Negative Feedback for Insecure Connections

Web browsers inform the user that they have a secure connection to a website with a lock icon:

If the web site is willing to spend a little more money, they can get an "Extended Validation" certificate, which will make the browser show a green bar:

When the connection is not secure, the browser gives no special indication. Unless the user looks for the lock and sees that it isn't there, they won't know that the page is insecure:

Even though insecure connections are still extremely common, there's no reason it has to be this way. The browser could warn the user by displaying a broken lock, like this:

We think browsers should do this.