I mean, they only need to make the card identifier read only, not the firmware. Outside of that, I see little reason for nouveau not supporting 3D.

I doubt this explanation is true. They went out of their way to design a "signature check" specifically for the firmware running on the Falcon μcs, all of which get their firmware from the driver, not that knock-off vendor. The only "firmware" that is persistent on the GPU is the VBIOS, and although this too is now required to carry a valid signature, it's the one bit that doesn't have anything running on the GPU itself and - because it is persistent- also the one signed binary that doesn't get in of nouveau's way.

The attack vector they consider is more likely to be GPUs in the cloud. Here advanced attackers could technically upload modified firmware in a hypervisor, and use that firmware to get access to guest OSes' framebuffers and other potentially security-sensitive information.

Kind by nvidia. Dont really see the point of it though, since the proprietary driver works very well.
If you want to be a "blob" free activist, then go ahead, Im perfectly happy with signing my soul to the devil and not worrying about hassle. Peace.

The proprietary driver has notable issues, especially for optimus laptops or cases where you're using multiple graphics cards. Plus, the open-source graphics stack is much better integrated with the kernel than nvidia's proprietary graphics stack, and would likely be easier to maintain in the long-term.

I welcome any improvements Nvidia can contribute to Nouveau with open arms and rejoicing.

You got driver CD along with the card, no other driver wouldn't
usually work with the card, yes.
ebay used to be full of Chinese re-flashes with weird "brand names".