Any Other Name — Part 4

Posted on 6 March 2014 by Bob Lacatena

Part 3 describes SQL injection, the text of the hack release, and the hacker's activity leading up to the release.

 

 

 

Dennis Nedry: Haahaaa... I am totally unappreciated in my time. You can run this whole park from this room with minimal staff for up to 3 days. Do you think that type of automation is easy... or cheap? Do you know anyone who can network 8 connection machines and debug 2 million lines of code for what I bid for this job? Because if he can I'd like to see him try.
Jurassic Park (1993)

What is Skeptical Science?

November, 2007

To understand the hack, it is important to first understand exactly what Skeptical Science is, in terms of technology.  Skeptical Science is not composed of your usual prefab blog software.  Most bloggers sign up for an account at blogger.com or wordpress.com or typepad.com.  Those sites provide them with everything they need to manage a blog, from software for editing new posts to comment functionality, sidebar widgets, customizable themes and automatic backups of their data, which happen with complete transparency in the background. The blogger never even knows how much is being done for them.

A few intrepid bloggers go so far as to register their own domain name, lease time through a web hosting service, and install and run their own copy of the wordpress software, or some other popular blogging software package.  For them, the installed package is still taking care of almost everything, while the web host may take care of the rest (such as those all important backups).  The blogger may expand his or her blog’s capabilities by installing wordpress plugins or even some basic web hosting tools, but that’s it. 

Skeptical Science is nothing like that.

Read more...

11 comments


A Hack By Any Other Name — Part 3

Posted on 28 February 2014 by Bob Lacatena

Part 2 describes the earliest encounters, known and unknown, with the hack.

 

 

 

Matt Farrell (professional hacker): If that guy knew half the shit that I know, his fuzzy little head would explode.
— Live Free or Die Hard (2007)

SQL Injection Attacks

As has been repeatedly mentioned, Skeptical Science endures frequent SQL injection attacks.

A SQL injection attack works like this.  When you enter data into a form on a web site, for instance to log on or to post a comment or to do a search, what you enter into that form will be combined with computer commands to do something in the database.  For example, if you search for “climate change” in a web site, the computer programs that run the site might issue the a database command which is the programming equivalent of “find all pages with the words ‘climate change’ in the text”.  The SQL statement — the programming version of that command — might look something like this:

SELECT * FROM PAGES WHERE CONTENT LIKE ‘%climate change%’;

Skeptical Science endures SQL injection attacks at least six times a year, if not more.

Clever hackers can use this to trick the system into doing something it never intended to do, by submitting cleverly constructed search criteria.  If the data entered into the form can be structured in a way to surreptitiously alter the database commands, to make it do something other than the site's programs intended, then the attacker has a way of manipulating the site or viewing data to which he shouldn’t have access.  If done correctly, it can be tricked into betraying private information, including user names and their passwords.

For example, suppose you enter the following in the search box, instead of simply ‘climate change’:

climate change’ UNION SELECT * FROM USERS WHERE USERNAME LIKE ‘

The program might put that together with the normal database command to get this

SELECT * FROM PAGES WHERE CONTENT LIKE ‘%climate change’ UNION SELECT * FROM USERS WHERE USERNAME LIKE ‘%’;

That particular command will return as the search results every post that ends with ‘climate change’ and also every username in the database.

[This is far from a complete, or even completely accurate, demonstration of SQL injection.  This example is merely intended to demonstrate the basic flavor of a SQL injection attack, without introducing details that would only further confuse things.]

That's not the only way to use SQL injection.  There are hundreds of ways.  That's why most first probes are usually done by bots trying dozens or hundreds of possible combinations.  They just want to find out if anything at all worked, and then they report back to the hacker when they detect something that has.

One of these attacks, a mildly successful one, is why the database SQL injection log files were created.

Read more...

15 comments


A Hack by Any Other Name — Part 2

Posted on 26 February 2014 by Bob Lacatena

Part 1 recounts the initial steps of the hacker, and our initial discovery of his intrusion.

