He probably just has better things to do and who cares (aside from Google)?
I have a number of old sites (including my blog until recently) which haven't been switched over to https yet. It's not that I can't do it or that there's any real reason not to use https on those sites, I just have other things going on. PG set up his site years ago when https wasn't a default on the web, that's probably the real answer.
Maybe somebody gets between a reader and his site and injects ads or something.
Or maybe ISPs or local networks can watch what readers read.
I don’t think either is that big of a deal and wouldn’t bother if I had sites.
You're not paying him anything to read his website. He does not owe you a single thing.
I’ve used dozens of ISPs and never had this problem. Guess I’m lucky.
I don’t care if people inject stuff into my http content. If it becomes a significant problem, I’ll think about it.
Simplicity is a reward. A big reward.
I have a number of old sites (including my blog until recently) which haven't been switched over to https yet. It's not that I can't do it or that there's any real reason not to use https on those sites, I just have other things going on. PG set up his site years ago when https wasn't a default on the web, that's probably the real answer.
https://news.ycombinator.com/item?id=24676257