Regular readers already know the answer. First they have my unique machine ID which ties my copy of XP to my machine and my specific hardware. The cookies I have, tie all my session surfing habits to my visit to the honeypot and report my email identities. From my WordPress blog, they can access all of my drafts several days ahead of publication. From my index.dat files, and the lists of most recently used files, they know all the search terms I have visited and from the cache memory they can search for hashed pictures of kiddie porn.
Data Mining Programs allow them to evplore every file on my machine and keystroke loggers allow people to track my activity in real time. They know every site I have been to , how long I stayed, whether I printed anything from it and the number of links I visited. The only way to avoid it is to cleanse every machine after every site visit destroying all cookies before entering the next site. Hardly practical.
My IP address ties me to my ISP who has my credit card, social security number, name, phone, employer and home address. Since they are already in bed with the ISP’s that have Carnivore on them, they can get all those records. With this they can then get credit reports. Hell, they can also Google me under my real name to find all public information.
As I travel and use laptops to enter my admin page, they can find out who’s house I surf from and what machines I’m on. They can track that machine identity to my war driving and theft of service.
Since all Federal agencies are cooperating for “persons of interest”, they can track my every motion when they swipe my passport at customs.
The question is not what they know, but what they don’t know.