Angela: They hack into computers and they cause this chaos.
 The Net (1995)

March 24, 2012 — 1:06 AM AEDT — The Early Conversation

Meanwhile, the real forum suffered through a torrential storm of activity on the "SkS was hacked" thread.

24 Mar 2012, 1:06 AM SkS was hacked
grypo

It looks like it happened

http://tomnelson.blogspot.com/2012/03/bill-mcfibben-on-weirdest-weather.html

I have downloaded the zip in the 1st comment but it is invalid.  It won't take long for whatever is in there to be made valid and put out there.  It's 18.5 MB in size

Can anyone get it open?  Can someone call John immediately?

24 Mar 2012, 1:13 AM  
Alex C

It's 1:00 in Australia...

24 Mar 2012, 1:20 AM  
Alex C

Just downloaded it, what the F**K, all my information is in there, contact and IP~ everyone else's too.

It's valid Grypo.  It's a whole bunch of what seems like screenshots of everything - but it's strange, the dates span from 2010...

24 Mar 2012, 1:27 AM  
Alex C

Not quite screenshots I guess... working embedded hyprlinks and everything.

24 Mar 2012, 1:43 AM  
Dikran Marsupial

the post seems to imply that the info comes from the logs, but I suspect this is BS.

I don't know how they can justify posting the identities of everybody who posts here as whistleblowing, especially as it includes many skeptics.

24 Mar 2012, 1:46 AM  
Alex C

....uh, what am I downloading?  Has this info really been public for so long?

Edit - the URL he gives is to another zip file, but I cannot decipher the text file within.

24 Mar 2012, 1:51 AM  
Dikran Marsupial

I think John would appreciate the call on this one even if it is 1am, so if anyone has his number I'd suggest they use it.

24 Mar 2012, 1:56 AM  
Alex C

I don't have his number.  I've sent him an email but of course he won't get that soon enough...

24 Mar 2012, 2:16 AM  
Albatross

"A lot of everyday conversation among SkS authors reads like hateful vulgarities. From the repeating rhetoric it looks like they have a fascination with war and violence."

Where the hell did they get that stupid idea!?  Yes, people are candid, but "fascination with war and violence"?!

Well, it was almost certian to happen....I just love how this person is trying to spin this.  They cannot attack the science, so they attack the people behind SkS.  This has nothng at all to do with transparency etc.

 


Comments about the hack flew fast and furious on the real forum.  By this time it was 2 AM in Australia.  I took a chance and tried to Skype John, not expecting it to work.  It did, but only because he was already up and on, starting to look at things.  Logicman apparently had his phone number and had just called him to rouse him.

We looked at it together and talked, mirroring each other's tone of surprise, confusion and anxiety.  He was surprisingly awake, an effect news like this would probably have on most site administrators.  He too noticed that the presentation of the forum wasn't right.  He confirmed that no, he hadn't programmed some odd super-admin variation of the pages.  He quickly noted that it wasn't even close to right, because the data necessary to display the page like that would require combining multiple database tables, specifically the POST table, where the individual comment was stored, with the USERS table, where each user's registration information is kept.

Read more...

17 comments


A Hack By Any Other Name — Part 1

Posted on 21 February 2014 by Bob Lacatena

Joshua (computer program): Shall we play a game?
— Wargames (1983)

Introduction

Our society romanticizes hackers.  Books and movies invariably present them as the good guys, the nerdy heroes, or at worst pit a good hacker against an evil hacker.  There’s something intriguing about that lone individual, armed with brains and an arcane, almost magical power over the preeminent technology of our day, granted him (or her) by the massive, interconnected and insanely complex world of global computing. It’s that heroic ability, when used wisely, to take down huge, nefarious government agencies, corporations, or anyone who isn’t considered “the little guy.”

This is the two year anniversary of the first of the days that the Skeptical Science web site was seriously hacked, and while from a security standpoint my attitude has always been that the less people know about things, the better — safer — the site is, I think it’s important to also establish that there is an ongoing, active war against Skeptical Science.

This is one more example of the Subterranean War that is being waged on climate science.

