Or did they just a slap some random bullshit timeline together with no intention of sticking even to the bare minimum?
They probably did just that, and they are hoping that everything will calm down and people will gradually forget about this issue.
It could be possible they are working on open sourcing partially, but I think now it's to late for that and it wont be genuine.
I don't trust ledger and their ''car'' is going down the hill.
I also disliked the "Attach to PIN" feature, and I've spoken before about why I don't think people should use it. As you say it reduces the security of your passphrase to a simple PIN, and it also means that your passphrase is stored on the device rather than wiped after use when using a temporary passphrase.
I was thinking the same thing like you when I was considering of using ledger few years ago.
Attaching PIN also adds extra complexity since it is totally different from all other solutions used in different manufacturers of hardware wallets.
Apparently the shards aren't encrypted at all, despite Ledger previously stating this. It's literally just Shamir's. So there is no decryption key to be stored on the device or by Ledger themselves
This guy is totally lost in space... only character that is worse than him, is that co-founder akak reddit moderator clown btchip.
It's very important thing that he put a bunch of flashy rings on his fingers...
During the process, the secure channel uses an ephemeral symmetric key to securely transport the fragments.
Sounds like a bunch of BS that can't be verified at all by regular users.