Editing sensitive data
======================

If you temporarily decrypt your data in order to edit certain files, you
should not simply save the edited files over the original ones in your
working directory if you are seriously concerned about the security of the
data. If an edited file is shorter than the original one, and if you
'overwrite' the original version with the new one, some of the old data may
remain on the disc even after all traces of the new files are securely wiped
from the disc when using !Erase.

In order to guarantee that no traces of the original data remain after
re-encryption, the following procedure is recommended:

1. Before editing any file in your working directory, first *move* it to the
directory 'scrap' inside !Erase. (Do *not* 'copy' it there and then 'delete'
the original file!)

2. After editing the file, save a copy of it once again in your working
directory.

3. Double-click on the application !Erase. After asking for confirmation,
this utility destroys all traces of everything in the directory 'scrap'. For
extremely sensitive information, !Erase enables you to destroy the data with
a higher level of security than its default. Read the !Help file inside
!Erase for instructions on how to do this.

4. Double-click on !Lock to re-encrypt your data.

If you want to save a file several times during the editing process, simply
repeat steps 1-3 as many times as necessary.

If for any reason you accidentally lose your data while performing these
steps, remember that you can always find a backup of your previously
encrypted file, as described in !Help.


Other precautions
=================

To ensure the absolute security of your data, you must guard against any
operations which 'delete' files or create extra copies. For example, you
should disable any utility which periodically performs automatic 'autosave'
operations.

If sensitive files are to be moved between different discs or filing
systems, you can first copy them and then destroy the copy in the original
location by means of !Erase.  To do this, you will need a copy of !Erase on
the appropriate disc or filing system, so that you can safely 'move' the
files into the directory 'scrap' in order to destroy them.

Even if all the precautions described above are taken, it is best to prevent
any unauthorised access to your computer. A serious snooper could, for
example, install a hidden program which captures your passphrase whenever
you use !Q-Lock, or which records all keystrokes.
