It is also true that making attackers spend time and resources has value. Just because you're trapped in a Red Queen race doesn't mean you should stop running

But way too often getting into the TPM on one machine leaks secrets that enable a global compromise. In the case of media piracy, for instance, DRM might inconvenience millions of people but it takes just one person to crack it, either head on or through the analog hole and then the files are on BitTorrent.

It works in practice because most don't have enough time, physical access, and electron microscopes.

I think it provides a false sense of security in practice. You end up relying on security methods that dont work against adversaries above a level of initial investment.