[jacobparker]

Yes and it doesn't even protect the password appreciably either.

User logs in with HTTPS, gets redirected to HTTP site and the MitM throws up the "Incorrect password try again" page. User types their password and transmits it over HTTP or JS steals it etc. etc.

eBay does it because they aren't sufficiently interested in protecting against MitMs.

The web isn't ready for HTTPS only yet but it will happen over time.

[ultramancool]

It's already pretty much happened, I can search google, browse wikipedia, read email, HN and reddit, even click the images on imgur all without leaving the SSL comfort zone. Even facebook seems to have taken this route. Most big sites now offer SSL-only.