I trust you and I'm not claiming that you are trying to track the users of Trezor. (Plural "you", meaning "your company and associates", not "you personally"). I'm more interested on the possibility of correlation attacks done by somebody else on the users of Trezors, especially those users willing to connect the Trezor to a non-trusted and not-verified computer.

I'll repeat my question:

Is there any publicly available information or speculation about the SoC chips you use that would either exclude or confirm the presence of undocumented storage? IIRC the devices you use support "USB on-the-go" which is a fairly complex protocol. Do you even heard any substantiated rumors about the undocumented features of your chips. I've worked with some much older SoC chips where it turned out that OTPROM and ROM memory was in reality just EEPROM protected against write by convoluted trickery in the software drivers (can't recall the exact manufacturer at this time, later acquired by Rainbow Technologies).