I just noticed the Mt. Gox's login works by submitting the username and password, unencrypted (well, it posted to an SSL site, but the password is in clear text in the URL).

That makes me very uncomfortable. It makes me suspect the site has not been well coded. I feel like there is a high probability that mtgox is compromised to some degree.