This is why I have concerns about nuclear power without a major change in stakeholding. In Russia, a company that did a crappy job would have its execs shot. Same with China, except the organs would be sold. Europe would try them and put them in prison for a long time. Here in the US, if a contractor made a nuclear reactor that never worked, the execs would get bonuses and the taxpayers would have another Superfund site to go with. If anyone went to prison, it might be a low level worker.
I'm sure bans would be the first thing they would try, but I'm hoping that the fact that people still drive 30+ year old cars on a daily basis will at least get states to slow down on the Draconian auto laws.
You mean "nonessential" people like sysadmins who are not at work updating the latest local root bugs, or updating certificates, while Iran is doing a major attack against DNS servers? These "nonessential" people normally ensure that when you go to www.irs.gov to file taxes, you are really going to "www.irs.gov", and not "www.irs.ir", "www.irs.ru", or whatever TLD Lower Elbonia uses. Hopefully your tax return won't be captured and your refund snatched, but "nonessential" people prevent that from happening.
Then there are the national parks. The "nonessential" people keeping others from chainsawing stuff down in Joshua Tree, so they can romp with their four-wheelers.
Or perhaps food safety. USDA and other inspection workers are "nonessential", I guess. Just hope you don't get sick from another lysteria bout.
Maybe the CDC is "nonessential", as it really doesn't matter to some if a mutant flu starts or another SARS variant causing a high casualty count. Perhaps Ebola rearing its head may not be stopped because the "nonessential" people on the lookout for things like that are sidelined.
There will be ramifications of this shutdown that echo for years after this. We don't need a wall on the southern border; we need one in cyberspace.
That's the problem. Every bigwig views constant and invasive data collection as a money source. Standing in the way of that would be like a software company not charging for service contracts... it just wouldn't be done, because no CxO doesn't want to deny themselves, and their VCs the revenue stream.
I have worked on a startup. VCs will refuse to do business with you unless you can provide them with unstoppable analytics. With the fact that M2M cellular is dirt cheap, having a device to provide this info 24/7 to sell is trivial. Plus, with EULAs, that info capture is protected by law, as the user agreed to it.
It would be nice if there were some pushback, but few consumers care about their privacy, governments hop behind business, and business makes lots of cash from it.
I would say that "subscription autos" is closer than people think. M2M IoT is dirt cheap via 3G SIM cards. It is trivial to create a system where the vehicle sends a data stream and on occasion gets a signed certificate to continue operating. If that cert expires, the vehicle won't start, and perhaps the doors will not open from the inside until the user pays the subscription fee.
This can be done by forcing people to purchase the car, but the license for the ECM/TCM firmware be something that has to be licensed. No license, vehicle doesn't start. Jailbreaking and reverse engineering this firmware is trivial to block (look at how latest-gen consoles have not had a single meaningful attack since they have been released), and the DMCA would shut down people writing their own firmware.
What we are likely going to see is something we are seeing with tractors, because of the Draconian things pushed on farmers by vehicle makers. Sooner or later, people will buy junked cars, or even just a crushed frame with a VIN on it, adding crate engines, populating with seats and an interior, and selling them as homemade vehicles, or the make/model with the VIN, even though the body is completely different. A former motorhome can be turned into a pickup truck, or a sedan winds up with a custom sports car body.
I can see a market for used, popular models, even if the vehicle is completely shot. Older engines are relatively inexpensive, so a Camaro that has nothing except an intact VIN can be turned into a very useful ride, just so people don't have to deal with "subscriptions", and the constant invasions of privacy.
This is timely. Right now, because of the shutdown, there are a lot of government domains whose certs are not being renewed, because there are no sysadmins able to renew them. So, with an expired cert, all it takes is a DNS attack to redirect someone from foo.gov to foo.ir, as the user is almost certainly not going to examine the cert and manually check its pedigree and dates.
This is going to cause grave security concerns going forward.
If fraudsters could do this, stuff like Amazon Whispernet would be history. Most of these M2M chips have very strict data caps, and rate limitations are modem speed.
For now that is. Right now, with the assumption that they gain by data sucking, I wouldn't be surprised to see TVs either having a 3D cellular modem, or just not working unless they have an always-on requirement to the Internet like game consoles do.
I wouldn't be surprised if the next upgrades, be it 6k or 3D, or whatever, required the TV to have an always on connection for DRM purposes.
