On this I’m taking a pragmatic stance. I’ll take a win that prevents landfill, encourages long service life etc. There is simply no way in hell companies are going to release source code, it just isn’t going to happen. Ever. If we dig in too hard on that point we’ll lose the whole battle. We have to start at the top with Apple, Microsoft, Amazon, John Deere, BMW, Audi/VW etc and work down from there. If you demand source code they’ll justifiably play the ‘security’ card, and with good reason. They’ll win too.
There are plenty of examples from computers. In my personal experience, I have two ARM-based computers, one a laptop and one a small desktop box, both of which are now landfill fodder because the company refused to provide drivers for the display, among other things. So, the devices are stuck with binary drivers from yesteryear that are made for an old version of Linux (pre-devicetree, if anyone is interested) that cannot be updated without the help of the company, which has abandoned the devices. I keep holding on to them as if there is something that I could do, but at some point they'll be binned or sent to someone who thinks they could do something with them. I won't use them as they are due to the security risks of using such out-of-date software.
One hi-fi example (to the extent that I understand it) is with the Naim pre-amplifier that I have, the NAC112. From what I understand, the volume control in this pre-amp is controlled by a microcontroller. In some cases, that can start misbehaving. Naim won't fix it (again, from what I undestand, happy to be corrected). If the firmware for that microcontroller were made available, maybe a community fix would have been identified by now. Since it hasn't, this device has a low resale value and some repair services won't touch it (I remember MJ from Witchhat said somewhere in this forum that they wouldn't work with it). In my case it still works fortunately but it's just something that I have to be aware of that will potentially shorten the life of the pre-amp.
Lastly, with more and more hi-fi gear being effectively Internet of Things devices, they contain small computers and are thus subject to security concerns. If the user cannot inspect and fix the software, then the device becomes a security concern. And we cannot accept the lie from companies that
"security through obscurity" is security at all. Competently written software can be both highly secure
and open source. See, for example, the end-to-end encrypted chat software, Signal. Not to mention all the standard security libraries that underpin the internet like openssl/libressl, gnutls, etc. Yes, there have been major security problems identified in these, but that only led to fixes.