I'm not going to defend this company that screwed up again, but I would like to clarify, if ledger has the ability to access all generated seeds, then what prevents them from stealing the contents of all their customer's wallets? Are they waiting for the best moment? Waiting for more users to become their "victims"? Until there is evidence (facts) of their abuse of their position, it is impossible to say for sure (about access to all generated seeds) and all our suspicions remain just suspicions.
You have to look at the bigger picture because it's not just about what someone from the Ledger team could do, but what those who would be able to use Ledger as a bridge to attack their users could do. They always claimed that the seed can never leave their devices, only to have that become a lie overnight when they announced their new option (Recovery) that extracts the seed from the device and then divides it into three parts, two of which go to two external companies, and one remains with Ledger.
It's true that there's no concrete evidence that seed could have been pulled out even before they admitted it was possible, but who wants to take the risk and believe it?
~snip~
By the way, +1 for another fackup on the part of Ledger for compromising the developer's NPM account. This company is becoming a champion with all sorts of troubles. Trick question: if the bank where your money is kept is constantly robbed (for example), would you want to keep your money there? Ledger is constantly getting embroiled in various negative stories.
I would say it in a slightly different way - they are actually a negative story that keeps repeating itself. Despite everything, people still use and buy their devices.