Long-time Slashdot reader doom writes: Over a two year period, a third of the IPv4 address space have experienced some sort of DoS attack, though the researchers who've ascertained this suspect this is an underestimate. This is from a story at Science Daily reporting on a study recently presented in London at the Internet Measurement Conference.

"As might be expected, more than a quarter of the targeted addresses in the study came in the United States, the nation with the most internet addresses in the world. Japan, with the third most internet addresses, ranks anywhere from 14th to 25th for the number of DoS attacks, indicating a relatively safe nation for DoS attacks..."

The study itself states, "On average, on a single day, about 3% of all Web sites were involved in attacks (i.e., by being hosted on targeted IP addresses)."
"Put another way," said the report's principal investigator, "during this recent two-year period under study, the internet was targeted by nearly 30,000 attacks per day."

Freshly Exhumed writes: PCI-SIG has released the specifications for version 4.0 of the PCIe (Peripheral Component Interconnect Express) bus, which, according to Chairman Al Yanes, promises data transfer rates of 16GTps, extended tags and credits for service devices, reduced system latency, lane margining, superior RAS capabilities, scalability for added lanes and bandwidth, improved I/O virtualization and platform integration. Tom's Hardware has posted a slide deck of the new version's specifications.

PC-MOS/386 "was a multi-user, computer multitasking operating system...announced at COMDEX in November 1986," remembers Wikipedia, saying it runs many MS-DOS titles (though it's optimized for the Intel 80386 processor).

Today Slashdot user Roeland Jansen writes: After some tracking, racing and other stuff...PC-MOS/386 v5.01 is open source under GPLv3. Back in May he'd posted to a virtualization site that "I still have the source tapes. I want(ed) to make it GPL and while I got an OK on it, I haven't had time nor managed to get it legalized. E.g. lift the NDA and be able to publish."

1987 magazine ads described it as "the gateway to the latest technology...and your networking future," and 30 years later its release on GitHub includes sources and executables. "In concert with Gary Robertson and Rod Roark it has been decided to place all under GPL v3."

A Palo Alto startup that stopped trying to be an "Android killer" last year after raising $185 million has apparently pivoted to developing autonomous vehicle technology. From a report: The company now known as Cyngn has changed its name from Cyanogen and recently got a permit to test its self-driving tech on California roads, according to a report Wednesday on Axios. It's being led by Lior Tal, the former chief operating officer who took over as CEO last fall when Kirt McMaster left. The rest of the startup's current team of about 30 people appear to have joined since the strategy shift, Axios reported, citing LinkedIn records. Some of them are former Facebook people, like Tal, and alumni of automakers who include Mercedes-Benz. No new funding has been disclosed for the reinvented company. It lists on its website investors who backed it before it pivoted, including Andreessen Horowitz, Benchmark Capital, Redpoint Ventures, Index Ventures, Qualcomm and Chinese social networking company Tencent. The company was the center of acquisition talk in 2014, when companies like Microsoft, Amazon, Samsung and Yahoo expressed interest in the company.

An anonymous reader quotes a report from Science Magazine: Scholarly publishing giants Elsevier and the American Chemical Society (ACS) have filed a lawsuit in Germany against ResearchGate, a popular academic networking site, alleging copyright infringement on a mass scale. The move comes after a larger group of publishers became dissatisfied with ResearchGate's response to a request to alter its article-sharing practices. ResearchGate, a for-profit firm based in Berlin, Germany, which was founded in 2008, is one of the largest social networking sites aimed at the academic community. It claims more than 13 million users, who can use their personal pages to upload and share a wide range of material, including published papers, book chapters and meeting presentations.

