With all the shenanigans with exchanges and DDOS against pools, it's only a matter of time till the forums fall victim to something...
Would SSL by default help avoid "some" problems? Probably.
A cert is very inexpensive nowdays. I'm sure ppl would chip in for this purpose if we were asked to do so.
It keeps your credentials encrypted at least which makes man in the middle attacks essentially not possible [I suppose if they have the certificate and somehow change DNS records ...].