The software packages are signed and therefore we are protected from manipulated packages.
Nowadays modern browser block downloads over insecure connections.
Manually downloading things from packages. Ubuntu. com causes trouble therefore.
It would be nice if the servers offered a TLS encrypted end point to avoid this.
On top of it this protects the privacy of the user. Even more when combined with other ietf standards.