Currently someone could spoof the dns on a server and make you download a fake browscap file. The file isn't super sensitive, but it's always nice to avoid that if possible.
Thankfully, Gary is now providing the file via HTTPS: http://twitter.com/GaryInMiami/status/4724622463
We should use that. Major thanks to Gary!