It is theatre. Even your non-techie friends can use google, which immediately leads to tools that can brute force the master password (http://securityxploded.com/firemaster.php), and without a doubt there are tools out there that will read the master password from running memory, and I'd expect that to appear in open/published tools like the above someday too.
The main problem with this theatre is that you and other people might be fooled into believing you are more secure than you are, and store things there that you should not.
The software developers are refusing to participate in this theatre in order to force you to recognize the actual reality of the situation.
If one person stores their bank credentials in their browser password database and looses their life savings, it's unacceptable.
Note -- Pidgin doesn't support a master password nor does it even obfuscate the stored passwords, the passwords are stored in a text file IN THE CLEAR, because they are making a conscious choice to explicitly point out to you that there is no actual security for 90% of the cases where you will be attacked. If someone can read your files and your user's system memory, they have you.