That feature is basically the same as 2-of-2 or passphrases, and the problems with 2-of-2 have been pretty well documented by now. I did my own research and architecturally it is significantly flawed. There are many weak points where you could be getting a backdoored device. The used secure elements are weak and outdated. “Don’t trust, verify” goes much deeper than reading some marketing claims about “ultra secure” from the vendor and I see too many people falling for it. New Trezor for example is “quantum ready” but any device within the last 15 years is as well. Personally I’d recommend something like a SeedSigner with a proper multisig and a BitBox maybe.

I use a geographically distributed 3-of-5 multisig + seed XOR and Smanir Secret Sharing as a secondary backup in case the banks get shut down again. During lockdown, I couldn't access my Trezor for 3 months and that made me re-evaluate everything. I agree that seed XOR together is a bad idea. I'm currently playing with time locks using Miniscript, but only with small amounts so far because I'm not 100% confortable with it yet.

Does the BitBox have an air-gapped mode?

They prefer to write articles about why airgaps aren't as useful as we think. Stinks of "filters don't do anything." Airgaps aren't a be all and end all. But they are one element of a solid security strategy, and writing it off is exactly why I'm not a Bitbox customer.

@semisol do you have thoughts on javacards? e.g. satochip