I love it when journalists are forced to cover low level technical details in order to explain something important:<p><i>Aleynikov claims to have created a tarball - a Unix aggregate of a number of files (like a .zip file) [...]. He says he encrypted the files, then erased the encryption software, the tarball and the bash history — which is basically a back up of the Unix commands used to amalgamate and transfer the files. Goldman’s security server, however, apparently prevents or at least alerts the company to bash deletions</i><p>You can just picture the author carefully writing down someone's explanation of what the .bash_history file is, and their source's frustration with their inability to grok a totally obvious idea. "... so it's like a backup, right?". "No! Well, sorta. But that's not what it's for."<p>On the other hand, the monitoring for deletions of .bash_history seems like a niftily paranoid idea/. I know I'd never expect the IT department of a financial services company to have thought that far ahead, or even to know how command histories persist across shells.