Regarding physical attacks -- I'm not sure if you have followed Trezor, but they have a great track record of thwarting physical attack vectors. In other words, the physical extraction of private keys from a Trezor is currently a purely academic question. The many eyes principle has worked exceptionally well in this case. I reckon that Ledger is in a similar position, however I don't follow them quite as closely.
Nee. Who told you that?
Getting a private key out of trezor is kind of trivial as the device doesn't even use any kind of a secure hardware.
See here for example: https://jochen-hoenicke.de/trezor-power-analysis/ - this is without even opening the case!
Ledger is harder as it uses ST secure chip, and the cost of peeling the layers of silicon to get into the memory is estimated at $300k or so.
But it also can be done - it has been done. There are even videos on Youtube of people dumping the entire memory of the chip.
The science of hacking (secure) chips is an actual science and is far more advanced than the non existing science of hacking brain wallets.
Like take this presentation for instance - that's from 2010: https://www.youtube.com/watch?v=62DGIUpscnY - see what he has done here? This is what I call hacking, not the bloody brain wallet hacking charlatans who just make empty claims without proving shit.
Anyway.
If you think that a hardware wallet is secure but a brain wallet isn't - it only shows how much you have been brainwashed by the brain wallet pseudo-scientists and how much they made you to loose touch with the reality. In reality everything can be hacked. And personally I am quite sure that any of the hardware wallet on the market is easier/cheaper to hack than my brain. Can't speak for your though
