Referenced CVEs:  CVE-2010-0408, CVE-2010-0434 Description:  =========================================================== Ubuntu Security Notice USN-908-1 March 10, 2010 apache2 vulnerabilities CVE-2010-0408, CVE-2010-0434 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 8.04 LTS Ubuntu 8.10 Ubuntu 9.04 Ubuntu 9.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: apache2-common 2.0.55-4ubuntu2.10 Ubuntu 8.04 LTS: apache2.2-common 2.2.8-1ubuntu0.15 Ubuntu 8.10: apache2.2-common 2.2.9-7ubuntu3.6 Ubuntu 9.04: apache2.2-common 2.2.11-2ubuntu2.6 Ubuntu 9.10: apache2.2-common 2.2.12-1ubuntu2.2 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: It was discovered that mod_proxy_ajp did not properly handle errors when a client doesn't send a request body. A remote attacker could exploit this with a crafted request and cause a denial of service. This issue affected Ubuntu 8.04 LTS, 8.10, 9.04 and 9.10. (CVE-2010-0408) It was discovered that Apache did not properly handle headers in subrequests under certain conditions. A remote attacker could exploit this with a crafted request and possibly obtain sensitive information from previous requests. (CVE-2010-0434)

Barence writes "A debate that crops up time and again is whether it's better to have a dedicated keyboard on your smartphone or whether an on-screen keyboard with text correction is adequate. Some phones with screen-based keyboards have started to provide tactile feedback, either using an ultra-quick spin of their vibration alert or, like the BlackBerry Storm2, using clever piezo-electric technology to simulate the feel of a button press. But which system works best? PC Pro's Paul Ockendon gathered six of the most popular handsets around and put them through a timed typing test to see which proved quickest and most typo-free."

Read more of this story at Slashdot.

52-year-old Anthony Digati was arrested for trying to extort $200,000 from an insurance firm by threatening to spam them with six million emails unless they paid up. Digati said he would use a spam service and his amazing talents as a "huge social networker" to drag the company "through the muddiest waters imaginable" and presumably unfriend everyone. He added that the price would increase to $3 million if they failed to pay up by Monday, according to federal authorities.

Read more of this story at Slashdot.

kang327 writes "As Java developers we are used to the familiar file-based user interface that is used by all of the major IDEs. A team at Brown University has developed an IDE for Java called Code Bubbles that makes a fairly radical departure from current IDEs — it is based on fragments instead of files. The idea is that you can see many different pieces of code at once. Fragments can form groups, have automatic layout assistance, wrap long lines based on syntax, and exist in a virtual workspace that you can pan. A video shows reading and editing code, opening different kinds of info such as Javadocs, bug reports and notes, annotating and sharing workspaces, and debugging with bubbles. They report on several user studies that show the system increases performance for the tasks studied, and also that professional developers were enthusiastic about using it. There is also a Beta that you can sign up for."

Read more of this story at Slashdot.

SkinnyGuy writes "The only thing more remarkable than NewEgg shipping fake Core i7 CPUs to customers is getting your hands on one and checking it out. Apparently there are only a couple hundred of these things in existence and Gearlog somehow managed to get and unbox one. The images are fascinating."

Read more of this story at Slashdot.

SkinnyGuy writes "The only thing more remarkable than NewEggg shipping fake Core i7 CPUs to customers is getting your hands on one and checking it out. Apparently there are only a couple hundred of these things in existence and Gearlog somehow managed to get and unbox one. The images are fascinating."

Read more of this story at Slashdot.

andylim writes "Separate teams at Oxford university and Zentium, a South Korean company, are working on next-gen augmented reality solutions, which make it possible to fuse real and 3D computer-generated visuals on the fly using mobile phones. The team at Oxford university has named its solution Parallel Tracking and Mapping (PTAM) and it has licensed its technology to QderoPateo LLC, which has ambitious plans to grow the mobile augmented reality market and create an augmented reality search and gaming engine running for its 'Ouidoo' smart phone. Zentium's solution is called D-Track and is being used to develop the first markerless mobile augmented reality pet, called iKat. D-Track's mapping technology is very similar to PTAM and allows your phone to recognise the space in front of the camera and create an appropriate space for an augmented reality object or pet."

Read more of this story at Slashdot.

Julie188 writes "After more than three decades of service to researchers and staff stationed at the bottom of the world, the dome at the Amundsen-Scott South Pole Station was deconstructed this austral summer. Designed and constructed by the Seabees — the construction battalions of the US Navy — in the early 1970s, the dome's geodesic design provided a unique solution to the challenges posed to engineers trying to build structures at the South Pole. The dome is being returned to southern California where it will be held in storage. It could possibly be trotted out as an exhibit in a new US Navy Seabees museum."

