I have this same problem with Hardy. But it goes away after 1/2 a day or so.
My take on this is that apt is doing its job correctly, but the alert / message that is being displayed to the user could be reviewed.
W: GPG error: http://archive.ubuntu.com hardy-updates Release: The following signatures were invalid: BADSIG 40976EAF437D05B5 Ubuntu Archive Automatic Signing Key <email address>
Maybe this could be abbreviated into a more user friendly message that will not lead the user into thinking that their system is in some way compromised.
I have this same problem with Hardy. But it goes away after 1/2 a day or so.
My take on this is that apt is doing its job correctly, but the alert / message that is being displayed to the user could be reviewed.
W: GPG error: http:// archive. ubuntu. com hardy-updates Release: The following signatures were invalid: BADSIG 40976EAF437D05B5 Ubuntu Archive Automatic Signing Key <email address>
Maybe this could be abbreviated into a more user friendly message that will not lead the user into thinking that their system is in some way compromised.
Just a thought...