[clue] gpg question

[Yaverot]

--- miguelito at biffster.org wrote:

>> Why not just use an encrypted file system?

>Sometimes you need a hammer instead of a sledgehammer.

"Cover your tracks" is a sledgehammer requirement. GPG shouldn't care about what filesystem it is on.  Is it a FAT variant, so you can "just" ovewrite the data from a random source? Is it ext3 or 4 where you have to worry about journaling? Is it a CoW setup, a SSD, ZFS or btrfs -> can you even overwrite the "plaintext" data? 

The data was fine in the various unencrypted sources you used to create the report, and it was fine for your editing program to make intentional backups and unintentional copies in other places of the system. They would also be plain-text.  So the workflow already dictates that the laptop is secure, and that therefore there isn't a hurry in deleting an original report ASAP after encrypting. You're encrypting for transport over unsafe/unsecure systems so that they can't get the real data.

If you're worrying about this then you definitely don't want GPG to "do it wrong" by just issuing a rm.