Encryption v. temporary files
Recently Iíve been reading about encryption and itís all fascinating stuff. Iíve read stuff that says that itís no good encrypting things unless you make sure you shred the decrypted versions.
However, I was wondering whether even that is secure. I mean, if I open an encrypted e-mail in Thunderbird, it gets decrypted. Where does that decrypted text go after I close the message? Does it just vanish from RAM? Or does Thunderbird store it in an unencrypted temporary file, which an attacker could easily recover?
The same goes for encrypted files of all types. If an unencrypted version of a file is opened in OpenOffice, AbiWord, GIMP, Evince, Gedit, Audacity, Kino, Totem, Kile, LyX, Rhythmbox, Vim, Emacs, Firefox or Opera, will temporary files be created and insecurely deleted? Some programs will be more secure than others, I imagine.
Would moving your personal configuration folders (e.g. $HOME/.openoffice.org/) to an encrypted filesystem (e.g. $HOME/.Private/) help at all?
Donít suggest full-disk encryption. Thatís too obvious.
If people were nicer, I'd answer more queries here!