This is a crazy idea but we need some form of unique physical form of ID or way of signing your private keys - say retina scan.
Well every "average joe" that I know has a retina scanner!
All you need for a practically foolproof secure wallet is a computer that never touches the internet and a little effort on the users part.
A savings account that can be accessed if needed. Like buying a safe or renting a safe deposit box.
Put fewer Bitcoins on a spending account that is less secure. Like carrying cash around daily.
If bitcoin becomes the future currency of the world you can bet retina scanners will become more common. That and you'll see a lot more people with eye patches. Ok, I am just joking around.
I face a dillemma here. How do I get the bitcoin client into a non internet connected machine? This is assuming that you can never 100% trust the computer you're using to download the client. Along each step in the process of securing your bitcoins there is a small but every so slightly possible risk. Heck the client itself could be compromised. A hacker could break into the sourceforge servers and cleverly attach a payload into the official client. Guess how many people would not notice until it was too late.
I think the safest and most paranoid idea I've head so far is to physically print your private keys. I am even tempted to print them on a freaking gold plate!
What I thought of is an actual bitcoin wallet device. It would run a minimalistic version of the bitcoin client in firmware (naturally encrypted and password protected). All inputs would be via touch screen via the use of one of those secure keyboard apps. This device could be connected to the internet but only via a physical connection. And further it could only connect to the bitcoin network and have no other tcp/ip capabilities. The device should also be physically hardened. Also a "wallet backup" feature should be available and a simple usb port should be there as well.