So then I am trying to ascertain the consensus of the group here.  Are we saying that if a user is looking directly at their Trezor and confirms the BTC address is perfectly correct on the display, that the transaction can ONLY go to that displayed address?  When I read about many "high end" hacks it causes me to wonder if somehow the software could pull a switch address a nano-second after I confirm on my Trezors.  I am just trying to think out of the box here.  I have been using Trezors since early on with the T1 and several T's as well.  I triple check the display and have never had any issues at all.