God, I might even be looking at Google/Ajax, or I might be looking at a compromised browser Google/Ajax hack. Guess it is starting to fall into the whatever category. ET phone home?

ET phoned home, system hosed. Httpd running at places it shouldn't. Installs of rootkit checks don't show up in history/logs. Login behaves erratically. Ah well.

For those not sufficiently paranoid: At one company I worked in, machines were hacked 5-10% continuously, so far for Windows or Linux, and a continuous practice of spying through rich content mails. The latter is/was rather easy, instead of loading a picture, Javascript is loaded and the content of the mail/forward/reply is pushed back. Mails could be tracked throughout whole companies.[1]

For an exploit in Mozilla, you just need an exploit in HTML/ Javascript/ css or a plugin, and you can start pulling/pushing stuff to some Google account at will. On a last note, on the Internet, its hardly a question of 'if,' but 'when.'

Actually, in my experience, for most companies, the biggest problem probably isn't even security but the sysadmin.

[1] A good reason to quit, btw.