Funny you are saying this because you are already using third party devices like your computer and smartphone that all have closed source hardware components (some even software).
So trusting computer that has much bigger attack vectors than open source hardware wallet....
There are ways to mitigate that. A computer can easily be used with no connectivity, one can even go as far as disabling the hardware, either physically or via bios settings. Since neither are connecting to the internet an open-source air-gapped hardware wallet and an air-gapped computer would essentially be the same level of security, but no more or less in my opinion.
All modern computers and laptops have hidden spy operating system running all the time, and only way to remove it is maybe with Coreboot or with other open source alternative bios, but that needs flashing chips with raspberry pi.
Lol, the end is nigh.
That's what I'm saying, that any wallet with a secure element has the potential for the private keys to be grabbed by a malicious update
That's why you want the firmware to be transparent. Open-source or otherwise verifiable firmware will be vetted by the general public not long after it's released, so even if you can't verify the code yourself just be patient before you update. Air-gapped computers and hardware wallets such as the Passport or ColdCard mitigate the risk even further, because you physically have to transfer the data from the air-gapped device to the online PC. But, regardless of whether it's an air-gapped hardware wallet or not, the only way you're going to protect yourself from being hacked is to always verify transactions on the device before confirming them, and again before broadcasting them.
I'm saying that I'm not likely to trust any HW wallet that has a secure element that can possibly be tapped into by the devs or anyone else, and all of the best-known HW wallets do have one. That's why I said it's game over for me and storing crypto on any device. I've come to the realization that they're not really necessary (for me at least).
It's better to have a secure element than not! If you don't have one, any hacker can create firmware that'll bend you over. Most reputable hardware wallets have the ability to verify firmware, and I believe that happens in the secure element. It prevents anyone without the signing key to create an update that will pass verification. So at the very least, you know the original manufacturer/developer is the only source for verifiable firmware.
I wasn't hatched out of Satan's hellspawn yesterday, you know.
Oh, I didn't think it was yesterday, but I didn't know we were related.