The discovery of the SSL-stripping exploit eventually persuaded the web community that they should server all of traffic over HTTPS. You should too!