Yesterday, a group of five publishers -- ACS, Elsevier, Brill, Wiley and Wolters Kluwer -- announced that ResearchGate had rejected the association's proposal. Instead, the group, which calls itself the "Coalition for Responsible Sharing," said in a October 5th statement that ResearchGate suggested publishers should send the company formal notices, called "takedown notices," asking it to remove content that breaches copyright. The five publishers will be sending takedown notices, according to the group. But the coalition also alleges that ResearchGate is illicitly making as many as 7 million copyrighted articles freely available, and that the company's "business model depends on the distribution of these in-copyright articles to generate traffic to its site, which is then commercialized through the sale of targeted advertising." The coalition also states that sending millions of takedown notices "is not a viable long-term solution, given the current and future scale of infringement Sending large numbers of takedown notices on an ongoing basis will prove highly disruptive to the research community." As a result, two coalition members -- ACS and Elsevier -- have opted to go to court to try to force ResearchGate's hand.

ICANN had planned to change the master key used to sign secure Domain Name System records next week for the first time in history. But now an anonymous reader writes:Inattentive ISPs and technical faults have led the Internet Corporation for Assigned Names and Numbers (ICANN) to delay the KSK Rollover for next year. ICANN was supposed to remove the root encryption KSK key from core DNS servers on October 11 and allow a new one to take effect. The key is used for the DNSSEC protocol.

According to ICANN, between 6% to 8% of ISPs did not install the new KSK key to replace the one issued in 2010. The organization says that if it had gone forward with the original KSK Rollover plan, over 60 million Internet users would have been unable to make DNS requests. For the vast majority, ICANN blames lazy ISPs, which failed to update their existing keys. ICANN also believes that many ISPs may not be aware they had not installed the latest KSK. ICANN also distributed software to automatically pull down and install the new KSK. Some ISPs opted to use this software, which apparently had some bugs and failed to download and install the new KSK, in some situations.

Because of this, ICANN announced this week it would delay the KSK Rollover final step — of removing and revoking the original KSK key -- to the first quarter of 2018. ICANN has not decided yet on a precise date.

An anonymous reader writes: InfoWorld announced the winners of this year's "Best of Open Source Software Awards" -- honoring 68 different projects, spread across five categories. Besides the 15 best software development tools, they also recognized the best cloud computing software, machine learning tools, and networking and security software (as well as the best databases and analytics tools).

"Open source software isn't what it used to be," writes Doug Dineley, the site's executive editor. "The term used to conjure images of the lone developer, working into the night and through weekends, banging out line after line of code to scratch a personal itch or realize a personal vision... But as you wend your way through our Bossie winners, you're bound to be struck by the number of projects with heavyweight engineering resources behind them... Elsewhere in the open source landscape, valuable engineering resources come together in a different way -- through the shared interest of commercial software vendors."

More than 10% of the awards went to the Apache Software Foundation -- 7 of the 68 -- though I was surprised to see that five of the best software development tools are languages -- specifically Kotlin, Go, Rust, Clojure, and Typescript. Two more of the best open source software development tools were Microsoft products -- .Net Core and Visual Studio Code. And in the same category was OpenRemote a home automation platform, as well as Ethereum, which "smells and tastes like an open source project that is solving problems and serving developers."

Oracle went on the offensive again versus Amazon.com this week with a new cloud pricing plan that gives discounts to Oracle database customers who move their databases to the cloud. From a report: Chairman and Chief Technology Officer Larry Ellison said during an event at its Redwood City, California headquarters that while Oracle has matched Amazon Web Services for base-level computing, storage and networking services known as infrastructure as a service, it's now moving to make higher-level cloud services such as databases and analytics cheaper than AWS's. Actually, Ellison claimed that Oracle's infrastructure runs faster and therefore ends up costing less, but it's clear that the company is focusing more on its traditional strengths one tier up from the infrastructure: so-called platform as a service offerings such as the Oracle Database. Oracle said it will allow customers to move their existing licenses for databases, middleware and analytics to Oracle's platform services, just as they've allowed them to bring licenses to its infrastructure before.

