There is a strong difference between exposing everything as part of the API, and making it permanently inaccessible. Taking your car example, imagine if the engine were in a locked black box. Any modifications or changes necessary would require replacing or duplicating the ENTIRE ENGINE. Instead, those with the proper know-how, can get under the hood when necessary. Making the engine accessible doesn't force drivers to know everything about it. It's hidden, but accessible when needed.
To round-trip this analogy, I can't edit the source code of a system library or purchased component unless I have the source, and have the rights to edit it, neither of which are a given in today's world.
Sure, an epoxy-encased engine isn't going to let me tinker with it, but I will never tinker with my engine. That's one of the wonderful things about separation of concerns that OO gives me, including all the perceived badness of enforced privacy: I can work on my particular thing without needing to know anything about the innards, because it is not my responsibility to do so, neither explicitly through delegation of concern and documentation, or implicitly through presentation of a semi-private API.
If I'm able to see it, then I'm expected to see it, and that blurs the lines of the API.
