The main point is having your keys secure from theft and loss.
No wallet software can keep your coins safe if it has to store your keys in the same machine you use for your internet activities. You have to use either an air-gapped machine (also called offline or cold storage) or multi-signature.
Then there's also the issue about trusting what you have downloaded. Even if you run the software in an offline machine, if it's meant to steal your coins it certainly can do it. Do you trust Electrum's developers or whoever reviewed the code? What about the maintainer of the website (or Github)? Did you use SSL? Did you check the signature? Did you get the signature from a different and secure channel?
For now I'm trusting Armory, but I'm planning to move to multi-signature once I have time, and maybe use three different wallets to create the keys.
Losing the keys is a separate issue. You have to think about different scenarios like disk failure, data decay, a fire in your house, your friend dying and their family not letting you recover his part of your n-of-m backup, police raid, etc.
Electrum has an airgapped mode, where you sign the transaction and then transfer the signature to the client. I'd like a feature where the airgapped computer displays a QR code and you just scan it, it would be very handy.
About misplacing the keys, Electrum has deterministic wallets, so you can just print the key and store it somewhere (or remember the ten words it gives you), and your wallet is never lost.
It seems to be good and they are very active. They also support tipping.
But I'm not sure if I like their 2-of-2 scheme. I would rather have a 2-of-3 one. Maybe I should re-read their paper.
Another thing that bothers me is that it's not very safe by default. The only way to be safe is if you use a (reviewed) plugin and you don't let it update automatically. Because if you use Javascript instead, they can take your key whenever they want. Imagine if the FBI seized their servers and injected Javascript malware like they did with Tormail.
2of2 with time locked transactions means you can prevent double spend and thus allow instant confirmation.
the android app doesn't update by default and the chrome app doesn't update if installed from github but otherwise you are right although the web client remains useful for watch only mode (no keys) or for small amount
these two local and open source wallet clients also verify data before signing against the electrum network.
we are also working on our api, plugins for popular open source wallets (including hardware) and a full Java desktop client using bitcoinj.
we also worked hard to make all user transactions non correlatable to users or us (instant confirmation is out of band) and are working on a bunch of interesting things on top of it
Hint: It was https://electrum.org/. It's amazing.