I would change it so vital parts of the protocol can be preformed with out a connection to the internet, and only encrypted blocks of cipher text / already signed data would need to touch the internet. People could decrypt and verify signatures on a different machine with no connection to the internet, and the data to try to hash also transferred this way and then coins mined for and stored completely offline prior to a signed/ciphertext transfer of value. This would prevent hackers from being able to attack the network with buffer overflows and similar, root all of the clients and destroy the value of Bitcoin. This could be done either with flaws in the programming of the bitcoin client used, or flaws in the programming of other applications used in a shared environment. I doubt many Bitcoin users are taking security measures capable of defending from intelligence agency / military / super l33t hackers in general and such an attacker could likely take over the network. By removing critical processes from the internet entirely and having only secured/signed/encrypted data online, you can completely remove the risk of hackers 100%. This is the only way to remove such risk 100% as well, but most users are not even securing themselves near as well as they could be while connected to the internet, and the technical expertise required to do this is significantly beyond that of the average computer user.

I should also add that data should be transferred between the internet connected machine and the disconnected machine via CD which is discarded, so an attacker can not use the CD as a compromise vector to communicate data from the disconnected machine to the connected machine and then back to the attacker. Also, at least one back up of the drive of the disconnected drive should be made periodically, incase a compromise attempts to wipe the drive rather than steal the wallet