If keeping the bad guys from getting your data is the primary concern then I suggest tricks like open STDOUT, ">/dev/null"; and looking up unlink.

Decryption is left as an exercise for the reader or the NSA.