Hi, I was the one that originally proposed the update-smart-drivedb idea upstream (in 2010!).
https://www.smartmontools.org/ticket/59 At the time I was trying to solve the problem of the drivedb getting out of date in debian releases very quickly and thus having to use backports or stable release updates to get it updated. I now agree with Christoph that this is a risky thing to do. I think it should be enhanced to support authenticated copies of the database (GPG sigs? HSTS to a particular https site?). Until then I think it should be disabled or at least prompt the user to manually verify a checksum or something. This bug can probably be forwarded upstream. Thanks, -- Matt Taggart tagg...@debian.org
