I'll take your word for it but a person still wouldn't be secure would they?
SSL certificates only really prevent man in the middle attacks. They just ensure the data is encrypted as it travels from the server to your browser.
In actual fact, they may not even prevent MITM attacks anymore. Depending on the type of certificate, one could theoretically brute force the private keys in a matter of days if they were determined enough and had access to suitable computing power.
Frankly, there’s no real compelling reason a forum like this needs to run SSL full time. You’re not submitting sensitive financial information or anything. Hell, when you log in your password isn’t even transmitted in the clear; it’s hashed client side and that hash is what is sent to the server.
The only reason that basically all sites now run SSL is because Let’s Encrypt made it
free and easy to do so. 15+ years ago it cost
several hundred dollars a year for VeriSign to sign your certificate, so you only really saw them on eCommerce sites, to guarantee credit card numbers were encrypted in flight.
Source: I spent the 2000’s deep in the web hosting industry. I’m now a development engineer at AWS.