One can argue (and I would agree) that the NSA needs reform, that it has become too big, too dependent on private contractors, too sloppy in its security procedures, too hard to oversee and too slippery in its definitions of what it may and may not do. All these shortcomings are cause for concern (though not for panic) and are worthy subjects for discussion. As General Clapper himself has admitted: ‘As loath as I am to give any credit for what’s happened, which is egregious, I think it’s clear that some of the conversations that this has generated, some of the debate, actually probably needed to happen.’[63]

It is hard to dispute that the public should be aware that the NSA has stretched the definition of material ‘relevant’ to terrorism to include warehousing the phone records of every call made or e-mail sent in America, and that the agency has had serious rows with the FISA court. Thanks to Snowden, the public now knows this. The modest reforms announced by President Obama on January 17th are also a direct result of the Snowden leaks. But such benefits need to be weighed against the costs. Nothing evinced so far justifies the catastrophic damage that the Snowden leaks have done to national security—the worst disaster in the history of American and British intelligence.

The mere whiff of a breach acts like nerve poison on intelligence agencies. If you lose even a single document, or believe an unauthorised person has had access to it, assumptions must be of worst-case scenarios. Assume that the Russians learn that an outwardly boring Irish insurance broker in the Ukrainian capital Kiev, for example, is actually an undercover officer of Britain’s Secret Intelligence Service. What will they be able to do with that information? Will he be in danger? Will they able to find what agents he is running? If so, they must be brought out: they risk arrest. Maybe the agents are safe, but the operation cannot continue: in that case everyone involved must be stood down inconspicuously. What about colleagues? Safe houses? Dead-letter boxes? Another question is when the breach occurred. Can one be sure that this was the first instance? How solid is the ‘product’ (the intelligence obtained from the compromised network or individual)? Should it be assessed or analysed differently? Is it possible that the adversary used the breach to feed misleading information and then monitor the results? The answers to these questions may be ‘no’. But an experienced team of counter-intelligence officers must ask them, find the answers, check and double-check. The taint of even a minor breach must be analysed, contained and cleaned.

If a single breach is a serious problem, two make a nightmare—particularly if the missing material comes from different bits of the organisation. Documents which may on their own be quite anodyne can be gravely damaging if they are combined. Revealing an intelligence officer’s cover name may be no big deal. But combined with his previous travel, it could be the clue that gives the adversary details of an operation. Multiple breaches increase the problem exponentially. Each bit of compromised information must be assessed not only on its own, but in relation to every other piece of data. As the numbers mount, the maths becomes formidable. Four bits of information have 24 possible combinations. Seven have 5,040. Ten have more than three million. If Snowden has taken a million documents, the permutations that—in theory—need to be examined exceed the number of atoms in the universe.

Snowdenistas dispute claims of colossal damage. Foreign intelligence services in Russia or elsewhere do not and will not have access to the stolen material, they maintain. But dealing with secrets is a highly technical and complicated business. People build their careers on it. It requires elaborate procedures to store the information, to set and administer levels of access, to monitor who sees it, when, why and how, and particularly to authorise, log and track any copies made. It requires specially built premises, and staff who must be carefully recruited and trained and subjected to regular screening. The whole setup—with its physical, bureaucratic and human elements—involves regular checks, and possibly professional penetration tests, in which expert outsiders are tasked with trying to break the security systems. It is also designed to minimise the effects of any breach—for example by seeding the data with tell-tales (to highlight if it is being misused) or booby-traps (to act as a deterrent to malefactors). All of this takes place in the knowledge that the world’s most sophisticated intelligence agencies regard other countries’ secret data as a top priority.

Snowden’s allies may be admirable journalists. But they do not have the experience or resources to protect the information he has stolen. Their offices cannot be made safe against electronic eavesdropping. They do not know how to make their computers truly secure. The idea that the material is safe because it is encrypted is shockingly naïve: it is child’s play for a sophisticated adversary to place malware on a computer, remotely and invisibly, which logs every key stroke, and records everything that appears on the screen. Such ‘end-point vulnerabilities’ render even the heaviest encryption pointless. They can be delivered via a mobile phone or through an internet connection (or by some other subtle and secret means). Snowden knows this. It is possible that someone with his technical skills could keep the stolen data secure on his own computers, at least for a time and if he does not switch them on. But that becomes ever less likely over time.

Security becomes outright impossible when the material is handled by a team of amateurs. How many people have access? Who has screened them? What are their vulnerabilities—financial and psychological? Does anyone check their bank accounts? Are any of them vulnerable to blackmail? Do they have any training in avoiding ‘social-engineering’ attacks (such as impersonation)? What about the use of force? What happens if someone becomes disillusioned and leaves the team? A shocking example of carelessness came when Greenwald’s partner, David Miranda, was stopped while changing planes at London’s Heathrow Airport in August. His luggage included a number of ‘thumb’ USB drives and electronic devices, carrying some of the Snowden trove (as well as, some reports say, a password, apparently written on a bit of paper). Any public official who carried secret data this way would be fired and then prosecuted. A similarly sackable offence would be sending secret material across international borders by a commercial courier company such as FedEx. The editor of the Guardian, Alan Rusbridger, admits that he did just this, and jokes about it on his Twitter profile.[64] (Mr Rusbridger’s defenders say that the material was heavily encrypted and that both the sender and receiver were third parties; he may feel that this ruse is fail-safe but security professionals would not.)

It is hard to avoid the conclusion that Snowden conducted his activities within the NSA in order to be as damaging as possible. Among the so far unpublished material are (by the NSA’s account) 31,000 files which show what government customers asked the agency to find out about countries such as China, Iran and Russia, and its assessments of how it could respond. These ‘shopping lists’ are among the most closely guarded secrets in any intelligence agency. Once you know what the other side needs to find out, you can infer what they already know.[65]

All this counts as primary damage: to the sources, methods and self-confidence of an intelligence or security agency. But the ripples extend farther. A spy agency’s greatest asset is its reputation. Britain’s MI6, for example, enjoys free publicity from decades of films featuring James Bond. The real-life business of intelligence has little to do with the stunts on screen. But the brand helps attract able people to work as intelligence officers. A reputation for integrity and skill also makes it easier to recruit sources. If you are pondering whether to trust your life to a foreign country’s spies, you will want to have confidence in their ability to keep secrets. It is hard to conceive of a definition of America’s national interest that does not include keeping secret the identity of foreigners who trust the country with their views, secrets—and lives.[66] But the Snowden fan club, like the cheerleaders for WikiLeaks, takes no account of this. The NSA and other agencies cannot assume that, as Snowden so blithely puts it, there is a “zero chance” that adversaries have seen the stolen documents. They have to work on the assumption that they have done, or eventually will do so.