Comment by greg7mdp
4 months ago
What you should do is sign the transaction on an offline computer (which is booted from a linux OS on a flash drive with only the essential software), simulate the transaction to verify it does what you expect, and then save the signed transaction to a flash drive. Then you can submit your transaction on a connected computer with confidence that you didn't sign your tokens away to someone else.
But flashdrives can be tampered with. What about a live cd / dvd / bluray? You would need to compromise the BIOS / UEFI to affect the OS.
(No, I won't suggest carrying the BIOS chip around)