You should have no expectation of privacy when using a computer of which you aren't the sole administrator. Never do any personal business on a public machine. Carry your own laptop or smart phone around.

For your own system, to be as secure as you can be from physical attack you have to use either whole-disk encryption or some sort of tripwire, with the ability to boot from a separate storage device such as a USB key to verify that the state of the device hasn't changed unexpectedly. Before PGP whole-disk encryption was available, I used mtree for this purpose, but it was awkward. Even PGP isn't completely safe, because of the Evil Maid attack (replacing the bootloader with a trojan.)

The real issue is not to defeat any possible attack, but to defeat the easy attacks. Hardware keyloggers are as easy as it gets, and not very easy to beat.

but every time I've tried disk encryption I've ended up losing my data to disk corruption or some such thing.

physical security is important. i think the next step is to be careful what you write into a computer which ever touches the Internet or leaves home.

thanks for sharing your experiences though.