So there is a public ledger, but it's basically useless when it comes to using it for security. So... what good is it at all? It sounds totally superfluous.
The purpose of the public ledger is to know whether a particular account is currently in possession of BTC or not.
So, if account 1ABCdefGHi1234 wants to send you BTC, then you can know immediately whether the transaction is likely to succeed or not (you won't know for sure until the network confirms the transaction, which is done by consensus by looking at the same public ledger).
The problem is that bitcoin obfuscates the path of coins whenever possible; the ledger is not designed for tracing individual users, and even if it you tried, there is nothing stopping a user from having 10, or 100, or 10,000 different accounts. There are forensic techniques available for working out which accounts are grouped together into a single wallet, so with careful enough examination of the blockchain, you can be reasonably confident that multiplpe BTC end up in the hands of the same person, even if they have taken different routes.
The difficulty with the MtGox situation, is that the alleged theft occurred in pieces over several years. Even a cursory examination of the ledger, shows with absolute confidence, that there was no single transaction, nor series of large transactions out of accounts known to be held by MtGox which could explain this.
MtGox "hot" accounts were very busy, accounting for close to 5% of all transactions. The alleged mode of theft was for duplicate transactions to be sent to specific accounts. In that case, they
will be in the ledger, but hidden by the noise. If the thieves were smart enough to request the duplicate payment to another address, then they may not be traceable at all. It doesn't mean that the payments aren't in the ledger, just that it doesn't hold enough information.
What would be more interesting is MtGox's internal databases. These should hold the support tickets where people requested repeat withdrawrals, and a list of all the transactions on their accounts.
Allegedly there is a Russian hacking group who appears to have stolen this MySQL database (complete with embedded scans of passports, etc.) who are claiming to be preparing a torrent release....