"No one should keep their coins in any wallet except their own"
That's just not going to fly if Bitcoin becomes mainstream. There's too much dogmatism around this in the Bitcoin community. Sometimes a hosted wallet is the right solution for a particular user.
It's not about whether it's going to fly. It's certifiably insane to trust your coins to any third party unless you either have multisig control to prevent those coins from leaving, or they have insurance to replace your coins. Do not ever trust anyone, or you'll lose your money like I did. They won't replace it unless they're legally obligated to replace it (insurance) or they're technically incapable of losing it (multisig).
Anything else is magical thinking at its most dangerous, since it can ruin lives.
This is a religious view speaking. More bitcoin has probably been lost due to people thinking they should handle it themselves, and doing it wrong, than has been lost to all the big hacks including Mt. Gox. A survey from a while ago reflects this likeliness: http://www.reddit.com/r/Bitcoin/comments/2bjefu/results_of_a...
I didn't say everyone should manage their own bitcoin. I said people should manage it themselves if they have the technical ability to do so. For everyone else, stick with banks. If you're borderline unsure whether you can store your coins in an encrypted wallet and make regular backups and not lose those backups, then keep your money in an FDIC-insured bank.
But sticking your coins into a webwallet like Coinbase without multisig control is a recipe for unmitigated personal disaster. A mental exercise is useful: "I've lost all my money." How would that affect your life?
I strongly disagree with anyone who would push the view that it's okay to sweep the issues under the rug in the name of making Bitcoin more popular. Putting people's fortunes at risk is almost equivalent to putting their lives at risk, because your quality of life is directly proportional to your fortune.
If Bitcoin sounds risky, that's because it is. No amount of regulated exchanges will change that. What will change it is giving consumers multisig control over their coins, or insuring against a total loss of all coins including cold storage.
There's literally no other option. One of those two things must happen, or you must not use the services. Or if you do use them, don't put in more than a quarter of what you're comfortable with losing. If that's $100, then never deposit more than $25 in BTC.
Remember, Bitstamp just lost $5 million USD to hackers, or half their most recent investment round. It's unknown whether they're currently insolvent. Everyone thinks they might have enough money to cover the losses, but nobody knows for sure. They could currently be a fractional reserve.
So Mt. Gox wasn't a one-off. Nobody is safe from hackers, technical issues, or even rogue employees that want to become millionaires. Due to the untraceable nature of Bitcoin, all exchanges and webwallets are extremely attractive targets.
The problem is that people who think they have the technical ability to do it right is astronomically higher than reality, not because people overestimate themselves, but because they underestimate the difficulty of "rolling your own bitcoin storage." I mean, you can make these arguments, but the history proves that so far centralized storage has been safer than self storage, on average.
Further, Coinbase does give users access to their private keys with the multisig vault, so one of your two criteria has already been met.
Are most Coinbase users using multisig? Since it's not the default, I'm pretty sure the answer is no. So unless multisig is the default at their new exchange, all of those people are at risk. Few are helped by multisig if few people use it.
Since Coinbase has a large cold storage reserve, and since multisig-protected coins can't be put into cold storage, the answer is pretty clear: Coinbase protects few people.
It's a false dichotomy that coins must be stored in a personal wallet that users mess up, or a webwallet that exchanges mess up. There's a third option: Convert those coins back into USD and stick it in a bank. As long as you're storing less than $500,000, you're guaranteed to have it.
Anything else is pure greed. As someone who has been burned by greed, my misfortune stands as a warning to others: please don't make my mistakes.
The reason I lost coins is because I was tempted by Mt. Gox. Their 2FA auth made it seem very unlikely that my coins could go anywhere, just like Coinbase. If I'd researched Mt. Gox, I would have discovered a history of technical problems. Yet if you research Coinbase right now, you'll discover they've had a history of those too. There have been at least two or three high-profile Coinbase incidents over the years which were featured on HN. And if you research Bitstamp, you'll see they just lost $5 million.
The common denominator is that exchanges and webwallets aren't trustworthy.
Bitcoin arguably cannot become mainstream without secure hosted wallets. Most people won't use Bitcoins until wallets start looking like debit cards, with authenticated access, insurance, and so on. Even so, prudent investors will keep large balances in offline wallets, securely encrypted and backed up.
In my experience, it's simplest to use multiple offline wallets, each in its own VM. To start using a wallet, one merely copies its VM to an online host, and appropriately configures network access for the VM.
Trezor uses BIP-32 hierarchical deterministic wallets, BIP-39 mnemonic seeds, an open communication protocol, and entirely open source software and hardware (firmware and schematics, no PCB). If you have concerns about the RNG you can import BIP-32/39 wallets from elsewhere. It also now supports multisig.
I'm not really sure what storing entire VMs as "wallets" gets you. VMs don't protect the guest VM from a compromised host OS, so at best you're protecting the host (and therefore other guests) from a compromised wallet VM. But then why not spin up a fresh VM and type in the wallet's mnemonic seed? I suppose you could argue it protects against unsophisticated attacks like malware on the host OS looking for "wallet.dat", but that's about it.
With hardware wallets, assuming the firmware is bug-free (which is difficult, but easier on a simple embedded device than a PC running millions of lines of code), you could plug it into the most malware infested machine imaginable and still securely send your bitcoins to the intended address (excluding DOS attacks, and assuming you verify the address out of band)
There are a couple ways to use a hardware wallet to manage funds. You could use a single wallet with a single seed and multiple addresses, but if the host AND device are compromised you'd lose all the funds, so ideally you'd split offline funds across a bunch of seeds that are either stored in individual Trezors, or on paper to be entered into a Trezor when they need to be transferred.
Multisig adds another strong layer of protection, and would be wise especially in organizations where you don't want to trust funds to individuals.
I'm committed to freedom and requisite privacy. Bitcoins interest me primarily because they can (with some effort) be used anonymously. I advocate the compartmentalization of activity among multiple online identities. Each identity has dedicated VMs, and each VM reaches the Internet through some nested chain of VPNs, JonDonym and Tor. Consequently, Bitcoins end up in multiple VMs. Some VMs are associated with particular identities. Others are as anonymous as fresh Whonix instances can make them. I could transfer wallet credentials between VMs, but that would take about as much time as moving VMs around.
Anyway, that's what using VMs as wallet holders gets me.
My host machines all run Linux with dm-crypt/LUKS, and I have good physical security. If I were on the road, I'd buy a notebook for cash from some random shop, and boot Tails.
If I had to, I could operate without local storage, using information that I had encrypted and archived online. But a Trezor, even fresh and charged with recovered wallet credentials, could be found and taken.
That's just not going to fly if Bitcoin becomes mainstream. There's too much dogmatism around this in the Bitcoin community. Sometimes a hosted wallet is the right solution for a particular user.