MojoKid writes: If you thought that the massive DDoS attack earlier this month on Brian Krebs' security blog was record-breaking, take a look at what just happened to France-based hosting provider OVH. OVH was the victim of a wide-scale DDoS attack that was carried via a network of over 152,000 IoT devices. According to OVH founder and CTO Octave Klaba, the DDoS attack reached nearly 1 Tbps at its peak. Of those IoT devices participating in the DDoS attack, they were primarily comprised of CCTV cameras and DVRs. Many of these devices have improperly configured network settings, which leaves them ripe for the picking for hackers that would love to use them to carry out destructive attacks.The DDoS peaked at 990 Gbps on September 20th thanks to two concurrent attacks, and according to Klaba, the original botnet was capable of a 1.5 Tbps DDoS attack if each IP topped out at 30 Mbps. This massive DDoS campaign was directed at Minecraft servers that OHV was hosting. Octave Klaba / Oles tweeted: "Last days, we got lot of huge DDoS. Here, the list of 'bigger that 100Gbps' only. You can the simultaneous DDoS are close to 1Tbps!"

New submitter liveedu shares with us a report from InfoWorld: When Java 8 was released two years ago, the community graciously accepted it, seeing it as a huge step toward making Java better. Its unique selling point is the attention paid to every aspect of the programming language, including JVM (Java Virtual Machine), the compiler, and other help-system improvements. Java is one of the most searched programming languages according to TIOBE index for July 2016, where Java ranks number one. Its popularity is also seen on LiveCoding, a social live coding platform for engineers around the world, where hundreds and thousands of Java projects are broadcasted live. InfoWorld highlights five Java 8 features for developers in their report: lambda expressions, JavaScript Nashorn, date/time APIs, Stream API and concurrent accumulators. But those features only scratch the surface. What makes Java 8 amazing in your opinion? What are your favorite Java 8 features that help you write high quality code? You can view the entire list of changes made to the programming language here.

You asked, he answered!

Perl creator Larry Wall has responded to questions submitted by Slashdot readers. Read on for his answers...

Slashdot reader Orome1 shares an article by Bitdefender's senior "e-threat analyst," warning about an increasing number of attacks on healthcare providers: In general, the healthcare industry is proving lucrative for cybercriminals because medical data can be used in multiple ways, for example fraud or identity theft. This personal data often contains information regarding a patient's medical history, which could be used in targeted spear-phishing attacks...and hackers are able to access this data via network-connected medical devices, now standard in high-tech hospitals. This is opening up new possibilities for attackers to breach a hospital or a pharmaceutical company's perimeter defenses.

If a device is connected to the internet and left vulnerable to attack, an attacker could remotely connect to it and use it as gateways for attacking network security... The majority of healthcare organizations have often been shown to fail basic security practices, such as disabling concurrent login to multiple devices, enforcing strong authentication and even isolating critical devices and medical data storing servers from a direct internet connection.
The article suggests the possibility of attackers tampering with the equipment that dispenses prescription medications, in which case "it is likely that future cyber-attacks could lead to the loss of human life."

An anonymous reader writes: Qualcomm wants to supply the next generation of autonomous and connected cars with networking to connect everything inside and outside of the cars. That means 5G, WiFi, Bluetooth, GNSS, DSRC, V2X, OABR, CAN, etc. ... [Networkworld reports: "Qualcomm today announced its Connected Car Reference Platform intended for the car industry to use to build prototypes of the next-generation connected car. Every category from economy to luxury car will be much smarter than the connected luxury car of today, creating a big opportunity for Qualcomm to supply semiconductors to automakers and suppliers. Qualcomm described the following features of the Connected Car Reference Platform in its release:

