Boxee including XULRunner isn't circumventing any "encryption". Boxee is then a browser which works on your TV. I'm guessing the content providers for Hulu don't know that you can use your TV as a monitor for your computer yet either.

Also, I never heard of JavaScript source code that is meant to be eval'd qualifying as "encryption". At best you can call it obfuscation.

    document.documentElement.appendChild(document.createTextNode("omfg this is encrypted!!1!!!! DON'T TRY TO CIRCUMVENT"))

So the networks would rather Boxee users download full HD, ad-free versions of their shows from the Pirate Bay rather than watch the low-def versions with ads from Hulu?

And then they complain about losing money...

It's pretty easy to circumvent the encryption, but the act of doing so might be a DMCA violation.

What is html encryption anyways? obfuscation?