Comment by account42
Or to really drive the point home, the only reason we give companies exclusive control over certain names (trademarks) is so that they can build a reputation. If companies are going to just license out the names to whoever gives them money anyway then we might as well get rid of trademarks entirely and let anybody produce crap knock off products without having to pay a trademark owner.
I suspect from a company perspective, it is all just different degree of relying on a supply chain. Any company that outsource production that goes directly to customers are relying on reputation and contracts, and the assumption that they can apologize to customers and change supplier when/if something goes wrong. I seem to hear that a common practice is to do random sampling in order to do quality control, but in terms of supply chain attacks it wouldn't do much good if the attacker is a state actor with the ability to create non-tampered version.