But possibly an easier/less labor intensive compromise. If we could choose our own defaults for each setting, that would potentially require fewer resources/checks than a true sync.
That way we could, let’s say, set the most paranoid settings as the default, and then change them as needed.
I don’t like having less secure options enabled by default, because if you forget to enable them then you’re more vulnerable. As opposed to being more protected by default, and changing the settings on an as-needed basis.