This could have been entirely innocent. It happened to an android device I am familiar with as well. Third-party screens will usually identify over i2c/spi/whatever the same as original, but you cannot apply original firmware updates to them (they are different internally and will get bricked). However, as they are designed to appear original, there isn't always a way to tell. The two options both suck: do not ship firmware updates (bad) or ship them and risk damage non-original screens (marginally less bad). The choice in the case I know of was made to not ship update (it was minor). Apple chose otherwise.
OS performs a handshake with the target subcomponent and authenticates that the component really is manufactured by the manufacturer that is targeted by the pending firmware update. If the authentication completes successfully, then push the firmware.
A flip-side alternative is for the component to only boot firmware that it recognizes as signed by the correct authority.
In the first case the device has an embedded identity within the hardware. In the second case the device merely needs to validate a signature. Crypto acceleration is becoming very widespread and very cheap so I don't see either of these as difficult to manufacture.
You've obviously never been involved in the design/manufacture of an ASIC.
What you're proposing will take roughly 2 years, and be an organizational nightmare. 'Just' having an embedded identity is already complicated:
1. Where do you store the identity? Fuses in the ASIC? Now you need a fuse bank. Not every process node supports fuses, so you may now have to port you entire design to a new process node.
2. Using this new-fangled identity means you can now perform a handshake with the host. Let's 'just' put down an ECDSA accelerator. What do you mean, this increases the die size by 33%? What do you mean it needs to be resistant to differential power analysis? Oh, right, because stealing a single identity means you can make as many clones as you'd like, and we can't revoke identities if we think they're stolen because of laws in China!
Etc. etc. the second option doesn't even work because the cloned device will simply ignore the signature on the firmware.
I used to think this was all trivial too, but having been through this _exact_ wringer 4 or 5 times before I can tell you it is Hard(tm).
I most definitely have been involved in ASIC design. I appreciate how difficult it is. But, the time has come to recognize parts authentication via hardened identity to be a requirement in pretty much all ICs.
Your first suggestion is what is being done. The parts are pretending to be authentic. This game has been played for decades in various kinds of high-volume computing parts without a good solution.