Adobe's VP of Mobile (and a former intellectual property lawyer) sees "a very possible future where Microsoft doesn't merely accept a peaceful coexistence with Linux, but instead enthusiastically embraces it as a key to its future," noting Microsoft's many Linux kernel developers and arguing it's already innovating around Linux -- especially in the cloud. An anonymous reader quotes InfoWorld: Even seemingly pedestrian work -- like making Docker containers work for Windows, not merely Linux -- is a big deal for enterprises that don't want open source politics infesting their IT. Or how about Hyper-V containers, which marry the high density of containers to the isolation of traditional VMs? That's a really big deal...

Microsoft has started hiring Linux kernel developers like Matthew Wilcox, Paul Shilovsky, and (in mid-2016) Stephen Hemminger... Microsoft now employs 12 Linux kernel contributors. As for what these engineers are doing, Linux kernel maintainer Greg Kroah-Hartman says, "Microsoft now has developers contributing to various core areas of the kernel (memory management, core data structures, networking infrastructure), the CIFS filesystem, and of course many contributions to make Linux work better on its Hyper-V systems." In sum, the Linux Foundation's Jim Zemlin declares, "It is accurate to say they are a core contributor," with the likelihood that Hemminger's and others' contributions will move Microsoft out of the kernel contribution basement into the upper echelons.
The article concludes that "Pigs, in other words, do fly. Microsoft, while maintaining its commitment to Windows, has made the necessary steps to not merely run on Linux but to help shape the future of Linux."

Slashdot reader eatvegetables writes: The U.S. National Security Agency launched Codebreaker Challenge 2017 Friday night (Sept 15) at 9 p.m. EST. It started off as a reverse-engineering challenge a few years ago but has grown in scope to include network analysis, reverse-engineering, and vulnerability discovery/exploitation.

This year's challenge story centers around hackers attacking critical "supervisory control and data acquisition" (SCADA) infrastructure. Your mission, should you choose to accept it, is to figure out how the SCADA network is being attacked, find the attack vector(s), and stop the bad guy(s)/gal(s)/other(s).

Codebreaker-Challenge is unusual for capture-the-flag(ish) contests due to the scope/number of challenges and how long the contest runs (now until end of year). Also (this year, at least), the challenge is built around a less than well-known networking protocol, MQTT. It's open to anyone with a school.edu email address. A site leader-board shows which school/University has the most l33t students. Carnegie Mellon and Georgia Institute of Tech are at the top of the leader-board as of Saturday morning.
Last year, 3,300 students (from 481 schools) participated, with 15 completing all six tasks. One Carnegie Mellon student finished in less than 18 hours.

A resources page offers "information on reverse engineering," and the NSA says the first 50 students who complete all the tasks ths year will receive a "small token" of appreciation from the agency.

An anonymous reader shares a ZDNet report, which also has some clarification from Intel: It looks like you can add WiGig wireless docking to Intel's dustbin (along with IoT products axed earlier this summer), as the company has discontinued existing products using the 802.11ad wireless standard, according to Anandtech. [Since publishing this report, we've received a statement from Intel clarifying its WiGig support: "We continue to offer current versions of our 802.11ad products, such as the Intel Tri-band Wireless AC 18265 and Gigabit Wireless 10101R antenna module. We remain committed to WiGig and think it has exciting potential for a number of applications, including enabling VR to become wireless, mesh networking and as part of Intel's leading products for 5G."] WiGig was developed several years ago with faster speeds than then-current Wi-Fi standards, but because it relied on the 60GHz channel, its high throughput could only travel over short distances. As a result, it eventually became marketed as a feature for wireless laptop docking stations, and while it received some support from enterprise laptop manufactures like Dell and Lenovo, the technology didn't make a big dent against standard wired laptop docks.

