Yes, i am agree too but i have one question to stick/slush but they ignore it regulary

I am about fishing changing of addresses for receiving:

https://bitcointalk.org/index.php?topic=122438.msg8437648#msg8437648

My browser can be affected by virus, but the target is not mytrezor.com may be for example but there could be simple software for changing any Bitcoin address in page (DOM structure) to scam (fishing) address.
What can i do now if this software will appear?

Can stick/slush to add checking option to show current receiving address not only in computer but in the Trezor's screen too and this receiving address should be sent by client software through BIP44 path from computer to the Trezor (the Trezor should simple calculate address by sent BIP44 path from computer)?
It will be ideal solution.
It's my third repeating of this question here. How times should i repeat for attention of developers

But this software will be if Bitcoin will be popular.
This software can be installed hidden in any popular plugin of browser and etc.

Did you think about this?

P.S. Now i use BTCReceive and i imported there xpub key of my Trezor account. I check every address showed to me from myTrezor.com
BUT xpub key to be showed only by browser so i cannot trust by this info too. The xpub key can be easy changed by malware software by scam xpub
How do you think - it's easy to do or not? I think it can be made by super easy! One world, one payment details, one type of money address -> the ideal world for address change fishing.