I am trying to comprehend why in the Open Source community there is this prevalent attitude that if a security measure is not 100% foolproof then it is not worth the trouble to implement it. It is often further asserted that implementing these partial measures would be counter productive because doing so would give the average user a false sense of security leading to careless behavior in other areas.
The solution these people propose typically run along the lines of: "Secure your outer (Linux) shell!! You don't have to worry about anything else! You can now leave plain text sensitive data lying around your file system because Linux is inherently safe!"
Well, OK, not to that extent but you get the idea ....
Anyway, is it really that difficult to add an optional on-the-fly encryption to the standard client, with the keys stored in a removable smart card (or even USB stick for that matter)? No smart card inserted, no decryption. It should be possible to keep the client running accepting block information without the smart card inserted. The keys should also be based on a password, effectively giving you 2-factor authentication (password and physical device). This is not really complicated and should considerably reduce the attack surface.