Thought 1: In the future, consumer-level browsers will increasingly be connected to trusted sources of sites that the browser should not attempt to visit. Many active anti-phishing schemes (such as the NetCraft toolbar) do something like this. But the lists are composed of URLs which have to be manually reported by users and verified by hand, because it’s impossible for browsers to automatically detect phishing attacks with perfect accuracy.
Thought 2: Currently, if a security hole is discovered in a browser, you generally have to update or make a configuration change to be protected – there’s no way for browser vendors to protect users who take no action. And many users don’t upgrade immediately, if at all.
Then, older browsers which had not been upgraded, but which were blocking sites from a list including that feed, would still have some amount of protection from attack. As soon as it had been reported by one user using a new browser, all users using older versions would be vaccinated against attack from that site.