COMPETENCE: Report: NSA doesn’t know the extent of Snowden damage. “The National Security Agency (NSA) doesn’t know how much information leaker Edward Snowden was able to obtain because of an underdeveloped capacity to audit its own data, according to a NBC News report released late Tuesday.”

This is criminal. Every single thing he did should have left an audit trail, both as a guard against misuse, and for damage assessment in a case just like this.

I didn’t say “criminal incompetence,” because if the need for an audit trail is obvious to such as me, it surely must have been obvious to higher-ups at NSA. If the systems lack the capacity for this, it’s because somebody doesn’t want the records kept. That suggests abuse at a systemic level. (It also undercuts claims of extensive auditing here.)

Then there’s the incompetence of letting someone like Snowden have such free-ranging access to the system: “The NSA had poor data compartmentalization, said the sources, allowing Snowden, who was a system administrator, to roam freely across wide areas. By using a ‘thin client’ computer he remotely accessed the NSA data from his base in Hawaii.” Snowden and Bradley Manning. That’s who’s in charge of our secrets?

Disgraceful. The whole operation needs to be reviewed at the highest levels. Instead, we’re more likely to see some cosmetic fixes and promises that this was a one-off.