[cjbprime]

You're right, though you're being a little rose-tinted about the situation. I think amazon.com shopping turned on redirects from HTTP to HTTPS last year sometime -- before that they would even redirect from HTTPS to HTTP. That means that until last year, in most instances, your coworkers or your fellow coffee shop customers could see which items you were considering buying online on Amazon. That's really, really bad!

Also, HTTPS doesn't protect domain names. If you're making TLS connections to (e.g.) a porn site over WiFi, the other people sharing your connection don't need to decrypt your traffic to know what you're doing.