I'm sure that there are two sides to this argument. The guy that wrote the ssl bypass script was able to get secured information from a site. Even though he could do this, the author of the article said the bogus site had either 1)special characters in the URL, 2) did not use HTTPS, or 3) Had a lock icon on the bottom, again without the HTTP.
I would like to know how you are securing your websites or your customers websites? Are you using third party software applications to ensure security, or just practicing solid secured code?