AFAIK it would need to still be bruteforced before getting to the private key (or the encryption key extracted from the SE).
We now know this to be incorrect, though. As Ledger have said (and as I've linked to earlier in this thread), you can still recover your seed phrase via Ledger Recover even if you lose your hardware wallet and buy a brand new one. This means the decryption key does not need to be extract from the SE, or is even stored on the SE in the first place. It
must be stored by a third party for them to be able to give it to you when you activate a brand new device. Someone somewhere holds the power to decrypt your seed phrase and steal all your coins. The fact that Ledger won't even tell you who that entity is or what security is being used to store your decryption key is highly suspect.
That's why I find highly interesting to see if Pmalek is able to get a more recent feedback from him. To see the only argument from his opinion being shattered by how Ledger Recover works in a new device surely has to change his mind on the subject...
Do note that Ledger Nano S will also eventually get this service as well[1] according to Ledger Customer Success agents.