Brian Stelter, writing for CNN: Why won't Facebook show the public the propagandistic ads that a so-called Russian troll farm bought last year to target American voters? That lack of transparency is troubling to many observers. "Show us the ads Zuck!" Silicon Valley entrepreneur Jason Calacanis wrote on Twitter when The Washington Post reported on the surreptitious ad buys on Wednesday. Calacanis said Facebook was "profiting off fake news," echoing a widely held criticism of the social network. It was only the latest example of Facebook's credibility problem. For a business based on the concept of friendship, it's proving to be a hard company to trust. On the business side, Facebook's metrics for advertisers have been error-prone, to say the least. Analysts and reporters have repeatedly uncovered evidence of faulty data and measurement mistakes. Facebook's opaqueness has also engendered mistrust in the political arena. Conservative activists have accused the company of censoring right-wing voices and stories. Liberal activists have raised alarms about its exploitation of personal information to target ads. And the news business is worried about the spread of bogus stories and hoaxes on the site. Some critics have even taken to calling Facebook a "surveillance company," seeking to reframe the business the social network is in -- not networking but ad targeting based on monitoring of users. Over at The Verge, Casey Newton documents inconsistencies in Facebook's public remarks over its role in the outcome of the presidential election last year. Newton says Facebook's shifting Russian ads stories and unwillingness to disclose information citing laws (which seem to imply otherwise) are damaging its credibility.

There's a difference between clearing your head, and ditching your dying startup to do drugs in the desert. From a report: Whether you're going to Burning Man, Ibiza, SXSW, or some big international tech conference, the message you send is the same. If your startup isn't succeeding, you're skipping out on the dirty work while hoping some miracle revelation or networking connection will save you. And it probably won't. For those less familiar, Burning Man is when 70,000 people build a temporary city of tents and RVs in the Nevada desert where no money is exchanged, and instead everyone seeks to gift strangers with giant art installations, workshops, food, drinks, and celebrations. But I get a sinking feeling when I notice or hear about the leaders of a struggling startup trying to dance or dose away their troubles. Being out of a contact for several days to a week since there's no reliable cellular connection and a stigma against phone use creates a decision-making bottleneck that can slow down your company. Ex-Oculus founder Palmer Luckey here points out how juice presser startup Juicero's founder Doug Evans took off to Burning Man for week. That's despite the company recently admitting it needed to lower prices after Bloomberg reporters revealed you could simply squeeze Juicero juice packs by hand without the $400 machine. In the middle of that week Evans was at Burning Man, Juicero announced it would suspend sales of its juicer and juice packs as it desperately tries to find an acquirer. While Evans handed over the CEO title to former Coca-Cola exec Jeff Dunn late last year, the company told TechCrunch "Evans is Juicero's full time Founder and Chairman of the Board and very active within the company."

According to the results of a Gallup poll released mid-August, most employed U.S. adults aren't too worried about technology eliminating their jobs. Only 13 percent of Americans are fearful that tech will eradicate their work opportunities in the near future, according to the poll. Workers are relatively more concerned about immediate issues like wages and benefits. CNBC reports: This corresponds with another recent Gallup survey finding that about one in eight workers, or 13 percent of Americans, also believe it's likely they will lose their jobs due to new technology, automation, robots or AI in the next five years. While the survey reflects a generally confident American workforce, Monster career expert Vicki Salemi tells CNBC Make It that people should not become complacent.

"Employees need to think of themselves as replaceable in a way that propels them into action," Salemi says, "so they can focus on continuously learning and sharpening their skills." In the meantime, Americans can look to what the tech giants are saying. On the contrary, Salemi emphasizes that Americans shouldn't be paranoid and lose sleep every night. Rather, they should think about AI "from a place of power." "If your job does start to get automated, you'll already have a game plan and solid skill set to back you up for your next career move," she says. If you find yourself in the 13 percent of Americans worried about losing their jobs to robots, Salemi says you can "robot-proof" your job through networking. "Always be on top of your game, she says. "If your industry is becoming more digitally focused, get schooled on specific skills. Instead of being lax about your career, always stay ahead of the curve, keep your resume in circulation, ask yourself where the industry is headed and most importantly where you and your skills fit in."

