And what would a "responsible company" do in their place? Don't use any nr52 chips at all? It's not like Apple could do anything about this vulnerability, except not putting any sensitive information like symmetric keys in the firmware, which should be standard practice anyways.