The key issue here is that even if at this point you do need a physical button press to confirm/deny a Tx or seed sharding, there's is nothing inherent in the architecture of Ledgers hardware that restricts the device to operating this way forever. The required button presses are a firmware update away from not being needed at all. Which means that change could be made with or without your knowledge. "We promise we won't" Back to trust me bro.
There are two possibilities here, both rely on trust. You can either have trust that the old firmware still makes physical button presses mandatory to the process, and that the option to bypass button presses doesn't exist in the old firmware versions. Or you can trust Ledger that their new code changes will never allow for the possibility to bypass button presses. The third option I didn't mention is completely abandoning Ledger HWs.
Sorry, but I'm quite confused as I never owned a Ledger. Isn't it a hardware wallet? Doesn't that mean it cannot connect to any network except the computer that you'll plug it into?
Ledger has reveled something we initially thought was impossible because that's what we were told. And that's the way secure element chips function. In earlier years it was said that no sensitive data can even leave the chips. We know now that it isn't true. It can if the software tells it to.