[Someone1234]

That line caught me too.

It makes YOU (the consumer) less vulnerable to "hacking" (MiTM), it actually doesn't make the website less vulnerable and as you quite correctly pointed out somewhat more (just due to increased attack surface).

That's a large part of the reason HTTPS/SSL isn't more common: It doesn't benefit the website as much as it benefits their customers and there are both real and perceived costs in deploying HTTPS.

So you have to put pressure on them (websites) to adopt secure defaults. Google are now helping hugely.