Thankfully, there are no GNOME hackers in the village of about 50 houses where I live in the middle of Essex, so my only actual response was to rant in reply, and nobody actually got nailed to anything.
Bryan, you have a good point about SSL; a better solution is required, although it's not clear what it would be. Your first option ("Deny sites without correctly-signed certificates") would be a whole lot more attractive if we could get mozilla bug #215243 fixed, to include the CAcert root certificate in firefox by default. That isn't a panacea though, of course, but it helps. And we could perhaps ship firefox to deny by default unless you manually go in and change the config to do otherwise.
But phishing is a real problem -- people are stupid. Sometimes it's good to pop up that dialog box, and if it stops just a few people from entering their bank details even when they don't actually understand what it's saying, that really is a good thing.
Perhaps one easy improvement in the short term could be to improve the behaviour. When a self-signed cert, or cert with an unknown signature is seen, the report could be less technical and just say something along the lines of "There is no proof that this 'secure' site is actually who it claims to be. Your communication will be encrypted so that others can't listen in, but before you give any personal details or passwords you should make sure the web site is genuine. Do you want to continue...?"
You're still asking the user, but at least they have a slightly better chance of understanding what you're asking -- and more to the point, they'll be a little more reluctant to enter their details into the site in question.
The Digg idea is interesting -- and at its root isn't fundamentally dissimilar from the idea of adding the CAcert root certificate. The principle behind both would seem to be that you allow more people -- clueful people -- to 'approve' sites so that the dim people in front of the browser don't have to make a decision. There's a lot to be said for that, however it's done.