1

If you decrypt ciphertext to the terminal like this:

gpg --output - --armor --encrypt --recipient 23642351 message.txt.pgp

..does it touch the hard drive / ssd or only live in RAM?

What about when Thunderbird decrypts a message - does the plaintext touch the hard drive or only live in RAM?

Thunderbird stores everything encrypted with your own public key even copies of the sent mail which went out encrypted with other people's public keys, and it lets something live for five or ten minutes as plaintext before it will ask you for the password to your private key again to view something. The question is, during those five or ten minutes, has it saved it as plaintext on the hard drive?

I know from recovering text files from the hard drive that anything you delete stays floating around on there for a while whereas anything in RAM will disappear the moment the power is switched off.

cardamom
  • 359
  • 2
  • 9
  • 1
    I would not rely too much on what specific applications do regarding temporary files. I would also not rely on information in RAM to be immediately lost after switching off because of [memory paging](https://en.wikipedia.org/wiki/Memory_paging). Better (also) use full disk encryption. – Steffen Ullrich Jun 29 '21 at 08:13
  • 2
    Even if the decryption stores the plaintext in RAM, plaintext could be written to the hard drive inadvertently if there is swapping. – mti2935 Jun 29 '21 at 08:14
  • Thanks, I am switching to encryption for the user folder partition. Not sure if the system partition needs it, and the 'swap' partition which is there for hibernating might be used for RAM swapping. I think you can switch off RAM swapping. At one point I [did this](https://unix.stackexchange.com/questions/55773/move-tmp-to-ram) to keep `/tmp` in RAM. There are commands like `swapoff -a` which will switch that off completely, but I think the RAM will only spill onto the hard drive if it gets full which is rarely in my case. Question is, does Thunderbird or the terminal save to hard drive. – cardamom Jun 30 '21 at 17:08

0 Answers0