Does including the key in the file itself reduce the security of the encrypted file?<BR><BR>2. Add a known sequence to the start of the file -- like "Hello World".

Chances are that Microsoft automatically encrypted your PC during setup. But don’t worry—that key should be safely stored. Here’s where to find it.

You could put the ZFS key in an encrypted .gpg file on the boot drive, then decrypt it only when loading ZFS and never to any persistent storage.

The problem is that the encryption key is stored on the machine in a local plain text file. Any malware able to read unencrypted local files could obtain the key, and therefore decrypt the messages.

Dropbox is bringing end-to-end encryption to its file storage service, through acquiring "key assets" from cloud security company Boxcryptor.