A lot of folks have wondered how the U.S. government couldn’t know what documents Edward Snowden illegally copied, and this AP story suggests an answer:
The U.S. government’s efforts to determine which highly classified materials leaker Edward Snowden took from the National Security Agency have been frustrated by Snowden’s sophisticated efforts to cover his digital trail by deleting or bypassing electronic logs, government officials told The Associated Press. Such logs would have showed what information Snowden viewed or downloaded.
The government’s forensic investigation is wrestling with Snowden’s apparent ability to defeat safeguards established to monitor and deter people looking at information without proper permission, said the officials, who spoke on condition of anonymity because they weren’t authorized to discuss the sensitive developments publicly.
. . .
The disclosure of Snowden’s hacking prowess inside the NSA also could dramatically increase the perceived value of his knowledge to foreign governments, which would presumably be eager to learn any counter-detection techniques that could be exploited against U.S. government networks.
It also helps explain the recent seizure in Britain of digital files belonging to David Miranda — the partner of Guardian journalist Glenn Greenwald — in an effort to help quantify Snowden’s leak of classified material to the Guardian newspaper. . . .
Officials have said Snowden had access to many documents but didn’t know necessarily how the programs functioned. He dipped into compartmentalized files as systems administrator and took what he wanted. He managed to do so for months without getting caught.