every opensource wallet can push a malicious code on your device with an update which steals your mnemonics and your funds.

how long does it take before anyone will notice? when the funds are gone.

you have to ask these questions:

how long are these manufacturers on the market?

where do they come from? in some countries you have impunity for fraud, in the usa it could come from a cia company

how many hacks did they have?

how can you verify the hardware components of your device?

i trust the french/singapore ledger. if they do anything illegal, they go to jail.

they never had a hack in 8 years, never had a backdoor in 8 years. the ledger nano s is even too small for the new service. you do not even have to update the device. i am not worried about anything other than the deteriorating purchasing power of btc.