As I'm for years not interested in Ledger hardware because it's closed-source, I likely didn't keep the source of the interesting article of this vulnerability researcher who in my opinion did quite a good job to reverse engineer parts of Ledger Nano's firmware. It was a good read as far as I remember it, out of curiosity and because I'm generally interested in security stuff.
I found it particularly interesting, and so different to other hardware wallets, that for a Nano the MCU seems to do more the housekeeping, display, buttons, interface, signaling to the secure element and way less of the crypto stuff. If I don't mix it up, the Ledger coin/token apps are code running in the secure element where Ledger uses in parts special firmware extensively offloading coin stuff in their secure element.
I'd happily provide a source but couldn't find the bookmark for it so far, sorry. It's a pretty old source but I don't expect Ledger to have changed a lot of their internal design logic. Why Ledger does it the way they do it, I've no clear idea and I don't care about their security talk bullshit
Anyway, you're correct, because the firmware is a black box, it's all speculation what could be or not. And I don't believe the Ledger Paris freaks a single word anymore. I don't need Ledger crap and I won't recommend to use it for obvious reasons. If Ledger still fan boys don't understand this, that's on them, probably lost cases, sad if they're going to learn by pain when Ledger srews it up again.
That means everything else you said is irrelevant. No offense, but everything else you said relies on believing Ledger regarding how their hardware wallets work, which they've already lied about many times.
No offense taken, but I disagree in parts. I hope I didn't regurgitate Ledger's marketing bullshit. I rather believe more what this researcher published about Nano's internals and what somewhat stuck in my memory than what Ledger fantasizes in words, videos and marketing propaganda.
The device cannot be trusted because:
The firmware cannot be trusted.
And the company cannot be trusted.
We're on the same page. I'd add based on constand complains of users: Ledger Live is painfully crappy software for crypto masochists.
A Ledger rant a day, keeps the doctor away...