was completely unaware that a private key gives away the public address
That is not a feature of public key cryptography in general, but a feature of elliptic keys specifically. Elliptic keys have some remarkable properties, some of which might be considered negative side effects depending on your requirements, but one of the best features is their compact size to strength.
the key is not just a key in real life terms it's also full access to the safe where the valuables are stored so perhaps key is a confusing term - it's basically open sesame to the vault
You could think of the private elliptic key as a master locking and unlocking key, while the public keys are locking only. But analogies aside, if you plan to play with the private keys, it's best to just know that the public key is easily obtained from the private key. Maybe you could imagine the private key contains the public key.
EDIT: Actually, come to think of it, while the discussion has been poetically correct thus far, I think the analogies should shift gears. We're really not 'locking' anything (well...), we're really 'signing'. It's based on the same technologies, with a few simple intermediate steps, but the analogies require some re-work.
if you send some Btc out from [from an address in a local wallet] the rest [change] don't just sit there but do some relocation which means you may end up loosing them unless you have [backed up your keys frequently]
I have certain philosophical issues with the local reference 'Satoshi' client, but rest assured you are already well ahead of the learning curve. The Satoshi client doesn't really let you do very much. It doesn't expose the guts of cryptography, so you're not likely to learn how bitcoin works by using the client, but on the other hand, you can't screw up too badly. I don't think much if any user testing has been performed, so the default user experience is something akin to a straight jacket.
When you send bitcoins, the client will collect one or more addresses that contain coins and send the total to one or two addresses. If the total coins in the set of sending addresses is exactly equal to the number of coins you want to send, then voila the total is sent to your destination. However, if the total sending coins is larger, the difference (spare change) is sent to a new address in your local wallet. If you did not have any spare addresses, the address, public, and private keys will be generated automatically.
This is supposed to increase security/anonymity, but I agree, all it really manages to do is confuse new users and increases the possibility of loss. On the bright side, your wallet generally always has a buffer pool of 100 extra pre-generated addresses. So, if you backed up last week and you have not made 100 transactions in the meantime, then your backup from last week is still good. If on the other hand, you sent 102 transactions since your last backup and your harddrive catches on fire and falls into a soup of acid, you'll likely lose the entirety of the change of your last few transactions.
There are some working experiments with a 'deterministic wallet', which can generate an infinite series of private keys from a single seed. I understand this works well, with different, but respected security implications. I expect we'll see smaller, safer, deterministic wallets in the near future. In the mean time, back up often. But I don't think you should be worried about using the Satoshi client. Your questions indicate that you're more advanced than the average user.
