The discovery of the SSL-stripping exploit eventually persuaded the web community that they should serve all traffic over HTTPS. You should too!