However, I think I trust gpg and it links to winpt. Also I noticed an old version of winpt used to decrypt a window to itself so its text would automatically become readable. With the latest version installed it seems to only decrypt to the clipboard. The Edit Clipboard dialog has a Clear button. Also the passphrase input prompt does print bullets instead of the letters you type, FWIW.

Possibly if someone is running virtualpc on a linux box they could scan the memory of the emulated windows machine by grepping /dev/mem as below.

Thank you all for your thoughts on this.

I just confirmed that in linux you can read much of the contents of an array after the program has ended, but that filling it with junk works. Well sort of proven it since I think I did find the test string in the source code and interpreted bits..

#!/usr/bin/perl
$a="snoopy";
$x="XXXXXX";
for (0..1000) {
  push(@s,"$a$_ " x 100);
}
exit 0;
for (0..1001) {
  @s[$_] = "$x$_ " x 100);
}
@s = ();
[download]

perl testmem
cp /dev/mem /tmp/mymem
grep -a snoopy /tmp/mymem | more
reset (you will need this)
[download]

Comment out the exit 0 line to test. Haven't tried undef $a but I figure it is similar. You will have to change your test string as your memory gets dirtier the more times you run this. :|

You're putting your worry in the wrong place. To accomplish what you're concerned about needs having access that has already completely compromised the machine.

While there are scenarios where this is an issue, you're not working on one of them. (If you were, you wouldn't have to be asking here... :)

I understand Elian. It is really only the sysadmin and anything run as root that could do this, and then the human at least can do lots of easier things if he wanted to. It's just a "feel good" thing I guess. Thank you very much for thinking about this.