The problem is that ads did make sense, back when they were a simple bar, or text based stuff. Then came the video ads, then the pop-ups, and so on. Now, one of the biggest infection vectors around is malvertising, with ad companies turning a blind eye to malicious code served through their networks because the delivery mechanism can be widespread and not hit an IP range twice in a close interval.
Once ads became security issues, ad-blocking has become more vital than an AV program. I've even personally tested this (although the sample rate is too small.) One VM without an ad blocker, one VM without AV. The one with an ad blocker and no AV when shut down and offline, and scanned by autoruns was clean six months later after daily web browsing use. The one without an ad blocker was compromised with ransomware in less than ten minutes of viewing mainstream social media sites, and not clicking outside the site itself.
If you can get a Samsung phone with an unlockable bootloader (Sorry, no Snapdragon CPU phones, the main ones in the US are unlockable), the best thing to do is unlock the bootloader, and install a custom ROM or LineageOS. From there, you don't need to worry.
At the minimum, a rooted OS, so you can have a Linux firewall block all outgoing crap from junkware apps is a must.
It is funny how Windows 10 has differed from Windows 7 as time has gone by. For example, Windows 7 ran OK on a regular hard drive. Windows 10 -needs- a SSD to be able to function. The minimum size has grown as well, where W10 pretty much needs 120+ gigs of space with all the Market and user installed shoverware, and that's before adding relevant apps.
Maybe if Microsoft made this a whole new OS release, this would be understandable. They could set requirements where they could have a hidden partition with 20+ gigs tucked away for both recovery and updates. This also would make a reset/reinstall easier, as the entire C: filesystem could entirely be blown away, not just deleting c:\Users, program directories, and the Windows directory, ensuring that no malware is on the new filesystem. In addition when the machine is reinstalled or refreshed, all updates can be copied, so the machine doesn't need to go through multiple Windows update and reboot cycles to work.
Best of all would be having Windows be entirely hypervisor based, so a Windows desktop would be a VM, and a "reinstall" would just be starting, loading and provisioning a VM image. No fretting with bare metal.
We already have those. Those are called banks. This isn't to say that the trusted node concept isn't bad. However, whom do you hand over trusted nodes to?
For example, if you want to trust a node, you don't trust it over how much value it has for its good name. This can be relative since even a top bank could start trying to double-spend if people thought they would not get caught. It would take finding a number of parties whose interests do not coincide for this to work. For example, for every trusted node that went to a government or bank, I'd have to hand one to some organization like the EFF, GNU, FSF, TOOOL, Amnesty International, and other parties. The goal would be to equally divide nodes, so the risk of collusion is minimized.
You then add untrusted nodes as well, but divide them into different groups, for example, nodes that pass muster when it comes to security, and are independantly owned. This way, someone using AWS for a massive mining push would gain control of a segment... but not enough to definitely command what happens on the entire blockchain.
Things are relative. For most of the US, just having a mass transit system is something that makes NYC notable. Most major cities, at best, might have a few bus routes, if that. I know where I live, Austin, there have been one upgrade in mass transit in the pass 20 years.... a single light rail train track, which doesn't really go to places it is desparately needed (like the college campus.)
Even a gondola system similar to Rio would be nicer and more practical than what is in use in this city as of now.
The door lock from most garages to the rest of the house isn't as stout as others. It also gives a rogue employee the ability to drop the garage door, use what burglary tools they feel like using to get in, without being visible. Yes, an alarm may help, but by the time the police arrive, everything is cleaned out.
I almost wish Amazon had something a small version of the Amazon Locker that one can buy and install at their place, with a camera inside that shows the package being scanned and placed inside.
I have noticed that SSDs fail a lot less than HDDs... but when they fail, they fail hard. However, since the beginning of time in computers, one always was supposed to have backups and never trust that they could ever get their data back from spinning rust. SSDs only drive this point home. Once the electrons are out of the gates, there is no going back.
I think we will see different types of storage appear. Most machines will use SSD because it is better in almost every way except for capacity, while HDD will be useful for large capacity arrays where I/O speed isn't as critical, but storage is.
HDDs also can be useful in desktops, provided they have a good amount of SSD built in, which functions both as a "landing zone" for data (where the drive can tell the OS that it is complete once it finishes to the SSD, and then move the data to the spinning platters in its own time), as well as a read cache. Adding 128 gigs or so to a 10-20 TB drive would generally allow the drive to handle most desktop I/O at SSD speed, but still have the capacity of a large HDD, provided the controller had a smart cache. Generally is the key term... a copy of large files would fill the SSD up, causing the I/O to wind up going at the speed of the spinning disks, which will be a performance hit, especially with random I/O.