Scalability: Using a common framework that scales from a basic telematics control unit (TCU) up to a highly integrated wireless gateway, connecting multiple electronic control units (ECUs) within the car and supporting critical functions, such as over-the-air software upgrades and data collection and analytics.
Future-proofing: Allowing the vehicleâ(TM)s connectivity hardware and software to be upgraded through its life cycle, providing automakers with a migration path from Dedicated Short Range Communications (DSRC) to hybrid/cellular V2X and from 4G LTE to 5G.
Wireless coexistence: Managing concurrent operation of multiple wireless technologies using the same spectrum frequencies, such as Wi-Fi, Bluetooth and Bluetooth Low Energy.
OEM and third-party applications support: Providing a secure framework for the development and execution of custom applications."]

ewhac writes: Among its other desirable features, Firefox included a feature allowing very fine-grained cookie management. When enabled, every time a Web site asked to set a cookie, Firefox would raise a dialog containing information about the cookie requested, which you could then approve or deny. An "exception" list also allowed you to mark selected domains as "Always allow" or "Always deny", so that the dialog would not appear for frequently-visited sites. It was an excellent way to maintain close, custom control over which sites could set cookies, and which specific cookies they could set. It also helped easily identify poorly-coded sites that unnecessarily requested cookies for every single asset, or which would hit the browser with a "cookie storm" — hundreds of concurrent cookie requests.

Mozilla quietly deleted this feature from Firefox 44, with no functional equivalent put in its place. Further, users who had enabled the "Ask before accept" feature have had that preference silently changed to, "Accept normally." The proffered excuse for the removal was that the feature was unmaintained, and that its users were, "probably crashing multiple times a day as a result" (although no evidence was presented to support this assertion). Mozilla's apparent position is that users wishing fine-grained cookie control should be using a third-party add-on instead, and that an "Ask before accept" option was, "not really nice to use on today's Web."

A few weeks ago you had the chance to ask Alan Donovan and Brian Kernighan about programming and their upcoming book, The Go Programming Language (available as an eBook Friday the 20th). Below you'll find their answers to your questions.

Mark.JUK writes: Global Chinese ICT firm Huawei and Japanese mobile giant NTT DOCOMO today claim to have conducted the world's first large-scale field trial of future 5th generation (5G) mobile broadband technology, which was able to deliver a peak speed of 3.6Gbps (Gigabits per second). Previous trials have used significantly higher frequency bands (e.g. 20-80GHz), which struggle with coverage and penetration through physical objects. By comparison Huawei's network operates in the sub-6GHz frequency band and made use of several new technologies, such as Multi-User MIMO (concurrent connectivity of 24 user devices in the macro-cell environment), Sparse Code Multiple Access (SCMA) and Filtered OFDM (F-OFDM). Assuming all goes well then Huawei hopes to begin a proper pilot in 2018, with interoperability testing being completed during 2019 and then a commercial launch to follow in 2020. But of course they're not the only team trying to develop a 5G solution.

cold fjord writes: It seems Julian Assange rates his own section (The Assange Matter) on a Swedish government website related to the investigation. It contains some FAQs on points that seem to keep coming up in Slashdot discussions. The website isn't completely up to date at the moment since it doesn't discuss the recent attempt by Swedish investigators to interview Assange in the Ecuadorian embassy in London. Unfortunately that attempt failed since the government of Ecuador didn't give permission to the Swedish delegation to enter their embassy. That is quite odd given the years of demands for this. Concurrent with this, Wikileaks has started releasing what is reported to be more than 500,000 leaked Saudi Arabian diplomatic documents that are sure to stir up some controversies. Most are in Arabic so it may take some time for their contents to filter out.

An anonymous reader writes: Verizon recently told a customer that upgrading his 50Mbps service to 75Mbps would result in smoother streaming of Netflix video. Of course, that's not true — Netflix streams at a rate of about 3.5 Mbps on average for Verizon's fiber service, so there's more than enough headroom either way. But this customer was an analyst for the online video industry, so he did some testing and snapped some screenshots for evidence. He fired up 10 concurrent streams of a Game of Thrones episode and found only 29Mbps of connection being used. This guy was savvy enough to see through Verizon's BS, but I'm sure there are millions of customers who wouldn't bat an eye at the statements they were making. The analyst "believes that the sales pitch he received is not just an isolated incident, since he got the same pitch from three sales reps over the phone and one online."

