I guess I don't really understand the huge appeal of the paper backups. Part of the appeal of bitcoin to me is that it's, well, digital.
My Armory security scheme: I manually copied my private keys onto my flash drive. I don't have a cold storage computer, but I can always move them back when I want to spend them. It's unencrypted...for now, but when I start actually using bitcoin seriously, I plan on GPG encrypting the private keys just to be sure.
So, is there any real advantage from a wallet security standpoint of this kind of setup over a paper backup? It seems to me that my only risk with this system is that my flash drive gets corrupted and I lose the private keys. Assuming that doesn't happens, the only way I'd lose my bitcoins is if I happen to have a virus on my computer that is somehow smart enough to wait for me to move my private keys back on to my computer and then spend them before I get a chance to do so myself. Not too likely, in my opinion.
Unfortunately, it's very likely. Malware doesn't just get onto your system and leave. It sits there and does its things. One of those things could be checking for wallet files periodically. Or maybe whenever any Bitcoin software is started. Just because the wallet isn't there when the first malware was acquired, doesn't mean that it will just leave in frustration and never come back again. It's very easy for it to look for wallet files every time removable media is inserted, etc.
And that doesn't take into account the fact that the malware may not even be looking for wallet files, because they're encrypted anyway and it can't do anything with it. It just waits for you to open Armory and unlock your wallet, then it pulls your private keys out of RAM (or pulls your passphrase out of RAM and takes your wallet file with it). In this case, it doesn't matter whether your wallet isn't on the filesystem 99.9% of the time, because the malware doesn't do anything until it detects Bitcoin activity.
The hardware wallets (that don't exist yet), offer superior advantage over a flash drive, because they require a physical keypress, and do not allow download of private wallet data. The signing is done on the device and it only emits signatures, not private keys. The attacker can steal the passphrase, but they can't press the buttons on the device to get it to sign things.
And you assume your USB device will work in a couple years. It might. It probably will. But why even take that chance when paper works 100% of the time. Just about anything that destroys paper will also break your USB key (direct fire, shredding, etc). At least the paper will survive through water, heating below 451 F, and mass bending/stretching/tearing/deformation.
The downsides of unencrypted paper are mostly resolved by the M-of-N stuff I'm going to be releasing soon. Though, the backup system will allow you to save some fragments on paper, some on removeable media. However you prefer it.