Regular visitors may have noticed that the site was down for much of the day a few weeks back.  That was a result of a concerted “denial of service” attack, an effort where individuals or bots attempt to overwhelm our servers in order to specifically bring the site to its knees.  This is one more example of the Subterranean War that is being waged on climate science.  Skeptical Science is simply a volunteer group, organized by one person, to try to counteract the persistent and easily debunked myths that are incessantly repeated and pushed, no matter how often they’ve been refuted, and no matter how directly contradictory those arguments are.

Read more...

14 comments


Customizable Global Warming Widget Metrics

Posted on 17 February 2014 by Bob Lacatena

The Skeptical Science Heat Widget was introduced almost three months ago, to demonstrate our planet's continuing build up in heat using a variety of measures.

To add more variety to the many presentations of the widget across the web, it can now be configured by the host to present any of the five available metrics as the starting metric.  To host the widget, visit the Skeptical Science Widgets page, configure your widget (use the new Metric button to select your starting metric), click the Generate button, and follow the instructions to install your widget.

The heat widget continues to be picked up by more and more blogs, and to be seen by more and more people — more than two million so far.  It was created to help convey the rate at which the planet's climate system continues to accumulate heat, even as cold snaps strike central North America, heatwaves hit Alaska and Australia, and unprecedented floods hit the UK.  It does so by using measurements of the total heat increase in recent decades in the oceans, land, and atmosphere as well as the heat going into permanently melting ice.

Read more...

5 comments


Heat widget viewed more than one million times at over 60 blogs

Posted on 15 January 2014 by Bob Lacatena

Since the Skeptical Science heat widget was released just over a month ago, over one million unique visitors have seen the widget at more than sixty blogs and web sites. Currently, the widget is being picked up by at least one new blog each day.

Hover over any blog image for a closer look.
Click on any blog image to visit that blog.

Many of the early adopters of the widget are blogs that are directly related to climate change, but more and more websites with everyday interests are adding it to their own blogs. This is helping raise awareness of the basic fact that our planet continues to build up astounding amounts of heat.

You can find the widget on Wunderground in a wintery gray, DeSmogBlog in coal black, and Greg Laden's science blog in its original hot red.

It's hosted on Stone Soup Station, a site that focuses on hunger and poverty.  It's hosted on ZLC Energy, a company specializing in clean energy solutions.  It's hosted by Jean on On The Road Again, which is just a blog about whatever Jean wants to write about.  It's hosted by the Coalition for the Advancement of Regional Transportation, which, in their words, "promotes environmentally sustainable, socially just, multi-modal transportation that provides affordable access and regional connections to all race and income groups."

You can also find it on blogs from 17 different countries, from Finland to Slovakia to New Zealand.

Read more...

7 comments


4 Hiroshima bombs per second: a widget to raise awareness about global warming

Posted on 25 November 2013 by John Cook

This is a working version of the widget, as it would appear on the sidebar of a blog.  To use it, just click the buttons.

Our planet is building up a lot of heat. When scientists add up all the heat warming the oceans, land, atmosphere and melting the ice, they calculate that our planet is accumulating heat at a rate of 2.5x1014 Watts. This is equivalent to 4 Hiroshima bombs worth of heat per second.

When I mention this in public talks, I see eyes as wide as saucers. Few people are aware of how much heat our climate system is absorbing. To actively communicate our planet's energy imbalance, Skeptical Science is releasing the Skeptical Science Heat Widget.

The widget can be added to just about any blog or web site. You can customise the colour of the widget, the style of the design and even the year from which the heat graph begins. It's the result of months of diligent programming and testing by SkS team member Bob Lacatena (Sphaerica). If you have a webpage or blog, here's an opportunity to help raise awareness of global warming.

If you don't have a website but are on Facebook, Bob has also put together a Facebook app and an app for the iPad and iPhone. For complete instructions on how to get and install the widget on your blog or web site, visit the Skeptical Science Widgets page.

