I strongly prefer HWW's with anti-exfil. Right now that's only Jade and Bitbox over USB/BLE. QR anti-exfil would be possible but it would need a new standard to be invented with an extra round trip making it annoying to use. I personally trust anti-exfil over USB more than anything else. Stealing from it requires both HWW and host to be exploited which might be harder to pull off.