I write ecommerce systems for a living, and would have to suggest that the security of either method of getting your cc details to a supplier ranges for ludicrously insecure to relatively secure. No payment method is 100% secure and it's just as eay to get fleeced offline as it is online. There is also a great deal of disparity in the levels of security in either order delivery mechanism.

you need to realise that most security problems for companies come from the inside
Quite so.

Most people are now aware however that plain text emailing of credit card info or entering info into sites without encryption is just plain stupid. But what a lot of people don't realise is that when your suppliers site is third party managed that the information you gave has to be re-transmitted to that supplier - often via plain text email.

Using a CC on the internet is the same as everything else in life......do it in ignorance and it could be a problem. Do it wisely and you should be OK.

Personal choice? All things being equal (ssl is ok, box looks owned by supplier, ripe details check out ok) I would probably go with the net as the more secure means of delivery of the information - but most fraudulent acts occur at the suplier - post delivery - anyway and quite regardless of the delivery mechanism.