will a "hacker" need to have physical access to the device to hack/steal my private keys, or can he/she steal it remotely?
If Ledger's own software can extract the seed from the device to send it to their servers, I can imagine some malware doing the same (in the future).
Let's pretend that the device doesn't have the Seed/Wallet Recovery feature on.
That's a dangerous assumption.
Plus if it could send/leak a user's seed/private key over the internet, could we see those packets of data if we have a traffic sniffer on?
I assume that's all encrypted.