It strikes me that today's routers provide pretty good protection against a lot of non-user-initiated attacks against the OS. They're also very inexpensive. That sparked an idea:
How about building the firewall portion right onto the motherboard of today's laptops and desktops.
It should be possible to bundle that into a single chip. It should sit between the motherboard and any built-in network connection, like wired Ethernet and Wi-Fi cards. (3rd party devices, like a USB Wi-Fi dongle would have to fend for itself.) It could be configured to act almost like a separate component. Most of the configuration could be done through a browser, just like today's routers. There should be an option to bypass the firewall on some of the connections, for maximum performance when necessary.
This would provide the ability to plug in/log in to any network without exposing the OS to potential attack. Say, a laptop being used on a poorly-configured coffee shop Wi-Fi that exposes the customers' computers to each other. Or, attending a LAN party and plugging your desktop into a new network.
This would also give Dell an opportunity, for a while, to advertise that their computers are better protected than the competition.