Here's one for the experts
You have some files on a secure flash drive
You plug the drive into a computer (not yours)
You unlock the flash drive
You view / change on of the files on the flash drive
You save it back to the flash drive
You unplug the flash drive and walk off into the sunset

What do you leave behind? Will the computer have left an unwanted copy of the file lurking somewhere? This question came about because I loaded a file from a Kingston secure USB drive and found that I was able to carry on editing the file with the drive removed - does this mean a copy was on the PC somewhere? If so - does it get securely trashed when closed?

Hmmm - I did that once a few years ago in a Far East Internet Cafe that looked quite reasonable - just before leaving I ran a search for recent files on the hard disk and discovered something had made a nice copy of my working files ..................

for backup purposes I'm sure..........

You plug the drive into a computer (not yours)
Windoze will then write a little record in its USB device database of the serial number of your device. Should you visit the same computer next year with the same device then it will remember you.

You view / change on of the files on the flash drive
The viewing program has no idea how to unencrypt the files on your device, you already did that in your previous step, now your files are open slather to anyone who has access to the computer your device is plugged into.

USB stick encryption is only good for physical loss of the USB stick and not much else. Accessing sensitive data via a public computer is simply insecure regardless of the measures taken (except the one were special polarised glasses are needed to be able to read the screen).

USB stick encryption is only good for physical loss of the USB stick and not much else. Accessing sensitive data via a public computer is simply insecure regardless of the measures taken (except the one were special polarised glasses are needed to be able to read the screen).

Is that an embedded feature unique only to a specific computer, monitor or embedded in the file itself such that on any computer/monitor combination it can be read only with polarized glasses?

Here's one for the experts
This question came about because I loaded a file from a Kingston secure USB drive and found that I was able to carry on editing the file with the drive removed

Well yes, you would. You're working on the copy "in memory" (to keep it simple) and it doesn't matter that the source USB stick is no longer there. But when you come to save the file it will give you an error message saying something like "can't access the drive; do you want to save it somewhere else?". If you say "no" and close the file then it will be gone forever*.

PDR

* This definition of "gone forever" means that there will be a temporary journal file in the windows temporary file area which someone who knows what they are doing MIGHT be able to extract some of the file from if they get to it from an account with admin permissions before the OS overwrites it, but they won't be able to open the file from (say) Word's recent file list.

It's the 'gone forever' bit that concerns me. So once the file is saved back to the USB stick and closed would it be posssible to use (say) Recuva to resore it? Assuming the recovery attempt is immediate and the OS hasn't overwrit it.

If you're still around having saved the file to stick, then remove the stick without closing the file, then delete every morsel of the file (inc embedded graphics etc. if appropriate) and then save the empty file.
They can't touch yer for it.

@tone,

Where you plug a usb stick into a host computer and then use software on that computer there is a high probability that some fragment of the data will be copied onto the host and remain there in a recoverable form (admittedly, requiring some tools, but they are so easily available online that that is not an issue to any third party).

The key questions is:

If the file is so sensitive - should you be plugging into an uncontrolled host?

If they answer to that is yes that you need to work on it on a third party system then perhaps a better approach is to create a live linux usb with its own persistent storage so that you do not use any software on the host. That is certainly possible with Kali linux (I haven't used it myself so this is not a recommendation just a statement of the possible):

http://www.youtube.com/watch?v=cBQzBhgx-Lk

If you are even more paranoid you could use tails which is a live cd for use with the TOR system:

https://tails.boum.org/

Although that may well attract the attention of black vectra drivers.

EG