Well is not a lie, not every hardware is vulnerable but check this
http://lmgtfy.com/?q=ledger+trezor+vulnerabilitySo you can agree with me that address can be hijacked with Trezor, otherwise why it would display adress again? Eg. Legder Nano S is displaying few letters from address, it can be tricked by vanity address in similar letters. My point here is that the connection with PC is the weakest link, we do not have this link. Addresses cannot be hijacked at all. Using competitors device connected with PC requiring user to take special attention.