what prevents any company from releasing their code under MIT and then adding a shrinkwrap EULA that prevents looking at the code or modifying it? The license wouldn't mean anything.
This has been an intentional feature of MIT/BSD licenses all along. Tons of proprietary products are built on MIT/BSD code.
You can build a proprietary product on top of MIT/BSD code. You can not revoke someone else's license. You CAN put MIT code in a proprietary product and not share it. But you can NOT tell someone else that they are not legally allowed to share code that they have been given under an MIT/BSD license. The MIT license is permission to share the code.
Nothing would prevent this project from building a proprietary product with MIT/BSD code in it and not sharing the code or sharing it under a different license. But if they say, "here's the code it's being given to you under an MIT license" -- then I don't see how they can add on top of that "subject to this NDA". If they give you the code MIT licensed, it's MIT licensed. If they give you the code with a bunch of other licensing restrictions, then they're not giving you an MIT license, they're giving you some other weird hybrid license that is not Open Source.
We don't have a licensing mechanism that I'm aware of for allowing companies to say, "here's a legal document outlining the terms of this license, and also pretend that these terms aren't binding."
This has been an intentional feature of MIT/BSD licenses all along. Tons of proprietary products are built on MIT/BSD code.