Nerval's Lobster writes: While some programming languages achieved early success only to fall by the wayside (e.g., Delphi), one language that has quietly gained popularity is D, which now ranks 35 in the most recent Tiobe Index. Inspired by C++, D is a general-purpose systems and applications language that's similar to C and C++ in its syntax; it supports procedural, object-oriented, metaprogramming, concurrent and functional programming. D's syntax is simpler and more readable than C++, mainly because D creator Walter Bright developed several C and C++ compilers and is familiar with the subtleties of both languages. D's advocates argue that the language is well thought-out, avoiding many of the complexities encountered with modern C++ programming. So shouldn't it be more popular? The languages with the biggest gains this time around include JavaScript, PL/SQL, Perl, VB, and COBOL. (Yes, COBOL.) The biggest drops belonged to the six most popular languages: Objective-C, C, Java, C++, PHP, and C#.

An anonymous reader writes A research team from the University of California, Riverside and Montclair State University, New Jersey, have found that the lack of teeth in all living birds can be traced back to a common ancestor who lived about 116 million years ago. From the article: "To solve this puzzle, the researchers used a recently created genome database that catalogues the genetic history of nearly all living bird orders--48 species in total. They were looking for two specific types of genes: one responsible for dentin, the substance that (mostly) makes up teeth, and another for the enamel that protects them. Upon finding these genes, researchers then located the mutations that deactivate them, and combed the fossil record to figure out when those mutations developed. They concluded that the loss of teeth and the development of the beak was a two-stage process, though the steps basically happened simultaneously. The paper states: 'In the first stage, tooth loss and partial beak development began on the anterior portion of both the upper and lower jaws. The second stage involved concurrent progression of tooth loss and beak development from the anterior portion of both jaws to the back of the rostrum.'"

An anonymous reader writes From the release page: Version 4 of DragonFly brings Haswell graphics support, 3D acceleration, and improved performance in extremely high-traffic networks. DragonFly now supports up to 256 CPUs, Haswell graphics (i915), concurrent pf operation, and a variety of other devices.

Hugh Pickens DOT Com (2995471) writes "Carolyn Lochhead reports in the SF Chronicle that the White House has announced a plan allowing spouses of H-1B visa holders to work in the United States, a coup for Silicon Valley companies that have been calling for more lenient rules for immigrants who come to the United States to work in technology. 'The proposals announced today will encourage highly skilled, specially trained individuals to remain in the United States and continue to support U.S. businesses and the growth of the U.S. economy,' says Deputy Secretary of Homeland Security Alejandro Mayorkas. 'A concurrent goal is for the United States to maintain competitiveness with other countries that attract skilled foreign workers and offer employment authorization for spouses of skilled workers. American businesses continue to need skilled nonimmigrant and immigrant workers.'

Currently, spouses of H-1B visa holders are not allowed to work unless they obtain their own visa but tech companies have been calling for more H-1B visas, and supporters of the rule change argue that it will bring in more talented workers. Critics say they believe expanding the H-1B visa program will allow lower-paid foreign workers to take American jobs. The plan immediately drew fire from Republicans. Sen. Jeff Sessions of Alabama, who sits on the Judiciary Committee, accused the administration of acting unilaterally to change immigration law and bring in tens of thousands of potential competitors with Americans for jobs. 'Fifty million working-age Americans aren't working,' Sessions said in a statement, adding that as many as 'half of new technology jobs may be going to guest workers. This will help corporations by further flooding a slack labor market, pulling down wages.'"

kc123 writes "The latest version of Chrome includes improvements in JavaScript compilation, according to the Chromium blog. Historically, Chrome compiled JavaScript on the main thread, where it could interfere with the performance of the JavaScript application. For large pieces of code this could become a nuisance, and in complex applications like games it could even lead to stuttering and dropped frames. In the latest Chrome Beta they've enabled concurrent compilation, which offloads a large part of the optimizing compilation phase to a background thread. The result is that JavaScript applications remain responsive and performance gets a boost."

