[kiririn]

Even with default https etc, HSTS still adds some defence against MITM - browsers won’t let you even forcibly accept a self signed certificate

[AlotOfReading]

The number of MITM attacks that's thwarted for me remains zero, while sites forgetting to renew their certs despite setting HSTS is a fairly regular occurrence.

[zeeZ]

Not being able to access the web interface where you have to manually upload a new certificate due to HSTS and the old certificate having expired a couple hours ago...

[kiririn]

Yeah it’s more of an annoyance for sure. I only discovered it was a thing when intentionally MITMing a domain on my router