The widget shows the amount of energy that has been and continues to be added to the earth's climate system, expressed in ways that non-scientists can more easily relate to. Meanwhile, the counter actively increases with time, showing exactly how much and how fast the planet continues to warm.

For more information on the science behind the heat in the climate system, visit the widget's companion site, 4hiroshimas.com. This website was put together by Bob, in collaboration with the SkS team.

Read more...

50 comments


SkS social experiment: using comment ratings to help moderation

Posted on 8 October 2013 by John Cook

Last week, the news rippled through the blogosphere that Popular Science had shut off commenting on their website. The reason: trolls and spambots had overwhelmed the comment threads. This is a great shame, partly because it should be avoidable. Surely a combination of technology, crowd-sourcing and manual moderation should be able to minimise the destructive impact of comment trolls.

To investigate this possibility, Skeptical Science is engaging in a social experiment. You, gentle readers, are the participants. The experiment is a University of Queensland research project, titled "Using comment ratings to facilitate moderation" (I've updated the SkS Privacy Policy to include information about this project). The goal is to investigate using user ratings to assist comment moderation, thus helping to maintain a high quality of discussion. This will be achieved simply through the use of two thumbs:

Thumbs Up

Read more...

41 comments


Announcing the Skeptical Science Glossary

Posted on 10 February 2013 by Bob Lacatena

Skeptical Science is proud to announce the implementation of an interactive glossary.

We've long recognized the frustration that many readers might have, even those who are well educated in climate science, with the number of scientific terms and cryptic acronyms that come with virtually any Skeptical Science post.

The fact is that climate science is influenced by a wide variety of scientific disciplines, from atmospheric and ocean physics and chemistry, to marine and plant biology, statistics, computer science, and more.  Even an expert in one or several fields may be thrown off by an unfamiliar term from a less familiar field.

To help make sense of the terminology soup Skeptical Science has implemented an automated glossary system.  You will see some words, like "aerosols," and some acronyms, like "GCM," with a dotted underline.  If you roll over these terms with your mouse, a definition of the term will appear in the upper right hand corner of the screen. That definition will remain on your screen for a period of time before disappearing, or you can close it (or all open definitions) yourself.

A Sample Term Definition

Give it a try now...

Read more...

18 comments


WYSIWYG Comments Feature

Posted on 3 February 2013 by Bob Lacatena

Skeptical Science has modernized the comments system (with many thanks to Paul D), by adding a what-you-see-is-what-you-get (WYSIWYG) comment facility.  Now, no one should feel tempted to violate the comments policy by using all-caps... because you can easily bold and italicize and do other things (within reason).

For most people, use should be straightforward.  The main things that you can do are obvious, and are like any computer editor you've encountered elsewhere.

Read more...

37 comments


Skeptical Science Upgrade

Posted on 14 January 2013 by Bob Lacatena

Skeptical Science has just transitioned into a (hopefully) transparent upgrade to HTML 5.  Users are not supposed to experience any really noticable changes, although the spacing of some page elements may be different by a pixel or five, here or there.

Read more...

18 comments


(Fahrenheit) 451 ppm

Posted on 11 December 2011 by Bob Lacatena

A Chilling Thought

The recent Schmittner paper on equilibrium climate sensitivity, estimated by using a simple climate model and a comparison with the Last Glacial Maximum, led me to a new and thought-provoking perspective on exactly what man is doing.  One can use an even simpler model — a simple rule of thumb — to frame exactly what is happening and what we might expect.  One need not even go as far as a simple computer climate model to arrive at an unsettling conclusion. 

Scientists have attempted to define a minimum safe global mean temperature increase, above which we are really taking our chances and rolling the dice.  To stay within this they have computed a threshold of CO2 levels beyond which we should not go.  Based on a best estimate of climate sensitivity of 3˚C per doubling of CO2 and a target temperature increase of 2˚C, the CO2 target level is 450 ppm.

But 451 ppm is just as important a number.

Read more...

106 comments



The Consensus Project Website

THE ESCALATOR

(free to republish)


© Copyright 2020 John Cook
Home | Links | Translations | About Us | Privacy | Contact Us