Halo
I am a Security Researcher at a University. I found serious vulnerability. Any one can compromise an OSMC system and any connected device on network because all OSMC packages can be pretended to be made by the OSMC
OSMC APT key has been leaked on your OWN apt server at http://apt.osmc.tv
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.4.12 (GNU/Linux)
mQENBFORIlABCADIMlOrHEHNk43TuhQ2PZwoN5653WzK3UHfbDA9N/dIFEaWl2N1
eMOkKId2TSAL8bnaXu/9qh/hXsP78IPCujEB6jjvC5qXB0LNOqcQy5aFbXFzmQ9E
NGp1B+mzT35spGc/CwI6cpmY++HjQEVid1+2kzU/4Za+UGlLoULgaFzem9xFT3+F
4epBzLOrHefID4Y5GvIOYd2EQCkreBzIj5WrrjF61UOmA6iamjUM7e68xbyuql3f
HHrWfeUVnOPI5RzzELrY4uPf2vFZKkChI34BovcZLneOHNwN5aCO4l/jBXO+elTS
X/02ID9PidZl2imi983ZVkIh5/D1M1e94dk/ABEBAAG0JlNhbSBHIE5hemFya28g
PGVtYWlsQHNhbW5hemFya28uY28udWs+iQE4BBMBAgAiBQJTkSJQAhsDBgsJCAcD
AgYVCAIJCgsEFgIDAQIeAQIXgAAKCRBVOyWnZsdizMLoB/93RaGJZa2prtl1quYu
jVoCgYEQloxT59P9favDl9LS3EcxM538b9SaoJQBly/9o68RgF4t0KtYY8ijkHPW
mCIdARRK2WiwGwSAKPuSyp8BT+HmkBi/TxVdxGt69e4Zr4iugAC5lQzbb1GBUSJN
lZcgMqisiqZaT8K6zM70rBWniF+6lWqaIyenon4ISspT0uM4XPQBBisGYLjfdqmp
q9pXY3rHhiSqXLporysI3e9M32IJ2ML6pKhjY5PZ+M83GEfyNITi/xExj8yIyxHl
rKoAtmTNcsWSX+XELFzF+AA8zwSMhQ5RD6w8tRdffqU4U8SotM+loT4iKIeKQQtJ
Obb2uQENBFORIlABCAC/Pmhc179RaAF0IgZgFVSjEjrBmzFEC4hugrXUbaJzOWng
o7N6LGLvl1jRFT5YmfNMDHZ7B1KyrxR1pfNHdxBY5EqeTbqVl4KNNuxMZGOoSY6n
RjAPhNVVi3YZb1nxghojTLuZU6XVC+KoTdH1zw+ho35TYKB/N8aHWXyADB1PSQ20
iEiVl2XPvPGYMuvhICMNLjuw7Po5m8rKkM29nw2lPvgxYomrT2THx0eXBgKvGkGd
A0ruOrHPhwUv1sT1kvem4rN4z1pJWdOoSKSHpVa/mRFb83pzCUXhrd2BBuCpe4a2
T+fdbdY3zjkm5epNuAVbQ+gQqDuCSP69smzocCDDABEBAAGJAR8EGAECAAkFAlOR
IlACGwwACgkQVTslp2bHYszLzAf+ISQ/qLfRKqmpGgfYWhhbKwc6sZy86qhYnNAU
0PcMKWgJDi9lNsns/XHxj3GG4uZmlIcL0iJb52n7pM/C1PeT7c2Yxicm1gsI5GfR
ZEVwNdCS2Ugh51s1Kkp4TJ4tZ/JETRPe5oOmZ/UsAEphdTTAGG9WGmYAMgaiEQis
19Ng7eWIpyGB6KOmcAo2UhJRoB6lZ3UuL/vTji5FuY/b984EZSQrg25SUWSui+tu
iisy+HZS8A7SVW9IdE35t2ci8bQaC+OXzQH2hoP2COlxm1Dfyf7Ax7MGUsZzGIsa
0oqxYN13MxJC12BILM4oF4PpP4k4GIFxBJE6+fQ+p+GM4dc6/w==
=MgCY
-----END PGP PUBLIC KEY BLOCK-----
I can sign any package as OSMC
Steps to resolve are to admit mistake revoke key and suggest everyone reinstalls the OSMC
You should be aware of such massive security problems and ashamed as it is 2017 how do you get this wrong