I have been neutral on Macs. Right now, I am not very pleased at the fact that Macs do not allow you to install Linux on the internal SSD, even with T2 chip security off. No, installing VMWare in Windows or macOS isn't a long term answer, especially once Apple discontinues macOS support for that model.
My next laptop, I probably would recommend Dell Latitudes, with a decent service level. More expensive than the Best Buy special, less expensive than a Mac, and can be purchased with a five year warranty. They happily run Windows and Linux, and have become what a MacBook Pro should be, with pretty much any port you need, as well as a decent USB docking station available. No, they don't run macOS, but hardware-wise, they are a decent alternative until Apple stops considering Linux anathema on their machines.
There is a big difference between a store that has a few CDs of whatever the latest corporate pop stuff is, versus a record store that stocks new bands that are not overplayed/overhyped.
The dedicated record stores here in Austin are going strong. Cassette tape is actually booming, especially in niche genres like dungeon synth where the music is just one part of the entire experience. LPs, with actual room for artwork? Going well. CDs? Doing just fine. Heck, even reel to reel albums are selling.
Just because Bobby Middle Schooler doesn't bother getting the latest trendy track that his Fortnite buds are playing from a store doesn't mean stores are obsolete.
I find that password breaches normally happen at the provider's side, either brute forced, or someone haxxors their database and they have now a list of passwords that are in use. By moving to a PW manager and using 30 characters of randomly generated stuff, different for each site, a compromise at foo.com won't affect any of my other accounts.
Another method you could use that doesn't require a password manager is to take the hostname of a site, HMAC it with your master password, and use the output for your password. For example, echo -n "foo.com" | openssl dgst -sha1 -hmac "hunter2"
For password managers, 2FA does the job for most sites.
That is good. When AgileBits came out with a version forcing people to their cloud, I dropped them like a hot rock. I used to swear by them before they did that one.
The ironic thing is that password managers can be made secure:
1: Use a DB format that stores a master encryption key... which is then has multiple entries that are public key encrypted, so any device with its private key can unlock the master key and decode things. 2: Each endpoint generates and uses its own public/private keypair. When one adds another machine (computer, phone, tablet), it is "introduced" to it by another device adding the new device to the list. 3: Recovery can be done by adding a recovery password to the list. 4: Backups of the DB can be made using GPG, with the backup exported, encrypted to the devices' public keys.
This way, the DB can be stored on a cloud provider, or even an open S3 bucket. All an attacker will see is a master database, then figure out that the master key can be decoded by a list of public keys. Since there is no password available, brute forcing is not doable.
1: For the average website, I use LastPass. It is good enough, and actually has been hacked before, with the attacks mitigated by the fact that the data is never available unencrypted on their site. It has MFA, so an attacker would have to compromise a smartphone, and know my PW to get in. I always have MFA on, so even if LastPass is compromised, the attacks will
2: For my 2FA seeds, I use a program like enPass, or Codebook. mSecure, and 1Password are others, but mSecure and 1Password require a subscription and/or accounts with the respective companies, while enPass and Codebook, you pay for once, and you don't have to give them any personal details. These get synced with Dropbox or Google Drive, so an attacker would have to compromise that account (which is 2FA protected), then figure out the 64+ character password used for the data. Not impossible, but good enough. I use multiple programs, as enPass and Codebook allow exporting the seeds to plaintext as well as syncing.
I will also mention SafeInCloud as well, where it costs just one fee, and that's it.
3: For stuff that actually has to be secure and doesn't go to the cloud, I use KeePass with a passphrase and a keyfile. The keyfile is stored on an encrypted USB drive, and never leaves that. For an attacker to obtain the KeePass data, they would have to have physical access, find the dongle, guess the 16 digit PIN in less than ten tries (as the USB drive erases itself after the tenth attempt), and guess the password. Again, it can be done, but it is a good defense against most things.
That would be great, but device makers make just as much money, if not more, selling every single bit of info the device can snarf up, be it your heartrate, location, or whatever. In fact, last time I talked with a VC, no constant metadata/analytics/telemetry, no funding, when it came to IoT devices.