Read more of this story at Slashdot.

astroengine follows up to a story about the LHC shutting down that seems to have hit all the news replicators today. "It's to be expected when pushing the frontiers of physics, but the LHC's epic 'will it or won't it' saga continues. Due to an unforeseen construction mistake, the LHC will cease experiments for a year (starting around late-2011) so repairs and upgrades can be carried out. For now, accelerated particles will have a maximum energy of 7TeV (half the power of the LHC's design maximum), which is ample for at least 18 months of experiments before shutdown."

Read more of this story at Slashdot.

An anonymous reader writes "'The European Parliament defied the EU executive today (10 March), casting a vote against an agreement between the EU, the US and other major powers on combating online piracy and threatening to take legal action at the European Court of Justice.'"

Read more of this story at Slashdot.

Xemu writes "Computers don't make children fat, but watching TV for the same length of time does. This is shown by a recent Swedish study of all school children in Lund's county conducted by RN Pernilla Garmy. The results were clear: The child's obesity was directly affected by placing a TV in the child's room, but placing a computer in the room had no effect at all. One theory is that it's common to have a snack in front of the TV, while a computer requires a more active user, for example when chatting or playing games."

Read more of this story at Slashdot.

alphadogg writes "Former CEO of Sun Microsystems Jonathan Schwartz has taken to his personal blog, provocatively titled 'What I couldn't say ...,' to dish some industry dirt and tell his side of the story about the demise of Sun. He has already hinted at plans to write a book, and a new post suggests a tell-all tome could indeed be in the offing. 'I feel for Google — Steve Jobs threatened to sue me, too,' Schwartz writes, apparently referring to Apple's patent lawsuit against HTC, which makes Google's Nexus One smartphone. As for Bill Gates, Schwartz says he was threatening regarding Sun's efforts in the office software space."

Read more of this story at Slashdot.

Pickens writes "The Washington Post reports that professors have banned laptops from their classrooms at George Washington University, American University, the College of William and Mary, and the University of Virginia, among many others, compelling students to take notes the way their parents did: on paper. A generation ago, academia embraced the laptop as the most welcome classroom innovation since the ballpoint pen, but during the past decade it has evolved into a powerful distraction as wireless Internet connections tempt students away from note-typing to e-mail, blogs, YouTube videos, sports scores, even online gaming. Even when used as glorified typewriters, laptops can turn students into witless stenographers, typing a lecture verbatim without listening or understanding. 'The breaking point for me was when I asked a student to comment on an issue, and he said, "Wait a minute, I want to open my computer,"' says David Goldfrank, a Georgetown history professor. 'And I told him, "I don't want to know what's in your computer. I want to know what's in your head."' Some students don't agree with the ban. A student wrote in the University of Denver's newspaper: 'The fact that some students misuse technology is no reason to ban it. After all, how many professors ban pens and notebooks after noticing students doodling in the margins?'"

Read more of this story at Slashdot.

An anonymous reader writes "Philippe Dauman, Viacom CEO and President, announced today that Harmonix is currently working on the next Rock Band game, Rock Band 3, due for release Holiday 2010. 'The company is pursuing the game in spite of an industry-weakening decline in the once-booming genre of peripheral-equipped music games. Although the franchise has generated over $1 billion to date, the category in general saw sales contract by as much as half throughout 2009. MTV Games parent Viacom also saw Rock Band declines drag on its balance sheet in its last fiscal quarter, and expressed a need to refocus away from pricey peripherals in favor of software. It also said that due to royalties it would need to be more "selective" about track listings, and that it needs more support from the music industry in that department.'"

Read more of this story at Slashdot.

daria42 writes "The Electoral Commission in the Australian state of Victoria has made plans to expand its use of electronic voting kiosks based on Linux in the next state election in November of this year. But it appears to be a little confused: the documentation states it will be using the '2.6 kernel/Gentoo release of Red Hat Enterprise Linux.' Huh?"

Read more of this story at Slashdot.

An anonymous reader writes "After a little over five months of pondering, xkcd fans have cracked a puzzle hidden inside Randall Munroe's recent book xkcd: volume 0. Here is the start of the thread on the xkcd forums; and here is the post revealing the final message (a latitude and longitude plus a date and time)."

Read more of this story at Slashdot.

The Mountain View Chocolate Factory has unveiled an online marketplace for third-party applications that hook into its Google Apps suite of web-based businessware.…...

In May, Swiss company Business Systems Integration AG (BSI) will release its Scout business application framework to the open source community. A first look at the Scout project's source code will be available to attendees at this year's EclipseCon...

Some system utilities do a variety of things well. They come with tools to give users lots of solutio...

Mirk writes "Computer-science legend Edsger W. Dijkstra famously wrote: 'It is practically impossible to teach good programming to students that have had a prior exposure to BASIC: as potential programmers they are mentally mutilated beyond hope of regeneration.' The Reinvigorated Programmer argues that the world is full of excellent programmers who cut their teeth on BASIC, and suggests it could even be because they started out with BASIC."

Read more of this story at Slashdot.