Untill armory is updated to a malicious version, Dunndunn Dunnnn.
Lol. But now, who out there feels that default bitcoin encrypted wallets are at risk?  Surely this security "time to update" revolves mostly around things like webaccounts like our OTC names, or mt.gox accounts

Its how hacking works!, Aim for the weakest target, Then the next, And so on untill its too hard to hack.
Holliday has a point tho, I may want to setup an offline wallet... Think my flashdrive is good enough?

Folks, for real bitcoin security, offline computers and lots of backups of wallet.dat are not good enough. You need to go back to the basics. Paper copies of matched public and private keys.

1. go to bitaddress.org
2. under the Paper Wallet tab, generate and print a page w/ 10 sets of keys
3. transfer the bulk of your holdings to the public key addresses, divided 10% to each key
4. set up an account on blockchain.info
5. import the public keys as watch-only keys. Now you keep your eye on the BTC but no-one can touch it
6. make a few copies of your address list. secure at least one copy in your home safe, safety deposit box, etc. I've got a copy behind a family photo in my office... not a compelling target for a thief.
7. send a copy of the address list to your parents or a friend you can trust to store with their valuables.

If you need to spend some of those coins, import one of the private keys into bitcoind or blockchain.info (or mtgox, or wherever) and spend away.

If you collect some new coins you want to protect, send them to the public addresses on your list for safekeeping.

Government is the largest security risk to Bitcoin. If some government shuts down Mt. Gox, for example, the value of BTC will evaporate overnight.

Keylogger is single biggest side channel attack hard to totoally avoid, it is time for bitcoin client utilize two factor authentication, and the second factor should be one time password, (based on time like RSA token or Google authenticator.

Also, I hope linux sshd could begin to use two-factor login as well.

It already exists, it's called multisig, it's just not very user-friendly yet.

I'm surprised by how few people advocate for the offline (i.e., air-gapped) brainwallet. *shrugs* Each to his own I guess.

My solution only use GNU/Linux for Bitcoin and do not use Microsoft Windows. By the way while you only are at it only use GNU/Linux for online banking, PayPal, online credit card purchases etc.

Seriously Windows malware does not know what to do when it encounters the GNU and the Penguin.

Good point. I would add that logging into my GNU/Linux server(s) over ssh as something I would not wish to do from Microsoft Windows especially when a significant portion of one's livelihood is dependent on the server(s) not being compromised.

No, that one exchange is not what's pushing most of $200M worth of stored value.