It isn't secure at all, http is plain text, the point is if browsers produce explicit warnings that the connection is not secure, it will encourage more web sites to provide https. It is a step in the right direction.
You think they will get the message if Google puts "This connection is not secure" in neon lights, websites will use HTTPS for all their connections, now that we have a few encrypted email company's you still have the majority of people still not using them.
Combine this with the initiative by the EFF and Mozilla to introduce a free certificate authority you may well get some further uptake.