Also note that if you receive multiple transactions at an address, and then only spend some of the outputs, the remaining outputs will be left at an address for which the public key is known. Furthermore, if the wallet you are using does not use an unknown value for generating the signature then the remaining outputs become vulnerable.
I suppose what im still not understanding is this part about the remaining outputs would be left at address where the public key would be known. Why would it be known? This change address for the remaining outputs would be a receive only address.Ok never mind, I think I get it. You mean the other part of the money NOT in the change address.