When we add a third-party apt repository to our software sources, that source can replace just about any package on our system. That strikes me as a pretty serious security risk.
For example, suppose you get the latest version of Skype by adding skype.com to your sources. Someone hacks the Skype repository and adds a malicious version of Firefox. If the compromised Firefox has a newer version number, then your system will be updated and you end up running the malicious Firefox that transmits private data to Dr. Evil.
I'm just using Skype as an example, it could equally well be mplayer, medibuntu, or John Doe. Clearly the more repositories added, the greater the chance of being compromised.
And when a repository is hacked, all the systems using that repository can be compromised.
Of course the hacker has to get hold of the package signing system too - this provides some protection. But nevertheless control of what packages can be installed should remain on our end.
Here's the key point: just because a repository is in our software sources doesn't mean it should be able to replace *any* package on our system.