[grey-area]

I took that to mean that they have exploits they can run once they which will let them take over your machine and install keyloggers etc. to report back any further activity. It wouldn't take much for them to purchase or develop a suite of vulnerabilities for all the major operating systems/browsers which they keep current, and once they have that any encryption is pointless as they can see what you see/type/hear. He mentioned it right after talking about seeing your machine on the network and mentioned hardware bugs separately.

[rdtsc]

Some major military contractors (Raytheon I think is one, BAH another maybe) were looking to hire security experts to find vulnerabilities. There is a robust black market for 0days and I can't imagine the govt. isn't interested in playing. Especially after the cyber-terror war drum has been beating for a while and Chinese hackers scaring everyone's grandmas (most likely articles seeded by PR agencies in preparation for a major contract award to a military industrial contractor).

[asdftmp]

I thought it was common knowledge that governments actively buy and use 0days? They certainly do, just look at Stuxnet's astounding and ham handed usage of 4 0days (in the first version) for an easy example all the way back in 2010.