Yep and yep.  Except there's always some element of trust involved with using crypto, no matter how much we'd like there not to be--so I'm not going to flagellate myself for once upon a time using a Ledger device (even though I knew about its closed-source nature). 

The perplexing thing to me is the number of people who seemingly still support and use Ledger devices in the face of the Recover debacle.  There are tons of redditors who keep arguing that it's no big deal.  Some of those could be shills, but I'm guessing a lot of them aren't; they're just incredibly naive or just don't care about their privacy.  It boggles my mind, but hopefully Ledger will somehow self destruct as a company OR people will wake up and see the truth behind their BS.  If I had to guess, it'll be the former happening first.