Hey. That's really very sad to hear.
I think actually the opposite would be good. Just as with any addons for Firefox/Thunderbird, GNOME, Cinnamon, etc. ... having these as proper Debian packages (instead of everyone downloading them on personally) not only gives in principle security support coverage, but also some level of protection because a possible attacker can no longer selectively send out hacked versions to only certain users, but would rather hit *all* (Debian) users, which makes it more likely that an attack is ever noticed. Cheers, Chris.