Lucas123 writes "A solar power array that covers three square miles with 3,200 mirrored parabolic collectors went live this week, creating enough energy to power 70,000 homes in Arizona. The Solana Solar Power Plant, located 70 miles southwest of Phoenix, was built at a cost of $2 billion, and financed in large part by a U.S. Department of Energy loan guarantee. The array is the world's largest parabolic trough plant, meaning it uses parabolic shaped mirrors mounted on moving structures that track the sun and concentrate its heat. A first: a thermal energy storage system at the plant can provide electricity for six hours without the concurrent use of the solar field. Because it can store electricity, the plant can continue to provide power during the night and inclement weather."

MarkWhittington writes "According to a July 26, 2013 story in Space News, NASA Deputy Administrator Lori Garver mused about what appeared to be a change to the space agency's asteroid snatching mission at the NewSpace 2013 conference. Apparently the idea is to send a robot to a larger asteroid than originally planned, carve out a chunk of it, and then bring it to lunar orbit for an crew of astronauts to visit in an Orion space ship. Garver's proposed change would widen the number of target asteroids and would test technologies important for asteroid mining. But it would also increase the complexity and certainly the cost of the asteroid mission. There are a lot of unanswered questions, such as what kind of mechanism would be involved in taking a piece of an asteroid and moving it? At the same conference Garver had hinted at a willingness to consider mounting a program of "sustainable" lunar exploration, as some in Congress have demanded, concurrent with the asteroid mission."

New submitter NeoHermit writes "This language (Dao) has never been mentioned on Slashdot before, but it might be interesting to many people here. As it has recently become feature-complete and just made its first beta release, it may be the right time to mention it here. Dao is an optionally-typed programming language that supports many advanced features with a small runtime. The feature list is probably as long as that of Python, but they are supported by a much smaller runtime (somewhere between Lua and Python, but closer to Lua). Besides optional typing, the other major features that worth mentioning include: built-in support for concurrent programming for multicore computers, very friendly C programming interfaces for embedding and extending, a LLVM-based JIT compiler, a Clang-based module for embedding C/C++ codes in Dao, and a Clang-based tool for automatic binding generation from C/C++ header files. You can also see many familiar features from other languages."

skaffen42 writes "The recent Ask Slashdot about becoming a programmer later in life got me thinking about a related question. How do you deal with programmers who have not stayed current with new technologies? In the hiring process, this is easy; you simply don't hire them. However, at most companies where I've worked, there are usually a few programmers who have been employed long enough that the skill-set they were originally hired for has become irrelevant. At the same time, they have not bothered to stay current with newer technologies. They usually have enough business knowledge that they provide some value to the company, but from a technical perspective they are a slowly-increasing liability. As an example: I work with a developer who is 10 years my senior, but still doesn't understand how to write concurrent code and cannot be trusted to use a revision control system without causing a mess that somebody else will have to clean up. On top of that, he is really resistant to the idea of code reviews; I suspect he dislikes people he considers junior to him making suggestions about how to improve his code. So, how do my fellow Slashdotters handle situations like this? How do you help somebody like this to improve their skill-sets? And, most importantly, how do you do so without stepping on anybody's feelings?"

Hamburg writes "LyX joined this year's Google Summer of Code (GSoC 2013) as a mentoring organization. The LaTeX based open-source GUI LyX has been accepted to the GSoC for the first time. With LyX one can start using LaTeX without being used to 'program' documents. So it's an important entry point to the (La)TeX world, and a bridge between GUI word processors and LaTeX. This is a great opportunity for its development, now student developers can get financial support for contributing new features: successful contributions will earn a stipend of 5000 USD for the student and 500 USD for the organization, in this case the LyX project, who provides mentors to the students. There are already many project ideas, for example a GUI for editing layouts, a presentation mode, EPUB export, an outliner tool for intuitive writing, retina screen (HiDPI) support, and interactive concurrent editing. Would you like to take part, or do you have further ideas for improvements or features? Send your proposals to the lyx-devel mailing list, or simply comment here, what can be suggested to the LyX mentors."