In the history of the malicious site blacklist I've only ever tried visiting one or two sites that were flagged. For your average non-technical person sure, keep it enabled. For someone browsing HN and editing config values it's not a problem.