Isn't it kinda "uneffective" (read. nonsense) to install the .deb file manually, instead of adding a repo? odds of malware is same, if it's a malware repo -which does not exist for N900 yet afaik- that particular debian package would be malware too, and you are installing it.