[eric_bullington]

Did you read my original comment? You basically just described a solution that mirrors my own, which was to send x percentage of your balance to an off-site wallet (maximizing x to the extent possible, obviously). I didn't get into how to securely store your coins off-site, since that wasn't the question.

EDIT: BTW, you do realize that Armory is a front-end to bitcoind, right? You still have to run bitcoind for Armory to work.

From their Github page:

"Armory has no independent networking components built in. Instead, it relies on on the Satoshi client to securely connect * to peers, validate blockchain data, and broadcast transactions * for us. Although it was initially planned to cut the umbilical * cord to the Satoshi client and implement independent networking, * it has turned out to be an inconvenience worth having. * Reimplementing all the networking code would be fraught with bugs, * security holes, and possible blockchain forking. The reliance * on Bitcoin-Qt right now is actually making Armory more secure!"

[muyuu]

Yes, that's fine. But the rest of the elements are non-trivial and you left them "as an exercise for the reader". This usually means that the reader will just run the standard client with a full internet connection and get hacked to high hell.

You can have a computer with a firewall and a custom protocol connected to another system, and still get hacked, if you don't put in place the sort of measures Armory uses.

Read carefully what you quoted: "it relies on on the Satoshi client to securely connect * to peers, validate blockchain data, and broadcast transactions * for us" - that is not the actual problem when you have your server rooted. The problem is KEYS. Key generation, and key storage/management. Which no other common solutions that I know do in a way that won't get your arse robbed if the computer storing the wallet is compromised. Which I think is a big deal.