hacker does hack individuals…it’s easier and safer, and they can steal your personal info such as banking account and passwords, otherwise there’ll be no use for inbound protection from firewalls.
What you’re describing there isn’t hackers going after an individual.There isn’t a guy sat there attempting to specifically breach the defences of Krensauce (not unless you’ve popped onto the NSA radar or have a very suspicious wife) 
No the kind of data theft,phishing and pharming you’re on about is a driftnet designed to grab data from anywhere and everywhere,it’s nothing personal.
I have higher expectations of a firewall than you, and a software firewall satisfies me.
I respect (and applaud) your right to have lower expectations when using a hardware firewall ! !
As I stated, the first layer of my defence is
“Assess site reputation before I think of doing a download”.
I consider the Host file, along with your suggestions of WOT, and IP blockers,
to be the negative aspect of a reputation blemished by “recent” malware,
whilst I also look for a sustained reputation of goodness according to experts I trust.
e.g. there were a few hundred Google results for a download of a specific version of a utility,
but MajorGeeks.com was the only one I trusted.
Slight digression, I view Web of Trust as a misnomer, Web of UNtrust is a closer fit.
I disagree. It is NOT closed when it is open. i.e. what WAS closed can become OPEN.
Up to the point before I commenced a download, 100 % of my ports were stealthed (and closed)
Immediately upon requesting the download there was no change to any port as viewed by any IP address other than the site I requested,
BUT that particular site was immediately given by the hardware firewall access to all 65535 ports and any protocol,
but the Comodo Firewall retained closure on 65534, only permitting the correct protocol via the chosen port.
I rate Comodo protection at 99.998% of all ports closed, where Netgear protected 0%.
It is possibly not true for all implementations, but I suspect that for much available protection,
Software protection should maintain closure of the 99.998% ports that should NOT be downloading,
whilst hardware protection is likely to fail on all ports against the site that data is requested from.
I have my doubts about XP,
I believe XP gives no protection against outgoing (e.g. from keyloggers etc),
and grc.com used to express surprise that certain of my ports (no 135 or there-abouts) were closed/stealthed,
though now Windows 7 is amongst us that surprise is no longer evident.
But only whilst it REMAINS free of vulnerabilities.
If the user is not able to access what he wants until he allows a codec etc to be installed,
he may with that allow on-board malware that can do bad stuff,
including the adding of a vulnerability to your port no. 12345,
and perhaps that could give additional opportunities for bad stuff.
Incidentally, Windows 7 may be more secure than Vista, but it might have a shorter lifespan.
I read yesterday of a leak that suggests Windows 8 is due next year ! ! !
see Windows 8 to be released in 2011? | dotTech
Perhaps a Firewall may be less important with alternative protection technologies,
but I would not be comfortable if I was dependant upon a single layer of protection that a hacker could penetrate tomorrow.
I have always designed on the basis of not allowing a single point of failure to cause disaster.
I always succeeded in my career with fire/intruder detection alarm systems for Nuclear Power stations etc.
I guess I am doomed to a never-ending struggle with Windows ! !
Regards
Alan
is it safe to block all outgoing conexns? how do i do it?
So is this problem addressed by using the proactive configuration? Mind you I don’t use the sandbox feature.