HTTPS is still definitely more secure than HTTP. At least then people have to work harder to steal your data while in transit, or modify the data you send/receive. Is it better to lock your bike up even though someone could cut the lock?
The question is really, is encryption better than no encryption? The answer is pretty much yes. Since any type of security takes more effort than no security, that needs to be factored in. So forcing people to use SSL to view your blog about the best ways to render lard makes no sense. But for any connection that handles private data, or allows changes to private systems, encryption should be used. Encrypting your hard drive is probably overkill, but if you store usernames, passwords, and account info, that should definitely be encrypted.
Most of the issues surrounding encryption have to do with the implementation of it, or the supporting protocols. Not the cipher algorithms themselves that render your data unreadable. There are a few notable exceptions like DES and WEP of course. But modern encryption protocols (cipher algorithms) themselves are generally pretty sound. If they weren't then:
- Why does the US have such serious export restrictions surrounding cryptography to nations like Iraq, Cuba, Sudan, etc? A few other countries have similar restrictions. Even France for a long time had pretty serious limitations not just on exporting, but usage as well inside the country.
- Why did the founder of PGP get harassed by the US government for releasing his crypto software?
- Why does the US government (FIPS) and compliance standards (PCI/HIPAA) concerned with safe-guarding data require strong cryptography?
Because the underlying ciphers work very well. And generally, a given cryptographic system like SSL works pretty well too. I think the biggest issue is people's ignorance of the limitations, and unreasonable expectations. People don't expect that just because they lock their car it can't be stolen, but they seem to expect that just because their computer doesn't pop up a warning saying something is unsafe, it must be. To go off on a tangent, it's that same misplaced trust and ignorance that leads to most virus infections - people opening attachments that are obviously fakes or downloading software from sites they have never heard of.