If you don't encrypt your data and verify the sites to which you connect (both of which https does) then anybody between you and them can intercept and alter the transmission.
I agree you shouldn't have to do it, but you need to worry about more than just your ISP.
Just assume any unsecured internet connection is actively hostile, and you'll be better off.
I agree you shouldn't have to do it, but you need to worry about more than just your ISP.
Just assume any unsecured internet connection is actively hostile, and you'll be better off.