Google Cloud Platform customers will have a new option when selecting the type of network used to deliver their traffic to their users: they can keep using Google's network, or they can save some money with the new option of using public transit networks. An anonymous reader shares a report: Google has long argued that one of the best reasons to use its public cloud service is the strength of its fiber network, developed and enhanced for more than a decade to support the global data centers powering its search engine. But there are some applications that don't require that level of performance, and so Google is now offering a cheaper networking service -- costing between 24 percent to 33 percent less -- that uses the transit networks that deliver the bulk of traffic to internet service providers, said Prajakta Joshi, product manager for cloud networking at Google. The new "Standard Tier" should offer performance comparable to what customers would experience through "other cloud providers," Joshi said, although both Amazon Web Services and Microsoft Azure operate fiber networks outside of the public internet.

Yesterday, Android O officially became Android Oreo and started rolling out to Pixel and Nexus devices. While there are many new features available in the new OS, we thought we'd ask you: what are your favorite Android Oreo features? The Hacker News highlights eleven of the new features "that make Android even better" in their report: 1. No More 'Install From Unknown Sources' Setting: Prior to Android Oreo, third-party app installation requires users to enable just one setting by turning on "Install from unknown sources" -- doesn't matter from where the user has downloaded an APK file, i.e. from a browser, Bluetooth, transferred from a computer via USB or downloaded using another app. Android 8.0 Oreo has completely changed the way this feature works, bringing a much smarter and safer system called "Install other apps," in which a user has to manually permit 3rd-party app installation from different sources.
2. Autofill API Framework: Android 8.0 Oreo brings a built-in secure AutoFill API that allows users-chosen password manager to store different types of sensitive data, such as passwords, credit card numbers, phone numbers, and addresses -- and works throughout the entire system.
3. Picture-in-Picture: With Android Oreo, you can view a YouTube video while reading through a report in Word or be chatting on WhatsApp on your Android device -- thanks to Picture-in-Picture (PIP) feature.
4. Google Play Protect: Play Protect helps in detecting and removing harmful applications with more than 50 billion apps scanned every day.
5. Wi-Fi Aware (Neighborhood Aware Networking -- NAN): Android Oreo has added support for a new connectivity feature called Wi-Fi Aware, also known as Neighborhood Aware Networking (NAN), which allows apps and devices to automatically find, connect to, and share data with each other directly without any internet access point or cellular data.
6. Android Instant Apps: With Android 8.0 Oreo, you can now access a range of Instant Apps without downloading them.
7. Battery-Saving Background Limits: Google has blocked apps from reacting to "implicit broadcasts" and carrying out certain tasks when they are running in the background in an effort to enhance the battery life of Android device. Besides this, Android Oreo will also limit some background services and location updates when an app is not in use.
8. AI-based Smart Text Selection: Android Oreo brings the 'Smart Text Selection' feature, which uses Google's machine learning to detect when something like physical addresses, email addresses, names or phone numbers is selected, then automatically suggests the relevant information on other apps.
9. Notification Dots (Limit notifications): Oreo introduces Notification Dots that offers you to manage each app individually with "fine-grained control," allowing you to control how many notifications you see and how they come through.
10. Find my Device: Google has introduced a new feature, called Find my Device, which is a similar feature to Apple's Find my iPhone and allows people to locate, lock and wipe their Android devices in the event when they go missing or get stolen.
11. New Emoji and Downloadable Fonts: Android Oreo introduces 60 new emoji and a redesign of the current "blob" characters. The update also offers new color support to app developers and the ability to change or animate the shape of icons in their apps.

The CBC reports: What if circumventing censorship didn't rely on some app or service provider that would eventually get blocked but was built into the very core of the internet itself? What if the routers and servers that underpin the internet -- infrastructure so important that it would be impractical to block -- could also double as one big anti-censorship tool...? After six years in development, three research groups have joined forces to conduct real-world tests.
An anonymous reader writes: Earlier this week, Professor Eric Wustrow, from the University of Colorado at Boulder, presented An ISP-Scale Deployment of TapDance at the USENIX Workshop on Free and Open Communications on the Internet. TapDance is an anti-censorship, circumvention application based on "refraction networking" (formerly known as "decoy routing") that has been the subject of academic research for several years. Now, with integration with Psiphon, 50,000 users, a deployment that spans two ISPs, and an open source release, it seems to have graduated to the real world.
"In the long run, we absolutely do want to see refraction networking deployed at as many ISPs that are as deep in the network as possible," one of the paper's authors told the CBC. "We would love to be so deeply embedded in the core of the network that to block this tool of free communication would be cost-prohibitive for censors."

