Hi there

Im new to this forum. The continously stream of observation news and possibilites of modern hackers made me rethink about how to handle security on my computer.

1. Separate PC for sensible data
As a first step, I did set up a separate PC. I want to use it for work (I work at home), banking and email. As it is a relatively weak PC (Atom D2700), I am not able to run a Virtual machine on it. So I decided to run Win8. (Dualboot may be an option)

2. IP whitelisting
Secondly, my goal is to only allow known IP's for maximal security. Now the problem is, that IP whitelisting and surfing in the Internet nearly exclude each other. Working with CIDR blocks is also not really satisfying.

3. Sandbox
The question is:
When I set up my firewall (Win8 FW) to block all connections except those from the sandbox (sandboxie), would that be safe? Where can be the security leaks in this case?

I'm really thankfull for any answer. Just ask when you need more information.