Man I dunno. This sounds right and all, but after years of seeing security issues that don't seem to have anything to do with unnecessary attack surface, I have to say that this just seems unrealistic to me. The problem is that no software runs on a machine without an internet connection, and you can't control the attack surface of other software on the machine.