Slashdot Mirror
This is why I have concerns about nuclear power without a major change in stakeholding. In Russia, a company that did a crappy job would have its execs shot. Same with China, except the organs would be sold. Europe would try them and put them in prison for a long time. Here in the US, if a contractor made a nuclear reactor that never worked, the execs would get bonuses and the taxpayers would have another Superfund site to go with. If anyone went to prison, it might be a low level worker.
I'm sure bans would be the first thing they would try, but I'm hoping that the fact that people still drive 30+ year old cars on a daily basis will at least get states to slow down on the Draconian auto laws.
You mean "nonessential" people like sysadmins who are not at work updating the latest local root bugs, or updating certificates, while Iran is doing a major attack against DNS servers? These "nonessential" people normally ensure that when you go to www.irs.gov to file taxes, you are really going to "www.irs.gov", and not "www.irs.ir", "www.irs.ru", or whatever TLD Lower Elbonia uses. Hopefully your tax return won't be captured and your refund snatched, but "nonessential" people prevent that from happening.
Then there are the national parks. The "nonessential" people keeping others from chainsawing stuff down in Joshua Tree, so they can romp with their four-wheelers.
Or perhaps food safety. USDA and other inspection workers are "nonessential", I guess. Just hope you don't get sick from another lysteria bout.
Maybe the CDC is "nonessential", as it really doesn't matter to some if a mutant flu starts or another SARS variant causing a high casualty count. Perhaps Ebola rearing its head may not be stopped because the "nonessential" people on the lookout for things like that are sidelined.
There will be ramifications of this shutdown that echo for years after this. We don't need a wall on the southern border; we need one in cyberspace.
That's the problem. Every bigwig views constant and invasive data collection as a money source. Standing in the way of that would be like a software company not charging for service contracts... it just wouldn't be done, because no CxO doesn't want to deny themselves, and their VCs the revenue stream.
I have worked on a startup. VCs will refuse to do business with you unless you can provide them with unstoppable analytics. With the fact that M2M cellular is dirt cheap, having a device to provide this info 24/7 to sell is trivial. Plus, with EULAs, that info capture is protected by law, as the user agreed to it.
It would be nice if there were some pushback, but few consumers care about their privacy, governments hop behind business, and business makes lots of cash from it.
I would say that "subscription autos" is closer than people think. M2M IoT is dirt cheap via 3G SIM cards. It is trivial to create a system where the vehicle sends a data stream and on occasion gets a signed certificate to continue operating. If that cert expires, the vehicle won't start, and perhaps the doors will not open from the inside until the user pays the subscription fee.
This can be done by forcing people to purchase the car, but the license for the ECM/TCM firmware be something that has to be licensed. No license, vehicle doesn't start. Jailbreaking and reverse engineering this firmware is trivial to block (look at how latest-gen consoles have not had a single meaningful attack since they have been released), and the DMCA would shut down people writing their own firmware.
What we are likely going to see is something we are seeing with tractors, because of the Draconian things pushed on farmers by vehicle makers. Sooner or later, people will buy junked cars, or even just a crushed frame with a VIN on it, adding crate engines, populating with seats and an interior, and selling them as homemade vehicles, or the make/model with the VIN, even though the body is completely different. A former motorhome can be turned into a pickup truck, or a sedan winds up with a custom sports car body.
I can see a market for used, popular models, even if the vehicle is completely shot. Older engines are relatively inexpensive, so a Camaro that has nothing except an intact VIN can be turned into a very useful ride, just so people don't have to deal with "subscriptions", and the constant invasions of privacy.
This is timely. Right now, because of the shutdown, there are a lot of government domains whose certs are not being renewed, because there are no sysadmins able to renew them. So, with an expired cert, all it takes is a DNS attack to redirect someone from foo.gov to foo.ir, as the user is almost certainly not going to examine the cert and manually check its pedigree and dates.
This is going to cause grave security concerns going forward.
If fraudsters could do this, stuff like Amazon Whispernet would be history. Most of these M2M chips have very strict data caps, and rate limitations are modem speed.
For now that is. Right now, with the assumption that they gain by data sucking, I wouldn't be surprised to see TVs either having a 3D cellular modem, or just not working unless they have an always-on requirement to the Internet like game consoles do.
I wouldn't be surprised if the next upgrades, be it 6k or 3D, or whatever, required the TV to have an always on connection for DRM purposes.
The problem is that ads did make sense, back when they were a simple bar, or text based stuff. Then came the video ads, then the pop-ups, and so on. Now, one of the biggest infection vectors around is malvertising, with ad companies turning a blind eye to malicious code served through their networks because the delivery mechanism can be widespread and not hit an IP range twice in a close interval.
