One of the reasons why I believe GOOG moved toward defaulting to HTTPS is not for your security, but to ensure that only they have a copy of your browsing history, research interests, etc.
Once someone in the middle has a copy, the value of their trove of data falls precipitously.
I'm surprised as well that Amazon doesn't use HTTPS, they have a lot to gain by being the only one that knows you're interested in a particular book and not anyone else. It could help them get the sale instead of competitors relentlessly targeting ads against you as soon as you express an interest to their site.
Once someone in the middle has a copy, the value of their trove of data falls precipitously.
I'm surprised as well that Amazon doesn't use HTTPS, they have a lot to gain by being the only one that knows you're interested in a particular book and not anyone else. It could help them get the sale instead of competitors relentlessly targeting ads against you as soon as you express an interest to their site.