Don't just disable the networking, break or remove the adapter. Then you have a machine that can only be interfaced with through the USB or other ports.
But how do you actually do that? You need to do it physically?
Yes. Removing all network adapter physically gives you a 100% guarantee that your offline machine won't communicate with any other device in its proximity.
Note that being 100% secured against an attack vector can almost never be reached.
This is one of the few cases where it is possible to absolutely secure yourself against an attack vector.
I've been using an offline wallet to sign for a while, but I just disabled network adapters. I figured it was kinda bullshit, but the reality is that the risk is already pretty low. The offline machine was formatted clean and never connected to the internet. It seems to me that in either case (networking disabled vs. actually removed) the thumb drive you use for transporting raw transactions is a required attack vector.
Let's say Windows forces a shutdown/update and re-enables network adapters. What then? Some malware from the thumb drive keylogs my wallet password, swipes my private keys and......but there's no unprotected network to connect to. I'm not crazy for thinking the risk is low here am I? If there's malware sophisticated enough to do the above, then copy itself to the thumb drive and push the data from the online computer, then it seems like a PC with network adapter removed is prone to the same attack.
You are right, the risks are very low. But it still exists.
It all depends on how much you want your storage to be secured against which attack vectors.
And you are also right with the USB drive being the attack vector which would probably be the first one abused.
And it is indeed independent from your network adapters.
But there are other possibilities to transfer your unsigned TX to your offline machine and move your signed TX to your online pc.
The simpliest would probably be witht he help of two webcams:
- Create unsigned TX on online pc
- Display QR code of this TX
- Scan the QR code with webcam connected to your offline machine
- Sign the TX
- Display the QR code of the signed TX
- Scan this QR code with your webcam connected to your online PC
- Broadcast transaction
Note that to be on the safe side, you should NOT connect your webcam to an online PC after connecting it to your offline storage.
This attack vector (flashing webcam firmware with malicious version) is pretty unlikely.. but it also does exist.