You bought a hardware wallet with an opaque closed-source firmware. Ledger lied that your seed can't leave the secure element chip. Their paid recovery service funnels your seed through your online computer to three companies which then hold shards of your seed. It's closed-source firmware software that controls what the button presses do or not do. The secure element chip is not controlled by the Ledger NoNo's buttons, another microcontroller deals with the buttons and the display and commands the secure element. It's programmable and it's a black box, horray.


At least it's open-source and if it had reproducible builds of the firmware (not sure at the moment if it has), you could check what Trezor's code does and what not. Trezor even shows schematics and how the hardware is made. Try to find this at Ledger.


Anyway, I digress already.