That doesn’t work in this example. The reason the coffee maker was able to be hacked was because it wasn’t connected to the internet, and default behavior was to broadcast an open network when not connected.
Only buy devices that work on LAN (the local area network inside your house) without internet access.
Consider only buying devices that don’t require signing up for accounts with the manufacturer of the device.
Consider using a router to block internet access to devices that work on LAN without internet access.
And as a matter of convenience, buy devices that work the way users expect. Smart lightbulbs require the smarts to be in the bulb and won’t work smart if the wall switch gets turned off. Placing the smarts in the wall switch is better, because it will work as people expect, with the smart connection as an added benefit.
What’s that actually mean? What devices can I use?
Google is much more difficult. None of your Google Home / Google Assistant smarthome devices can function without internet.
Apple HomeKit
Apple HomeKit is the name of the standard for iOS compatible home automation devices. The on iOS that most people use to add and control accessories is named Home.
A device that works with HomeKit requires its own app for firmware updates, but for just installing and initial configuration, many accessories can use Apple’s Home app and never need to download or create an account with a manufacturer.
How can a device not use the internet but still be accessible when you’re outside the home? Apple has a hub concept, where if you use an AppleTV, HomePod, or iPad in the home, that device acts as a hub to make your LAN devices available when you’re not on your own Wi-Fi.
Trust
In order to use an Apple Home hub, you have to trust Apple. Which is okay, many people do. But what if you don’t trust your HomeKit accessories?
Like, what if you got a smart plug from some seller off aliexpress, and it works, but requires signing up for an account, and you just generally don’t trust it? You could unplug it and forget about it, but that would suck from a sunk-cost standpoint.
Or, you could firewall it so that it can’t get to the internet, and only works on your local network, using a HomeKit compatible router.
What if you’re a real geek
It is possible to buy Sonoff devices that by default require an eWelink app and account to work with Google Home and Alexa, and reprogram them using open source firmware to work only with Apple HomeKit.
They don’t call home, and they work very reliably.
Conclusions: what should you do
In order of devices that are both geared towards your privacy and security, and work without internet access:
If you have an iOS device, use HomeKit compatible devices. If the device doesn’t exist for what you want to control, you can make it with an ESP8266-based Sonoff device.
If you don’t have an iOS device (or if you do, but prefer Amazon Alexa for some reason) you can put an Amazon Echo+ into offline mode and use Zigbee-based devices that will pair directly with the Echo+. These are switches, outlets, door locks and a motion sensor.
If you have Google Assistant and Google Home, you’re out of luck.
Basically, the safest thing for smart devices is to use Apple HomeKit. The second safest thing is to use an Echo+ in offline mode with Zigbee accessories.