[arm64future]

>Do you want ISPs to inject random crap at the top of your website?

If your ISP does this, or if you are on a sketchy network somewhere, then maybe you should not use it at all. Get a new ISP, or use a VPN if you are that worried. If the webmaster is not sharing sensitive information on his casually maintained static website, then that is good enough reason not to use HTTPS. I know it sounds... uncaring.

It is true ordinary people, who don't understand the risks could get MITM'd and never suspect a thing. For some reason I still don't care enough to put HTTPS on my shitty old flash game website. I just can't be bothered. I think that is good enough of a reason. Blame should go on the ISP who are MITM'ing their customers.

[rahuldottech]

Sure, but when the biggest (or only) ISPs in many countries are doing it, and you can prevent it by taking out 15 minutes to set up Let's Encrypt, that's on you.

[arm64future]

Nope. They can get a VPN, or fight against their big ISP or government to stop such dubious practices. Your point of view seems to come from a standpoint of infantilization of these users.

[rahuldottech]

You expect that from the vast majority of the population which is not tech-savvy?

[wolco]

I expect the vast majority to complain if their internet provider is putting ads into website. The bigger the company the bigger the group.