Honestly Ledger. They've been caught a few times over the past few years doing increasingly shady shady things. The most recent is essentially baking in an option to a firmware update that they would be able to give up your seed phrase under some circumstances if required to by law or XYZ. Not your keys, not your coins. Avoid.

Anyone with "crypto" rhetoric.

Um... hmm. Any of them that require KYC. You know they're giving it up for money.