The Forum does not use HTTPS (see:
https://en.wikipedia.org/wiki/HTTPS). There are two aspects of HTTPS that are of concern:
1) HTTPS verifies, to some extent, that the website is who they say they are. Before you feel too warm and fuzzy, I obtained an SSL--'secure socket layer' certificate, required for HTTPS--for a website because the company I worked for was listed in the phone book
2) more importantly, HTTPS encrypts transmissions to and from the BCF. This is relevant if, for instance, you are connecting over Wi-Fi in a Starbucks or public library where anybody with 'sniffer' software can see private data--e.g. passwords--in 'clear text.'
Since most of us are likely connecting at home--based on the length of some of the replies (like mine) and attachments--it's probably not a big deal (unless you use the same password to log on to your Bank of America checking account in which case, shame on you). OTOH, FaceBook just got busted--AGAIN--for storing millions of user passwords in clear text and again, if you're using the same password for FB and your American Express account shame on you.
HTTPS by no means guarantees security, but it's like the old saying 'locks are only for honest people.' Using HTTPS requires getting a certificate, and it has to be updated, I think, yearly, and it requires some changes on the server (HTTPS uses a different port than plain ol' HTTP). It seems like even the most innocuous websites have begun using HTTPS to prevent the type of comments we're talking about here, even if they don't exchange sensitive data. In most browsers, you can declare an 'exception' to bypass the security checks.