Or you know, he's referring to actually physically bugging the machine with a hardware keylogger. Which, for someone you're interested in, is way more reliable then simply hoping they're still using unpatched Windows.
That seems like a lot of work and far more targeted than would be consistent with their recently revealed MO (although I am certain they do this in limited instances where "necessary"). These programs seem to have a primary aim of maximum efficiency and mass surveillance. Deploying hardware doesn't seem to fit that description.
