I've been bothered by the so called ``GPG error'' for some days. There was an error message about the wine, which was installed for the IEs4Linux. My experience of using the IEs4Linux, however, had been not positive, so I decided to remove it as well as the wine package.
After removing the wine, the error message about it was gone, but there are some other errors. Then I searched solutions via Google, and followed several approaches including something like the follows.
$ cd /var/lib/apt
$ sudo apt-get clean
$ sudo mv lists lists.old
$ sudo mkdir -p lists/partial
$ sudo apt-get update
Also, I noticed that in the error messages, there are terms about ``hardy-security main'' and ``hardy-security universe'', so I found them in the sources.list and blocked those lines contain the terms. Then, I tried and tried, and finally I restored the old /var/lib/apt/lists and have the following error message:
W: GPG error: http://security.ubuntu.com hardy-security Release: The following signatures were invalid: BADSIG 40976EAF437D05B5 Ubuntu Archive Automatic Signing Key <email address deleted>
I was totally missing in what I was doing because I have weak background in the update issue.
And just several minutes ago, I saw on the internet that someone suggest people who encounters such a problem could change the download server. So I also tried it. At the first try, it didn't work. I noticed a button read ``Select Best Server'' and tried it. Then reload it and problems gone. Actually I don't think I've not really solve the problem yet because I am not sure what I've done. But at least, I've learnt that servers could be related to the updating problems.