Once ads became security issues, ad-blocking has become more vital than an AV program. I've even personally tested this (although the sample rate is too small.) One VM without an ad blocker, one VM without AV. The one with an ad blocker and no AV when shut down and offline, and scanned by autoruns was clean six months later after daily web browsing use. The one without an ad blocker was compromised with ransomware in less than ten minutes of viewing mainstream social media sites, and not clicking outside the site itself.
If you can get a Samsung phone with an unlockable bootloader (Sorry, no Snapdragon CPU phones, the main ones in the US are unlockable), the best thing to do is unlock the bootloader, and install a custom ROM or LineageOS. From there, you don't need to worry.
At the minimum, a rooted OS, so you can have a Linux firewall block all outgoing crap from junkware apps is a must.
It is funny how Windows 10 has differed from Windows 7 as time has gone by. For example, Windows 7 ran OK on a regular hard drive. Windows 10 -needs- a SSD to be able to function. The minimum size has grown as well, where W10 pretty much needs 120+ gigs of space with all the Market and user installed shoverware, and that's before adding relevant apps.
Maybe if Microsoft made this a whole new OS release, this would be understandable. They could set requirements where they could have a hidden partition with 20+ gigs tucked away for both recovery and updates. This also would make a reset/reinstall easier, as the entire C: filesystem could entirely be blown away, not just deleting c:\Users, program directories, and the Windows directory, ensuring that no malware is on the new filesystem. In addition when the machine is reinstalled or refreshed, all updates can be copied, so the machine doesn't need to go through multiple Windows update and reboot cycles to work.
Best of all would be having Windows be entirely hypervisor based, so a Windows desktop would be a VM, and a "reinstall" would just be starting, loading and provisioning a VM image. No fretting with bare metal.
We already have those. Those are called banks. This isn't to say that the trusted node concept isn't bad. However, whom do you hand over trusted nodes to?
For example, if you want to trust a node, you don't trust it over how much value it has for its good name. This can be relative since even a top bank could start trying to double-spend if people thought they would not get caught. It would take finding a number of parties whose interests do not coincide for this to work. For example, for every trusted node that went to a government or bank, I'd have to hand one to some organization like the EFF, GNU, FSF, TOOOL, Amnesty International, and other parties. The goal would be to equally divide nodes, so the risk of collusion is minimized.
You then add untrusted nodes as well, but divide them into different groups, for example, nodes that pass muster when it comes to security, and are independantly owned. This way, someone using AWS for a massive mining push would gain control of a segment... but not enough to definitely command what happens on the entire blockchain.
Things are relative. For most of the US, just having a mass transit system is something that makes NYC notable. Most major cities, at best, might have a few bus routes, if that. I know where I live, Austin, there have been one upgrade in mass transit in the pass 20 years.... a single light rail train track, which doesn't really go to places it is desparately needed (like the college campus.)
Even a gondola system similar to Rio would be nicer and more practical than what is in use in this city as of now.
The door lock from most garages to the rest of the house isn't as stout as others. It also gives a rogue employee the ability to drop the garage door, use what burglary tools they feel like using to get in, without being visible. Yes, an alarm may help, but by the time the police arrive, everything is cleaned out.
I almost wish Amazon had something a small version of the Amazon Locker that one can buy and install at their place, with a camera inside that shows the package being scanned and placed inside.
I have noticed that SSDs fail a lot less than HDDs... but when they fail, they fail hard. However, since the beginning of time in computers, one always was supposed to have backups and never trust that they could ever get their data back from spinning rust. SSDs only drive this point home. Once the electrons are out of the gates, there is no going back.
I think we will see different types of storage appear. Most machines will use SSD because it is better in almost every way except for capacity, while HDD will be useful for large capacity arrays where I/O speed isn't as critical, but storage is.
HDDs also can be useful in desktops, provided they have a good amount of SSD built in, which functions both as a "landing zone" for data (where the drive can tell the OS that it is complete once it finishes to the SSD, and then move the data to the spinning platters in its own time), as well as a read cache. Adding 128 gigs or so to a 10-20 TB drive would generally allow the drive to handle most desktop I/O at SSD speed, but still have the capacity of a large HDD, provided the controller had a smart cache. Generally is the key term... a copy of large files would fill the SSD up, causing the I/O to wind up going at the speed of the spinning disks, which will be a performance hit, especially with random I/O.
