Edward Snowden Could Have Delayed Russian Analysis of His Laptops

I don’t know if Edward Snowden had a national security secret in his laptops when he arrived at an airport near Moscow. If he did, he could not have prevented the Russians from finding it, although the Russians may, several years later, still not understand it.

He was alone in his travel. He inevitably would have fallen asleep sooner or later. Russians would have had to study his sleep patterns (e.g., to find when he sleeps the longest uninterruptedly), wait for a long enough period of sleep to begin, enter his sleeping quarters quietly enough not to wake him, take one computer, leave, move a hard drive to a Russian computer, make a bitwise copy of the whole drive and a copy of any recoverable underlying data at the edges of tracks or due to variations in magnetic flux reflecting what was overwritten, return his hard drive to his laptop, return the laptop to his sleeping quarters before he awakens, and repeat for every hard drive and every laptop. The Russians would likely have had to avoid detection by him, but could have decided that detection wouldn’t matter.

No one stays awake forever. Being highly motivated to stay awake is not enough. He could not have prevented falling asleep. The most he could have done is try to sleep lightly and hope he awakened in time if an intruder entered his bedroom (assuming he kept his laptops near his body at all times). The Russians could have tested for that and, if his patterns made intrusion too risky, could have gotten him to receive a drug to change his sleep pattern on just a few nights, probably without his knowing about the drug, to get him to sleep more soundly (more uninterruptably) and for more hours, preferably early in his stay in Russia in order to reduce the likelihood of his changing what was on his hard drives much from what was there when he entered the nation.

In the days before he entered the nation that is an enemy of the U.S. (it has nuclear war-headed missiles aimed at the U.S.), he was already notorious for his role in U.S. national security, so he would have been closely monitored from the time of his entry, so his sleep patterns would have been monitored starting on the day of his arrival.

The technical work would have been difficult and possibly beyond Russian government abilities. I assume the Russians have the equipment and skill needed, but collecting the raw data in just a few hours would be much more expensive than doing it over some days. I don’t know how many hours it would have taken to copy overwritten bits, relative to the time needed for making the bitwise copy, although both could be done simultaneously, making the bitwise copy as incidental to copying all the underlayments by copying all magnetic patterns.

I also don’t know how reliable would be the recovered information. For a relatively simple case, fill a hard drive and overwrite it three times with different files, all in plain text. That means there should be bits in the bitwise copy and in the three underlayments. But track widths and head-on-track misalignments beyond tolerances meant for normal hard drive use probably are not consistent over the lifetime of the drive and flux variations would be increasingly subtle the more underlayments there are, the subtlety eventually reflecting the state of the disk when not yet ever used, so reassembling overwritten data would be unreliable. And that was a hypothetical case; in reality, the exact number of underlayments would vary by sector and it could be impossible to identify which underlayment at a given sector goes with a given underlayment at another sector.

The Russians would not have needed to analyze anything in the copies until later, because the analysis could be done without his being without his laptops. While the bitwise data probably was protected by encryption, the key to that would have been known to him and he could have been forced to reveal the key or forced into difficulties such as Russian imprisonment or deportation to the U.S., which wants to prosecute him, and apparently neither has happened, even during President Trump’s apparent friendship with President Putin.

The underlying data may have been protected by encryption with a different key and he could have assigned a key he could have immediately forgotten, such as by typing randomly on the keyboard without even looking at his fists (typing without looking and with fists rather than fingertips would make his remembering exactly which key caps were depressed unrealistic), and then installed all new software, even with new secrets. Thus, he’d be unable to give the Russians a key to the underlying data even if he wanted to or was tortured into giving it up. The Russians would likely have tried brute-force attacks to find the key, but, if the key could have been long and formed from a large character universe with fewer restrictions on key formation, the attack would have taken a long time, possibly still underway today.

(What could have happened in the People’s Republic of China (Hong Kong is part of it at least for purposes of international relations) in his travels could have been more complicated. He said he had destroyed his access to secret information before he got to Russia, but I don’t know whether he did before he left the U.S. It is possible that Chinese authorities wanted nothing to do with him and perhaps did not attempt to copy his hard drives. If any nation did copy his drives, we wouldn’t know if the Russians obtained a copy, or if the copy was made before he destroyed his access to any contents. My analysis assumes that no nation obtained anything of the sort.)

The result is that the Russians could have been stymied by him in understanding what underlay the bitwise copy even if they had a copy of the entire set of underlayments. They could have copied everything on the hard drives without his knowing anything specific about the effort, but they still would not have known what they had. Maybe some years or decades in the future they’ll figure it out, perhaps as computers become more powerful. Whether it’ll still be valuable is anyone’s guess.