When someone we know socially described their being phished and the repairs also put their hamshack off line, and then when a ham I know only from online communications said he baulked when tech support for a ham logging issue wanted to use a remote desktop/access product to “fix” his machine as he was worried that they could see his banking, I quickly surmised that both had been using their main home computer for hamshack duty.
Thinking this may not be very wise, and that having separate general home PCs and hamshack PCs would be preferable.
The comingling of the two use-cases exposes both to the risks that otherwise would have been kept separate.
The hamshack computer typically will be used to run a lot of software/apps developed by very small teams that depend on external reviews for some (maybe all) of their security. It is more likely that IoT (Internet of Things), direct connections via various ports and of course potential over the air exposure would be higher in the hamshack.
Your main home PC is your workhorse that does emails. correspondence, and banking/financials, and then likely serves music, printers and other resources.
More likely that Dual-Factor Authentication and maybe even a dongle/fob could be involved in some of the software on that main home PC. Much of the software receives higher levels of review for security issues.
Of course there is a good amount of overlap between the hamshack and main home PCs and security. I am thinking of the differential as a weighted preponderance rather than absolutes.
Keep the two segregated on differing systems increases your robustness from the software/connectivity end, while complicating the hardware side with a second machine.
As hardware has become so reliable, the added potential for hardware loss is massively out-shadowed by the decrease in vulnerabilities from keep things separate.
I break mine down further with my media server being also separate, as are my BBS and my general browsing machines. YMMV
73
Steve
K9ZW