Re: HTTPS by default?
Because some people may want to visit the http version of a site - for testing purposes for instance or the https version of the site may be an entirely different site altogether or a security or certificate problem may mean the https version is down while the http version is up etc etc.
Having a third party decide that it is going to disregard your wishes and the site owner's wishes is not a great solution - they'll be removing parts of the url completely next.
Maybe a popup to say there is a secure version of the site and would you like to visit it?
Maybe use HTTPS Everywhere extension which will use https?