See the CryptoBook link at http://www.eskimo.com/~joelm
While the concepts were originally developed for a laptop, they're easily applied to a desktop machine running Win95.
Joel
Thanks for the link to the CryptoBook stuff - it's useful info. Could you address further the issue of plaintext from scratch files, virtual memory, and so on, from the standpoint of your CryptoBook system? The advice to make the temporary directory on the encrypted volume and so on, and the general pointer to wipe utilities, is good, but is there a systematic way of making sure *no* plaintext gets written to disk, or if it gets written, that it is properly wiped, with this system? I believe there is a utility for DOS to intercept calls to delete (I'm a mac person, pardon if I'm getting this wrong) and wipe all files before deletion. (Real Delete? Secure Delete?) Would this be compatible with Win95/cryptobook, and if so, would this address virtual memory concerns? The larger question I'm wondering about here is, if one were starting from scratch and trying to build a maximally secure Mac/Dos/Windows/Unix/other platform for oneself to do one's daily work, which machine and what configuration would one want? The mac I configured earlier seems pretty darn good, can anyone see a flaw in it? I think the pain in the neck resulting from the write-protected startup volume could be problematic, but aliases to writeable files/folders on the encrypted partition should solve most of this. I may set this up on my own mac to test it out, when I have some time. Tom