Looks like the two approaches are completely different.
One doesn't require the user to have to buy/build any specialized hardware. The other doesn't require the user to rely on an external service.
The bitcoin world is big enough for both approaches to make sense at different times or to different people.
And I must say that after looking into actually implementing ECDSA on tiny hardware, I'm really, really warming to Gavin's idea.
But there is no approach in which you only need an external service and no external device. If the root-kit has control of your computer, you can't trust anything on the computer, not even an https connection to a trusted server. How will you confirm the transaction? Or is the root-kit confirming it for you? Or are you confirming it, but to the wrong address?
I think the idea of an external device is a good one, since it's much easier to secure than your home computer. You don't have to implement ECDSA on tiny hardware, there are already smartcards available with this capability.