Ledger keeps repeating that "all hardware wallets require trust" and people get lost in this because while on one hand it's true to some degree, not every wallet requires as much trust as one that's closed source which also has the ability via firmware to split and send seeds through your USB/Bluetooth connection, through your PC and then stored elsewhere.
Compare Ledger - closed source, connects to an internet enabled device, has the ability to send your seed phrase across the internet - to something like a Passport - open source, completely airgapped, communicates with QR codes - and the difference is stark. The difference in the level of trust required is astronomical.
It's like saying "all software wallets required trust" when comparing something like airgapped open source Sparrow, to hot closed source Trust. There is simply no comparison, and anyone claiming they are in any way similar is either naive or malicious.
"Oh but the shards are encrypted!" This only sounds good until you realize that Ledger themselves say that any device can restore the shards. So the encryption keys are either specific to ledger Hardware (meaning anybody with a Ledger has them) or they're stored at Ledger headquarters (meaning they have them and you have to hope they aren't leaked the way all those addresses and emails were). Any way you slice this it's frightening.
The key is common to all Ledger devices, and therefore the encryption is utterly useless:
https://bitcointalk.org/index.php?topic=5452900.msg62453002#msg62453002