Offline Transaction vs hardware wallet, which is safest?

[Pmalek]

Hardware wallets are designed to be easy to use and safe. You won't make a mistake using a hardware wallet. You will be fine.

But OP should still be careful. A hardware wallet won't warn you when you are about to make a serious mistake like sending funds to the wrong address, if you have a clipboard malware, if you are overpaying on the network fees, or making a mistake on the amounts being transacted. Doublecheck and then triplecheck if you are not sure.

this is, in my opinion, the most proven method and the safest than all the others.

I am a hardware wallet user myself, but I wouldn't claim that a hardware wallet is safer or provides a higher level of security than a properly configured airgapped computer. it's certainly easier to use and more user-friendly. 

Hardware wallet is secure and easy too use, but has some vulnerability and database hack.

The database hack doesn't affect the security of your funds and private keys. It affects the privacy of those whose data got leaked though. In terms of vulnerabilities, what exactly do you mean? Trezor has an unfixable problem that could result in your seed being extracted. But that can be mitigated with a strong passphrase or a unique code saved on a SD card. Ledger has certain closed-source elements in its code related to the Secure Element. Although an issue, I wouldn't call it a vulnerability.   

[HCP]

... but would like to focus your attention on ^{ransom a.ttack}  that could be possible in the case your  PC (to which Trezor were connected ) were compromised.

Is this even still a thing? I thought that Trezor patched that vulnerability after it was initially announced?

refer release notes from Sept 2020: https://blog.trezor.io/firmware-updates-for-trezor-model-t-version-2-3-3-and-trezor-model-one-version-1-9-3-c94f7a3b6fea

[20kevin20]

It depends if privacy is part of your definition of security or not. Airgapped is good if you want to broadcast txs through an amnesic Tor-enabled system like Tails. Sign the transaction on your airgapped PC, put it on a stick (or even better: use a webcam and only scan the signed transaction QR code), broadcast it on Tails and shut it down. Done - everything is now erased as if your tx never happened.

Hardware wallets are just more convenient. Plug it in and it's ready to go.

For me, the reason I prefer airgapped is because you can use an airgapped PC without ever connecting it to the online one and safely broadcast txs without ever interacting with each other. If I use 3 devices (airgapped for signing, offline phone for QR code scanning and online for broadcasting) chances of infecting the airgapped PC are close to zero. And by using an offline phone to scan QR codes, what you're doing is making sure the code does not contain anything malicious.

Moreover, you can download, install and use on an airgapped PC only what you like and want. If you want a free as in freedom OS with fully open-source apps like Bitcoin Core, you can easily do that. With HWs, it's harder.

For example, Ledger requires Ledger Live (or ledgerctl, which I never got fully functional without proprietary stuff or exchange of information through various servers) to install and uninstall apps. That sucks for me because although I can use BTC with Wasabi for example, I first have to go through Ledger Live to install the BTC app on my hardware wallet. And Ledger Live communicates with various servers again.. and so on. Airgapped is 100% offline at all times. If you want to check the balance of an address, you can boot Tails on a separate online PC, open up Electrum and check the balance of a single address. Now the nodes don't know what other balances you possibly own.

Security flaws are present in all devices, be it airgapped PCs or hardware wallets. The only thing is, airgapped PCs are more obvious than hardware wallets are due to their sizes. It truly depends on what you're looking for.