Clever. The font makes it possible for the agent to verify he is on a Gauss machine by visiting seemingly innocuous websites which have code to detect whether the font exists, and then inform him by outputting special text only he knows about. He could receive messages that way too. Once he knows it's a Gauss machine, he can drop his specially named files and they are delivered.

Is the idea that gauss would act like a secret file katamari, rolling around collecting data while it spreads, and being harvested when it "infects" a creator controlled machine? It would seem like any direct data transmission would be detectable and investigated with extreme prejudice.

I am only speculating but we know a few things

1. Its part of a wider eco-system of collecting / infecting / attacking "framework". It seems that attacking uranium enrichment was just a "plug-in".

2. They have designed for multiple infection vectors. Now if it can get in it can also get out. I would not be surprised if the family of malware here is also able to hook into outlook.exe, and even piggy back on IE connections. There is no particular reason why a payload cannot be steganographically put into every photo uploaded to irans' facebook. Which may not be entirely secure of couse :-)

The possibilites when you have the money and time are incredible.

So, no, something as silly as transmitting over UDP from the agents laptop back to www.cia.gov is unlikely, but this things will just keep pushing data around and around till it gets either home, or to a target.

Sadly, much of the code is out in the open. And is surely being pulled apart by other nationstates and the mafia.

Fun times ahead