Here are some technical points:

* The network connection is the critical chokepoint. An unsecure (sic) airgapped computer is almost as good (possibly as good as) a secure networked computer.

* Increasingly, computers are more and more specialized, which is to say, less and less general-purpose. With a decrease in general-purposeness comes a decrease in the scope of things that it must be possible for a networked device to transmit for its effective operation.

* Therefore, it becomes practical to restrict the lifetime communications of some device to a predefined schema set at manufacture time. (Think along the lines of GraphQL.) SEARS once provided legendary schematics for its products; there is no reason for an interested layman of moderately above-average intelligence to be denied access to a document providing a comprehensive description of his device’s capabilities.

* Furthermore, the network connection can be cleanly extracted from the main system, and should be so. It can run on its own hardware; reside on read-only memory; be written in Haskell. If a device needs more comms than it currently possesses, its manufacturer can issue a microSD-card-like “flash” update. Between real costs to updates and a rigorous-though-not-prohibitive certification process, it will be uneconomical to issue half-baked software. To become a certifier must be a grueling process, within grasp only for the elite of the elite, and the profession’s pay pegged at a minimum of 5X the pay of a similar position in the private sector. The return on investment will be in excess of 100X.

* TH3. (GOTO: SQLite)

* Physical hardware switches for every sensor and wireless antenna. You flip open your smartphone, the microphone activates. You press a small toggle button, the camera turns on. Your flip your smartphone closed, it becomes a pager: capable of receiving calls and notifications, incapable of transmitting data, including geomatical information.

* Facebook, Instagram, Twitter, Snapchat, et al. should’ve been protocols; they aren’t, because in such a world the founders wouldn’t be billionaires and the world’s privacy wouldn’t be flooding into their datacenters. Similarly, with contemporary inexpensive, powerful, and energy-efficient hardware, it’s eminently possible, bordering on trivial, to design a “home cloud” distributed network of interoperable devices, sensibly firewalled from the Internet (see above). It hasn’t happened, for similar reasons.

These are not, as some would have you believe, insurmountable problems.

Similarly, we must have 5G networking now because… we need to bump up our sales by forcing the purchase of new hardware?