Just in the spirit of clarity here, I think while it's important to note that although Ledger's communication has been terrible and their marketing repeated this notion - the belief that a secure element could never reveal private keys in any form regardless of what firmware was thrown at it was and has always been incorrect.
But it's what Ledger had been telling us since day one:
"Hi - your private keys **never** leave the Secure Element chip, which has never been hacked. The Secure Element is 3rd party certified, and is the same technology as used in passports and credit cards. A firmware update cannot extract the private keys from the Secure Element."
@Ledger on Twitter"Private data, such as your private keys will be protected and never leave the device due to the combination of BOLOS and the Secure Element."
"The secret keys or seed are never exposed to the BLE stack and never, ever leave the Secure Element."
"While Ledger is using a dual chip system with an MCU as well, the important part is that your private keys remain inside the Secure Element."
"This means that, beyond keeping your private key offline and away from hackers, the Ledger device itself is also completely impenetrable from external threats"
Lies, lies, lies.
Ledger Lies.