1) Most people don't have SSL enabled for most (if any) sites that are optional.
2) Most normal users are using the standard build for MacOS/Win, not the dev channel, and not Linux.
3) This requires no XSS or anything remotely tricky. Just a couple hundred bytes of HTML, and that's it.
4) Most web forum filters and formatting code (including Markdown) let this thru just fine.
Maybe I'm blowing it out of proportion, but if you wanted to be a jerk to a whole lot of people very easily, you probably could.
EDIT: Grammar
1) Most people don't have SSL enabled for most (if any) sites that are optional.
2) Most normal users are using the standard build for MacOS/Win, not the dev channel, and not Linux.
3) This requires no XSS or anything remotely tricky. Just a couple hundred bytes of HTML, and that's it.
4) Most web forum filters and formatting code (including Markdown) let this thru just fine.
Maybe I'm blowing it out of proportion, but if you wanted to be a jerk to a whole lot of people very easily, you probably could.
EDIT: Grammar