I have been neutral on Macs. Right now, I am not very pleased at the fact that Macs do not allow you to install Linux on the internal SSD, even with T2 chip security off. No, installing VMWare in Windows or macOS isn't a long term answer, especially once Apple discontinues macOS support for that model.
My next laptop, I probably would recommend Dell Latitudes, with a decent service level. More expensive than the Best Buy special, less expensive than a Mac, and can be purchased with a five year warranty. They happily run Windows and Linux, and have become what a MacBook Pro should be, with pretty much any port you need, as well as a decent USB docking station available. No, they don't run macOS, but hardware-wise, they are a decent alternative until Apple stops considering Linux anathema on their machines.
ARM does not make any CPUs. They have the design for them and license it out, for someone else to fab. In fact, Apple does its own silicon.
There is a big difference between a store that has a few CDs of whatever the latest corporate pop stuff is, versus a record store that stocks new bands that are not overplayed/overhyped.
The dedicated record stores here in Austin are going strong. Cassette tape is actually booming, especially in niche genres like dungeon synth where the music is just one part of the entire experience. LPs, with actual room for artwork? Going well. CDs? Doing just fine. Heck, even reel to reel albums are selling.
Just because Bobby Middle Schooler doesn't bother getting the latest trendy track that his Fortnite buds are playing from a store doesn't mean stores are obsolete.
Where do you strengthen the links in your chain?
I find that password breaches normally happen at the provider's side, either brute forced, or someone haxxors their database and they have now a list of passwords that are in use. By moving to a PW manager and using 30 characters of randomly generated stuff, different for each site, a compromise at foo.com won't affect any of my other accounts.
Another method you could use that doesn't require a password manager is to take the hostname of a site, HMAC it with your master password, and use the output for your password. For example, echo -n "foo.com" | openssl dgst -sha1 -hmac "hunter2"
For password managers, 2FA does the job for most sites.
That is good. When AgileBits came out with a version forcing people to their cloud, I dropped them like a hot rock. I used to swear by them before they did that one.
The ironic thing is that password managers can be made secure:
1: Use a DB format that stores a master encryption key... which is then has multiple entries that are public key encrypted, so any device with its private key can unlock the master key and decode things.
2: Each endpoint generates and uses its own public/private keypair. When one adds another machine (computer, phone, tablet), it is "introduced" to it by another device adding the new device to the list.
3: Recovery can be done by adding a recovery password to the list.
4: Backups of the DB can be made using GPG, with the backup exported, encrypted to the devices' public keys.
This way, the DB can be stored on a cloud provider, or even an open S3 bucket. All an attacker will see is a master database, then figure out that the master key can be decoded by a list of public keys. Since there is no password available, brute forcing is not doable.
I like using multiple PW managers:
1: For the average website, I use LastPass. It is good enough, and actually has been hacked before, with the attacks mitigated by the fact that the data is never available unencrypted on their site. It has MFA, so an attacker would have to compromise a smartphone, and know my PW to get in. I always have MFA on, so even if LastPass is compromised, the attacks will
2: For my 2FA seeds, I use a program like enPass, or Codebook. mSecure, and 1Password are others, but mSecure and 1Password require a subscription and/or accounts with the respective companies, while enPass and Codebook, you pay for once, and you don't have to give them any personal details. These get synced with Dropbox or Google Drive, so an attacker would have to compromise that account (which is 2FA protected), then figure out the 64+ character password used for the data. Not impossible, but good enough. I use multiple programs, as enPass and Codebook allow exporting the seeds to plaintext as well as syncing.
I will also mention SafeInCloud as well, where it costs just one fee, and that's it.
3: For stuff that actually has to be secure and doesn't go to the cloud, I use KeePass with a passphrase and a keyfile. The keyfile is stored on an encrypted USB drive, and never leaves that. For an attacker to obtain the KeePass data, they would have to have physical access, find the dongle, guess the 16 digit PIN in less than ten tries (as the USB drive erases itself after the tenth attempt), and guess the password. Again, it can be done, but it is a good defense against most things.
That would be great, but device makers make just as much money, if not more, selling every single bit of info the device can snarf up, be it your heartrate, location, or whatever. In fact, last time I talked with a VC, no constant metadata/analytics/telemetry, no funding, when it came to IoT devices.
Or employers demand them, as it lowers their premiums.