When anyone purchase ledger crap they can't use it until they connect in with ledger live app, and it's impossible to bypass this step with other apps.
You also can't update device without ledger live, and nobody knows how exactly they are going to add more restrictions.
I understand what you mean, but those who need to activate their devices or update relevant apps to continue using them are still free to use VPN to avoid any potential blocks by Ledger. The same applies to those who wish to send transactions to sanctioned addresses, all they need to do is choose the right VPN server. A jumpscare is not the real threat.
Needing to use a VPN because Ledger can't be trusted is the real threat.