Ah ok, I understand now. Well, yes, technically in this case the second file is safe against this kind of attack. However, it would still be safe even if you had not placed that file inside the AES container. Of course, placing the second file inside of a mountable container is probably safer, however it does not add any protection against this particular type of attack that we are discussing. And remember: if the second file is decrypted (when you are using the data), even though there will be no key in memory, the data is still decrypted; anyone with access to the computer will be able to see it, without any keys. So you still need to make sure this data is only decrypted while you are using the files, and encrypt them again before leaving your computer unattended. So it's exactly the same outcome. I will take a look at that link.