AmiMoJo shares a report from Ars Technica: When right-wing trolls and outright racists get kicked off of Twitter, they often move to Gab, a right-wing Twitter competitor. Gab was founded by Andrew Torba, who says it's devoted to unfettered free expression online. The site also hosts controversial right-wing figures like Milo Yiannopoulos, Andrew 'weev' Auernheimer and Andrew Anglin, editor of the neo-Nazi site Daily Stormer. On Thursday, Gab said that Google had banned its Android app from the Google Play Store for violating Google's ban on hate speech. The app's main competitor, Twitter, hosts accounts like the American Nazi Party, the Ku Klux Klan, and the virulently anti-gay Westboro Baptist Church, yet the Twitter app is still available on the Google Play store. Apple has long had more restrictive app store policies, and it originally rejected the Gab app for allowing pornographic content to be posted on the service -- despite the fact that hardcore pornography is readily available on Twitter. In an email to Ars, Google explained its decision to remove Gab from the Play Store: "In order to be on the Play Store, social networking apps need to demonstrate a sufficient level of moderation, including for content that encourages violence and advocates hate against groups of people. This is a long-standing rule and clearly stated in our developer policies. Developers always have the opportunity to appeal a suspension and may have their apps reinstated if they've addressed the policy violations and are compliant with our Developer Program Policies."

An anonymous reader shares a report: On a Sunday night two weeks back, in the Rose Court Garden of the Disneyland Hotel in Anaheim, California, 150 antsy competitors between the ages of 13 and 22 milled around eating miniature whoopie pies by the light of the Moon, sizing up their global rivals in the efficient use of Excel, PowerPoint, and Word. It was as if the Olympics opening ceremony was replaced by a networking event: teens were decked out in national T-shirts, while others handed out business cards specially made for the event. At one table off by the bar, two chaperones nudged their folding chairs closer together and taught each other how to say hello ("Yassas," "Ciao") in their respective mother tongues. In the distance, through the palms, the tiki torches of Trader Sam's, the hotel's poolside lounge, were flickering into the black sky. This marked the first night of the 16th Microsoft Office Specialist (MOS) World Championship, in which teens and young 20-somethings compete for the title of World Champion in their chosen professional application. It's an event put on annually by Certiport, a Utah-based subsidiary of standardized testing giant Pearson VUE. It's also a marketing stunt, pure and simple, devised to promote Certiport's line of Microsoft Office certifications. This allows the certified to confirm the line on their resume that claims "proficiency in MS Office" is backed up by some solid knowledge of deep formatting and presentation design.

An anonymous reader quotes a report from Bleeping Computer: "The author of the BrickerBot malware has claimed a cyber-attack that affected several Indian states and has caused over 60,000 modems and routers to lose Internet connectivity," reports Bleeping Computer. "The incident affected modems and routers belonging to Bharat Sanchar Nigam Limited (BSNL) and Mahanagar Telephone Nigam Limited (MTNL), two Indian state-owned telecommunications service providers." The BrickerBot malware infected modems that used default passwords and modems that the two ISPs left exposed via the TR069 management interface to connections from anywhere on the Internet. BrickerBot is a malware strain that affects Linux-based IoT and networking devices. Unlike other malware that hoards devices into botnets for DDoS attacks and other purposes, BrickerBot "bricks" the equipment by rewriting its flash storage with random data. In most cases this bricking effect can be reversed, but in some cases this is permanent. BSNL and MTNL had worked to fix problems but efforts were delayed after a BSNL workforce strike. The BrickerBot author also raised the alarm about similar exposed devices on the network of Pakistan Telecommunication Company Limited (PTCL). In April, the BrickerBot author claimed he bricked over 2 million devices.