An improvement suggestion - supply context. Of course, loading third party firmware can lead to this. Trezor, as the engineer pointed out, open sources their firmware to eliminate any suggestion of possible key extraction.