Geez, from studying 100 billion pages from 1 billion domain names:

14 out of the 15 domains most commonly whitelisted for loading scripts contain unsafe endpoints; as a consequence, 75.81% of distinct policies use script whitelists that allow attackers to bypass CSP. In total, we find that 94.68% of policies that attempt to limit script execution are ineffective, and that 99.34% of hosts with CSP use policies that offer no benefit against XSS.

This why I always bring my unhackable writing stone with me to save sensitive data.

That looks like fun but on the other hand it seems kinda heavy to carry around. 

It's actually a solution to both security and obesity.

Multitasking! :)