Woah, let’s not be hasty. A few big tech companies are really good at their jobs…
Let’s not forget the dozens of big tech companies run by absolute morons that bring products that nobody wants or needs and only stay afloat due to legacy, stealing data & selling it, and/or venture capital.
Then use Wireguard to get into your local network. Simple as. All security risks that don’t need to be accessed by the public (document servers, ssh, internal tools, etc…) can be accessed via VPN while the port forwarded servers are behind a reverse proxy, TLS, and an authentication layer like Authelia/authentik for things that only a small group needs to access.
Sorry, but there is 1 case in 10000 where a home user would have to have publicly exposed SSH and 9999 cases of 10000 where it is not needed at all and would only be done out of laziness or lack of knowledge of options.