If you naively depend on the client, sure, it will be game over, but that is true of any naive security.

Endpoint encryption does solve many problems, but it doesn't solve all of them. Take a bank case: sure, you could encrypt your account number and transfer amount on your machine, but the how is the bank supposed to do anything with these random bytes you've sent? If they have the keys (like they do with SSL), we aren't any better off.

With some complex public key crypto, you could maybe make things better, but you would be dependent on everybody treating their private keys well. I'm not convinced big companies could manage that, much less "Joe the Plumber".

Trusting the client is not the same as securing the client.

Edit: I didn't like my initial tone, so I backed off.