Maybe reading the BOFH inspires me, but I just thought of a new way to use what's discussed in this document: it could be used to frame somebody. Let's take a purely fictional example: an employee doesn't like his boss and he'd like to get him fired. He knows what type of OS his boss is running (useful for having similar pathnames), and he can even manage to get physical access to it. But if he tries to surf on porn sites on his boss machine, he might get caught before he can make enough "evidence" to make it worth firing a person. So what he could do is setup a machine at home, with the same Windows version as the boss machine and the same software (web browser, newsgroup reader), and then generate evidence by surfing sites with explicit content and downloading from the newsgroups and logging everything using the technique described above. He makes sure that the package is not contaminated with some of his personally identifiable data, and proceeds to make an install kit. Now, all he have to do is execute this package on the boss machine when he has a chance. This is much quicker than generating "evidence" on the spot. Hey, if the guy's clever, maybe he won't even have to go to the machine at all, finding a way to do it remotely. After that is done, it is only a matter of calling Human Resources with a complaint of sexual harassment due to pornographic material on the workplace. There'll be so much evidence in the temp folders and all over the disk drive that they probably won't bother to check the firewall logs to see if there's a match.
Conclusion
Table of contents