Same

Does that mean blind trust in apt repositories?

You should check out extrepo. Repo management for apt. Extrepo search Extrepo add Apt install

I think apt checks signatures. You only need to be careful when adding a new repo to verify the pubkey there.

upgradepkg --install-new Or sbopkg -i Or when you're too lazy to throw together a slackbuild script, ./configure && make && make install I've gotten better about not using that last one so much in my old age though.