When I close it down, it leaves these 3 exe files running:
Now that might be fine in standard mode, but when I am using it in portable mode, Kleopatra should NOT leave these running. Kleopatra is basically the main interface for using all the features in GPG4Win. If a person is using it in portable mode (having previously run the command "mkportable --full F:", where F is the drive letter for the USB drive) , then it’s obvious that the USB portable verision of the program is probably being used outside the person’s main PC (such as using a library’s PC, where they can be somewhat anonymous in the crowd at large). And if the person using Kleopatra from the USB drive shuts down Kleopatra, but forgets to stop these extra background processes using Task Manager, then they will continue running. This is a security flaw, as those processes will give away clues to investigators that a person was using that library’s computer to send secret messages, thus compromising the security that is supposedly brought about by the use of GPG4Win. They will look at the list of running processes on that computer and say “ok, so the person we are tracking has used this PC to send or receive encrypted messages, this will really help our investigation”. That’s BAD NEWS for whoever was using GPG4Win on that PC.
Basically these background processes should ONLY be allowed to continue running when Kleopatra was started from an INSTALLED copy of GPG4win. If Kleopatra was started from a PORTABLE copy of GPG4win though, any background processes associated with it should IMMEDIATELY terminate, as soon as you shut down the Kleopatra program. I hope there’s a way to configure it to do this, but I’ve been looking in Kleopatra’s settings menus and have yet to find a way. So more than likely this is a feature that has yet to be implemented. However it is EXTREMELY important, so here’s a request to the dev team for GPG4Win, PLEASE get around to adding this feature in the next version of GPG4Win that you release.
So does nobody have a solution to this problem?
You have omitted dirmngr.exe, which is the fundamental service running GPG. But in any case, I don’t think that the issue you raise is important for everyday usage. It’s hardly likely that anyone is going to notice that these services have been left running in normal circumstances, such as on a library computer. Normally, as you say, you can stop them using Task Manager/services.msc, althought you may not have the necessary administrative access on a public computer; in that case, you could just switch it off, wait a couple of minutes to allow the system voltage to drop and the RAM to lose its stored data, and then switch it on again. The problem is that even then, there may be traces of activity left in various temporary files and the page file.
So, if your threat model is sufficiently severe that you need to consider the possibility of forensic computer investigation, you shouldn’t be running GPG4win on an unsecured computer anyway. In that situation you need Tails (http://tails.boum.org/), which runs purely in RAM and erases all traces of itself from the host computer at the end of the session. You need to download it, burn it to a CD/DVD, and either run it from the CD or use the CD to install it on a USB flash drive. In the latter case you can set it up to have encrypted persistent storage for any files you produce or download; that is not possible using a CD.
The GPG4win developers have limited time and resources; I would think they have better things to do than spend them on a partial solution to a security threat that has already been thoroughly covered by the Tails team.
thanks to J M for this answer, I think it explains why shutting down the processes
is not high on our product backlog list.
Tails is a completely separate project though. It has nothing to do with RSA asymmetric (public/private key pair) encryption though. From what I remember reading in the past, it is a secure operating system, that is intended to allow you to boot your computer without leaving any traces, because it doesn’t write anything to a drive without asking the user for permission (as Windows often does). However, it is not part of the GPG4Win project, and therefore has nothing to do with being a replacement GUI for Kleopatra.
I don’t think that GPG4Win or Kleopatra uses any temporary files or the Windows pagingfile. That would seem like a major security flaw if it did.