BO, trojans, http tunelling and similar are really not rocket science these days. 99% of sheeple machines are vulnerable. This is perfectly valid and real attack. Not on my machines and probably not on yours - that does not make any difference.
This is just another data point supporting secure devices insulated from microshit OS, java and wintels in general. Running PGP in the environment where attachment execution and/or java and/or activex are tolerated does not make any sense.
I want a laptop where someone could take out the disk platters, scan them with a STM, do every "reconstruction" trick known to humankind, and still not be able to tell basic things like how much of the drive is in use or what operating system is installed. To use it, you would have to enter the correct passphrase on bootup (256 characters would be about the shortest maximum passphrase length that would be worthwhile) for the BIOS to make into a key to encrypt the drive writes and decrypt the drive reads. The drive encryption would have to be handled purely in hardware on the HD controller, specifically so that there is NO WAY for software running on the box to get around it. Every write and Every read. And finally, it would have to have some kind of tamperproof keyboard -- noplace to install hardware key loggers. I think that's about the bare minimum for a theft-secure machine. (A machine which can be stolen without you having to worry about someone else getting the data on it). Network security, if you hook it up to a network, is a separate and more complex problem, but I think that it *is* possible to make a theft-secure machine. Bear