Clarify that secure deletion isn't the first line of defense for the persistent volume
Originally created by @zooko on #6974 (Redmine)
Here’s a suggested patch:
diff --git a/wiki/src/doc/first_steps/persistence/warnings.mdwn b/wiki/src/doc/first_steps/persistence/warnings.mdwn
index bca2eca..6b8829b 100644
--- a/wiki/src/doc/first_steps/persistence/warnings.mdwn
+++ b/wiki/src/doc/first_steps/persistence/warnings.mdwn
@@ -11,7 +11,13 @@ Storing sensitive documents
the device can know that there is a persistent volume on it. Take into consideration
that you can be forced or tricked to give out its passphrase.
-Note also that **secure deletion does not work as expected on USB sticks.**<br/>
+Note also that **secure deletion does not work as expected on USB
+sticks.**<br/> Nothing but ciphertext (encrypted by your passphrase) is ever
+stored on the persistent volume, so the first line of defense is to ensure
+that the attacker can't guess or learn your passphrase. However, a second
+line of defense is to delete the ciphertext, and that turns out to be harder
+to do than we would like.
+
[[See the corresponding documentation.|encryption_and_privacy/secure_deletion#usb_and_ssd]]
Read also how to [[delete the persistent volume|delete]].
velope suggested on IRC that instead mention of secure deletion could be removed from this page entirely. That sounds potentially even better to me than the above clarification.