[CamperBob2]

Here's a novel idea: how about popping up scary warnings when an insecure site asks for information, as opposed to if the insecure site merely exists?

Static content does not need https unless there are reasons for privacy or MiTM concerns related to the nature of the content itself.

[rakoo]

But you don't know if it's the real content. There's a problem even before entering information. What tells me it's your holiday pictures and not someone else's, and a person in the middle wants to tarnish your name ? What if your ISP/your hosting provider adds ads in the page, or a MiTM adds a link to a scam site ?