hello

i am receiving this error

Code:
W: GPG error: http://gb.archive.ubuntu.com precise Release: The following signatures were invalid: BADSIG 40976EAF437D05B5 Ubuntu Archive Automatic Signing Key <ftpmaster@ubuntu.com>

and i wonder if this is something that is 'correct'

i wonder if the repo is not being has not being compromised.

i tried solving this by:

Code:
gpg --recv-keys 40976EAF437D05B5
gpg --export --armor 40976EAF437D05B5 | sudo apt-key add -
but it does not solve the problem - so are these packages signed by someone other then Ubuntu?

thanks,