Nice hack. It's not obvious whether it still works now that GitHub Pages uses HTTPS, though the fact that clicking on the page triggers the same action as clicking the page icon/padlock suggests it does.
I'm on a Linux machine and figured out the trick fairly quickly: clicking the green padlock does not perform the same action. That's part of the hack too, the interface that pops up is styled like the Windows dialog and isn't interactive. (Clicking on it simply dismisses it.)
It's quite convincing otherwise, and that's very frightening. :)
