is it true that most of them do not offer absolute privacy, but rather they only reduce risk?
No, many of them completely eliminate the risk. Using constant time implementations of algorithms and not branching on secret-dependent conditions ensures that secrets being processed provably have no effect on timing, making such side-channel attacks impossible. Some cryptographic algorithms, like Ed25519, are designed to make implementations with comprehensive side-channel resistance in mind possible and practical. In other cases, the hardware itself is designed to make side-channel attacks difficult to pull off. AES-NI in many modern x86 processors is one example of that. It is an instruction set which provides acceleration for AES encryption and additionally runs in constant time.
Are there any absolute solutions to any existing side channel attacks?
For some classes of side-channel attacks such as those based on timing, yes. See above. For the more advanced attacks that involve things such as differential power analysis, there is very often no way to completely avoid them, short of using specialized microprocessors designed specifically for security, such as those used in Hardware Security Modules (HSMs). Cheap consumer electronics are unlikely to take such measures as they bring the base manufacturing cost up.
There are a large number of different side-channel attacks. Generally, they fall into three categories:
Attacks which are done by executing code on the same system upon which secrets are being processed. These attacks include timing attacks and cache attacks and can be done remotely and without physical access if code execution on the target device is possible. Mitigation involves secure software design. This is the easiest attack to pull off, and the easiest to mitigate.
Attacks which require passive monitoring of the hardware. Differential power analysis and thermal imaging attacks fall into this category. It requires physical access to the target device and often very specialized equipment, but can be done even without code execution on the target.
Fault attacks where errors are triggered in the device by doing things such as feeding an IC with the incorrect voltage or an unstable clock in a process called glitching. Even side-channel resistant software can be vulnerable to this. Sometimes this can even involve physically removing the surface of a chip and shooting it with a tightly-focused laser to trigger faults. The results of these faults can sometimes be detected through side-channel attacks. This often results in physical destruction of the device and, naturally, requires physical access.
Mitigating the first is usually possible to do cheaply in software. Mitigating the second may or may not be possible in software depending on the actual attack, and mitigating the third is rarely possible in software, although fault attack-resistant software can be designed with sufficient expertise.
Since these countermeasures are not widely known to the general public, is it true that people may not employ those measures. Is it also true that most consumer standard devices usually don't have these measures built into them?
It is often true, especially when the product does not use an established and popular library like OpenSSL which provide these mitigations and instead attempt to design it on their own. Those devices are often highly vulnerable to side-channel attacks, and abusing those weaknesses can be practical.
Unfortunately, the only cases where standard consumer devices do use such mitigations is with DRM in order to prevent their users from jailbreaking their own devices or running their own code on them. Companies which do that naturally care more about avoiding piracy (at the expense of restricting users' freedom) than about security against malicious attacks. This is because, in their threat model, the adversary is you, the device owner, not someone who is out to get your private information.
