Version: (using KDE 3.5.9) Installed from: Ubuntu Packages OS: Linux Generally other package managers (e.g apt or synaptic) warn the user if packages are unsigned. While this might have at one point been a nice to have feature, in the current era of DNS cache poisoning attacks package signatures are the only guarantee we have that the package being installed is authentic. This is essential. In the past, I would have categorized this as a wish, but no longer.
The possibility of attack has been roughly the same, DNS poisoning or not. I don't think the risk is nowadays any higher than it's been a few years ago. (Really, do you know how efficient are http certificate warnings? Below 1 %, at least that's a quote from a private study evaluating man-in-the-middle attacks against https. Sad, I know. But users generally just ignore security warnings. I have no idea why, really.)
Adept has been in the unmaintained state for a few years. Use muon[1] as replacement . [1] https://launchpad.net/muon