And to my knowledge the hardware buttons of a Ledger Nono are completely software controlled. The buttons are not directly wired to the Secure Element where most of Ledger's firmware magic happens. The MCU controls the display and the buttons and proxies user interactions to the Secure Element. It's the firmware that decides what to do when you press a Ledger button. As the firmware is a black box what exactly prevents Ledger to not need your button press? ... Exactly: nothing! It's their secret sauce code...
...
I doubt Ledger would ever admit that they could remove that physical confirmation any time they want, but are you both 100% sure that's how it works? You have no code to back that up, the same way Ledger hasn't made any available to show that they can't. Can the user's confirmation really be worked around that easily, and if they have malicious intentions, why would they simply not do it instead of telling us that they will?
My sources is the following
blog article by Saleem Rashid, who discovered a severe security flaw in the Ledger NoNo S firmware. There's a diagram showing basically the same wiring what @o_e_l_e_o cited from Ledger's developer sources. Saleem doesn't go into too much details but I assume he partly or to greater extend reverse-engineered MCU firmware code to craft his exploit. I have my doubts that the base architecture of Ledger NoNo S+ and NoNo X is much different, but frankly I can't prove it. I haven't enough interest in Ledger crap to spend a lot of time in research around their products. This company, their products, their philosophy and their executives are a no-go for me.
It's
funny a shame how the executive morons at Ledger Paris tried to downplay his exploit and treated him. (Not that I can say to know all the story, but as a hardware wallet company you definitelly shouldn't treat white hat security analysts who can prove your product has a severe flaw like Ledger did with him. Not to mention how long it took them to deal with this flaw.)