Bitcoin is unsafe so long as the wallet file system persists.
Perhaps this alternative is suitable?
WALLET: Private key password encryption (AES256), makes the wallet require a password to sign a transaction
Version 0.1.0
planned for mid-january 2011
http://en.bitcoin.it/wiki/QBitcoinThat would be an improvement, but the 'scorched earth' type attack wouldn't care to sign a transaction. However, any methods to hide the wallet.dat data by the client itself would be in the source code, and the attacker would know where to go to destroy that data.