It’s surprising that this crowd seems uninterested in the non-https status of the (otherhwise very cool) site. Have we decided it doesn’t matter? No sarcasm intended. I’d really like to know.
HTTPS Everywhere is dumb security theater that desensitizes users to potential issues when it should otherwise matter.
When only important shit you really wanted to encrypt was encrypted and you get a cert warning you took notice. Now one in 10 sites with an "easy/free ssl cert" that expired has normalized cert warnings on pages with cat pictures and bank sites alike.
Are you worried someone is going to inject a false movement into the page? I'm not giving the page any personal information. There isn't even a login. What would you be guarding against by switching to HTTPS?
In practical terms it doesn't matter, which is probably why HN doesn't seem to care. But in my opinion, it's free and easy to get an ssl cert and so from a norms perspective it should be viewed as non-negotiable today. It doesn't actually add much to the website but it's best practice, like changing the default password on a raspberry pi even if you never plan to network it.
