Don't rush straight to another hardware signing device, learn the basics of Bitcoin self custody first [Serious]

Hello community,
it is now pretty clear for everyone that using a hardware device for generating seeds and signing transaction is not the foolproof 100% secure solution for Bitcoin self-custody.
It is also clear that using a closed source device needs the user to completely trust the provider: Ledger openly disclosed that Secure Element firmware can be updated to send out shards and could also potentially be updated to send seed or private keys.
This is a problem because USB connection could be potentially used to exfiltrate Secure Element content.

Some rightfully scared Ledger customers are now looking for an open source alternative and some are rushing to buy discounted similar hardware.

Open source hardware and software allow for peer review and it's a great improvement compared to closed source, but it is still not the solution since code review and audit requires highly skilled profile and it is not a task for the average user that still need to trust reviewers and auditors.
Using open source code and schematics does not guarantee that code won't be changed to allow the same critical update that Ledger is pushing for their devices.
The only solution would be to fork away from the code provided by vendor, and only if the device allows to load a non-vendor signed firmware.
This seems also difficult and inconvenient for the average user.

The most important part about self custody is 'keeping keys offline', and USB connection breaks this rule.

Before rushing to buy another USB device that could be exposed to the same problem, take your time and go into details about self custody.

You don't really need a specialized device to generate seeds and sign safely in a completely disconnected sealed environment.
Using a special device like Ledger is only a convenience, because you can manage your holdings without using a modified computer or mobile (removed network interface) and you can easily generate quality entrophy using embedded TrueRandomNumberGenerator (if available) without boring dice throwing.

BUT, before buying another device, go deeper!
Bitcoin network is not just Ledger Live.
A great starting point to learn more about self custody would be trying to use more advanced desktop wallet application like Sparrow Wallet, or Specter Wallet.
If you have a old unused computer or mobile you can easily experiment 100% disconnected airgapped key generation and transaction signing without a specialized device.
Both Sparrow and Specter allow you to use your own or trusted bitcoin node/electrum private server, support multisignature and PSBT.

Partially Signed Bitcoin Transactions (BIP 0174) allow to:
- generate a transaction on a connected device using UTXO data and fee estimation
- save the transaction on a media (usb key, sd card), or export using a QR code
- sign the transaction on a disconnected device
- save signed transaction on the same media, or generate QR code
- import and broadcast transaction from the connected device

This is a extremely secure solution that involves no trust other than bitcoin protocol, because you can verify transaction content, and there is no possible way for the disconnected device to leak your key.

To test this you only need to install Sparrow on both connected and disconnected device.
You can also keep using your Ledger with the disconnected device to generate a good quality seedphrase and sign transactions securely without risking seed exfiltration by USB. https://sparrowwallet.com/docs/

If you don't have a spare computer, you could also do some testing for experimental purpose using Airgap Vault Android/IOS app on a disconnected mobile, using generated QR codes for signing https://support.airgap.it/guides/sparrow/

This is a great exercise to learn more about self-custody options that could help you to make a more informed choice about hardware signing devices.