Actually, I think your point of view isn't that far off from what the article suggests. The goal shouldn't be to stop a state actor or a reverse engineering expert, but simply to meet basic business requirements at the same cost.

It's more about risk management, like raising the bar high enough so that the revenue model isn't affected by a bored casual user with a free Android app.

That said, your point is correct, it's difficult to make a robust DRM (it has taken industry giants quite some time to come up with models that remain “secure” for a certain amount of time)... but we are talking about a cheap toy, in which I don't think anyone would invest much more than a few hours trying to breach it.