No, not that, the rest of it. I meant the fact that it's a binary blob which hasn't (recently) been subject to review by users.

The rest of it is covered by my second argument. They don't want you to see it due to highly proprietary stuff running there.

And if you agree about code signing, do you really believe that letting everyone see it, but then not allow anyone else to change it, is a good idea?

It's better than not letting anyone see it, and also not allowing it to be changed.

At least in the case where the code can be inspected, it can be checked for vulnerabilities, backdoors, etc.

That is better than nothing, especially if the vendor can be asked for a fix.