One assumes you are trying to complain about vulnerability to a man-in-the-middle attack from an http (not https) apt mirror.

1. There are https mirrors. You are welcome to use one of those. See...