Does anybody actually use Quicklisp? If so, why?

It is incredibly insecure and vulnerable to man-in-the-middle attacks. The security issue has not been fixed after more than 5 years: Use HTTPS instead of HTTP. This does not inspire any confidence in Quicklisp.

Perhaps Common Lispers prioritize “convenience” and don’t care much about security.