Imagine.
You decide, for whatever reason, to write a particularly sensitive document including secrets about your company or government department.
In the middle of typing this document, however, you are sprung: special agents storm into your office while you are typing, drag you away from your computer and take it for forensic analysis.
Just before they pull you away, however, you have the presence of mind to close down your word processor. You never saved the document, so your damning words were never stored permanently on the hard disk. You had previously taken the precaution of disabling the auto-save feature as well. You’re safe.
At least, that’s what you thought.
A few weeks later you’re indicted, based partly on evidence including “documents retrieved from the defendant’s computer”. How is this possible? The document never existed except as patterns of charge in volatile memory – which was fine because memory is volatile, right?
There is a little used setting in windows that will clear the pagefile before a shutdown. I had to set it up a few years ago when working at a RAAF site. It’s not well known that everything a user runs in windows first exists in the pagefile…