Well I have no other machine where I can create a cold storage. So I created my wallet on that machine where I use Internet. Is this risky?
It can be if you don't take adequate precautions... Encrypt wallet using strong password, don't visit "dodgy" websites, keep antivirus/antimalware up to date, run regular scans...
You can create "offline" storage using a single computer and two USB thumb drives... You use one thumb drive to install a linux distro like "Tails" or "BitKey", disable all networking within the distro and create a wallet there using persistent storage. You then create the watching wallet on your "normal" OS.
When you want to send coins, create unsigned transaction using watching wallet. Put unsigned transaction on 2nd thumb drive. Boot off thumb drive with the Linux distro ànd wallet with private keys. Sign transaction on 2nd thumb drive. Reboot to normal OS and broadcast signed transaction.
It isn't quite as secure as a properly airgapped machine, but is pretty close... and it will remove a lot of the possible attack vectors compared with having just a hot wallet on an online PC.
If you have enough Bitcoins that this is a real security concern, spend the 0.05 btc and buy a hardware wallet!
If any third party controls a multisig for an address when the address should be solely yours, you are at risk. An example would be Bitfinex.
That isn't really a fair comparison... The flaw in the Bitfinex system was that there was no 2FA involved, it was purely multisig where 1 signer just auto signed any transaction sent to it... Effectively rendering it useless as theft prevention if the thief had just 1 MultiSig key.
With TrustedCoin, because it is a 2FA system, even if the attacker compromised your multiSig key, they'd still need to have compromised your 2FA code as well, as TrustedCoin won't sign without your 2FA code.