各位大侠有没有用Ext.grid.PivotGrid实现这样的一个功能_百度知道Heartbleed
is a catastrophic bug in OpenSSL:
"The Heartbleed bug allows anyone on the Internet to read the memory of the systems protected by the vulnerable versions of the OpenSSL software. This compromises the secret keys used to identify the service providers and to encrypt the traffic, the names and passwords of the users and the actual content. This allows attackers to eavesdrop communications, steal data directly from the services and users and to impersonate services and users.
Basically, an attacker can grab 64K of memory from a server.
The attack leaves no trace, and can be done multiple times to grab a different random 64K of memory.
This means that anything in memory -- SSL private keys, user keys, anything -- is vulnerable.
And you have to assume that it is all compromised.
All of it.
"Catastrophic" is the right word.
On the scale of 1 to 10, this is an 11.
Half a million sites are , including my own.
Test your vulnerability .
The bug has been patched.
After you patch your systems, you have to get a new public/private key pair, update your SSL certificate, and then change every password that could potentially be affected.
At this point, the probability is close to one that every target has had its private keys extracted by multiple intelligence agencies.
The real question is whether or not someone deliberately inserted this bug into OpenSSL, and has had two years of unfettered access to everything.
My guess is accident, but I have no proof.
is worth reading.
Hacker News
is filled with commentary.
EDITED TO ADD (4/9):
Has anyone looked at all the low-margin non-upgradable
that use OpenSSL?
An upgrade path that involves the trash, a visit to Best Buy, and a credit card isn't going to be fun for anyone.
EDITED TO ADD (4/10):
I'm hearing that the CAs are completely clogged, trying to reissue so many new certificates.
And I'm not sure we have anything close to the infrastructure necessary to revoke half a million certificates.
that Heartbleed was exploited last year.
EDITED TO ADD (4/10):
I wonder if there is going to be some backlash from the mainstream press and the public.
If nothing really bad happens -- if this turns out to be something like the Y2K bug -- then we are going to face criticisms of crying wolf.
EDITED TO ADD (4/11):
on how to protect yourself from Heartbleed.
321 Comments
Photo of Bruce Schneier by Per Ervland.
Schneier on Security is a personal website.
Opinions expressed are not necessarily those of , an IBM Company.EMC's XtremIO array: Everything we know about new all-flash box o The Register
Common Topics
Recent Articles
Mega-vendor EMC is going to launch its XtremIO all-flash array with general availability on 14 November. It has been on limited or directed availability for a few months and there's a fair amount of information coming out about it.
Here’s what we know so far.
The array is based on
technology and features:
6U X-Brick nodes with N-way active controllers, 250,000 random 4K read IOPS and sub-milli
X-Brick has 25 x 400GB eMLC SSDs, 10TB raw capacity, 7TB
Controllers are 1U dual-
High-availability with non-disruptive XIOS software and firmware upgrades, hot-swap upgrades, and no sin
4 x 8 Gbit’s Fibre Channel and 4 x 10Gbit/E iSCSI blo
Four X-Bricks in XtremIO array
Scalability to 4 clustered X-Bricks, linked by dual InfiniBand, delivers 1 million IOPS;
Scalability to 8 X-Bricks has been , with an implied 2 million IOPS;
Future scalability to 16 and beyond X-B
Can be different capacity X-B
Integrated workload and data balancing across SSD
Always-on integrated inline cross-cluster deduplication using 4KB
Thin-provisioning using 4KB allocation and with no fragmentation or
VMware VAAI integration, VMware multipath I/O support with EMC claiming that the array is “the only all-flash array to fully integrate” with VAAI;
Data volumes are thin and wide-striped
In-memory metadata management with metadata lookups not hitting SSDs;
Deduplication-aware snapshot and cloning features - but no replication until 2014 – and t and
Management through a GUI, vCenter plugin, CLI or REST API.
Oddly, two X-Bricks take up 12U of rackspace but four take up only 22U.
Flash-specific XtremIO Data Protection (XDP) is included and, with it, SSDs can fail in-place with no data loss. XDP is “self-healing,” with double-party data protection and needs “just an eight per cent capacity overhead.”
If an SSD fails the rebuild is distributed across other SSDs and is content-aware. For example, only user data is copied, not free space. XDP doesn’t require any configuration, nor does it need hot spare drives. Instead, we understand, it uses "hot spaces" – free space in the array.
Data is stored in 4KB chunks using hashes. Hash comparisons are used for deduplication and hash values are used for distributing writes. We understand each controller runs its own copy of XIOS with the hash range distributed across XIOS copies – so hash value affects data placement. Data is only written when a full stripe exists. The idea is to reduce write levels and prevent host-spots developing.
A front-end VPLEX box can be used to provide replication now, along with RecoverPoint. XtremIO may not get synchronous replication as that would affect performance.
We’re told one X-Brick can support 2,000 or more (Citrix) virtual desktops. A reference architecture for XtremIO-supported virtual desktops can be found .
A VMware View VDI reference architecture can be found
and it supports 7,000 virtual desktops. The document says 1,000 linked clones were deployed in 75 minutes. Two X-bricks were included in a Vblock Specialized System for Extreme Applications, with an 8-node Isilon S-Series NAS storage system for user data and Horizon View persona data, and 48 Cisco UCS server blades.
There has been no mention of tiering the XtremIO arrays with back-end VNX/VMAX/Isilon arrays with automated data movement using EMC’s FAST technology. That is most probably a roadmap feature. (R)
More from The Register
Sponsored links114网址导航java - XStream Alias of List root elements - Stack Overflow
to customize your list.
Join the Stack Overflow Community
Stack Overflow is a community of 4.7 million programmers, just like you, helping each other.
J it only takes a minute:
I want to be able to alias the root list element depending upon what type of objects are contained in the list.
For example, this is my current output:
&coin&Gold&/coin&
&coin&Silver&/coin&
&coin&Bronze&/coin&
And this is what I want it to look like:
&coin&Gold&/coin&
&coin&Silver&/coin&
&coin&Bronze&/coin&
I can do this at a global level by saying all lists should be aliased to coins, but I have a lot of different lists and this won't work.
Any ideas on how to do this?
Seems like it should be simple, but of course, it isn't.
I should specify, I am trying to serialize objects to xml.
I am using Spring 3 MVC as my web framework.
Let's say you have a Coin class with a type attribute, as follows:
@XStreamAlias("coin")
public class Coin {
And you have a Coins class that constains a List of Coin:
@XStreamAlias("coins")
public class Coins{
@XStreamImplicit
List&Coin& coins = new ArrayList&Coin&();
Pay attention to the annotations. The List is Implicit and the Coins class will be shown as "coins".
The output will be:
&type&Gold&/type&
&type&Silver&/type&
&type&Bronze&/type&
It's not the same you asked for, but there is a reason.
At first, coin have only one attribute, but we are not sure if all objects you want to show do have only one attribute too. So, we need to tell which object attribute we are talking about.
You can also show the Coin attributes as XML Attributes, not fields. As follows:
@XStreamAlias("coin")
public class Coin {
@XStreamAsAttribute
Coin(String type) {
this.type =
Here is the output:
&coin type="Gold"/&
&coin type="Silver"/&
&coin type="Bronze"/&
Hope it helps.
1,65811332
This isn't an ideal solution, as it requires a separate wrapper class, but you could do something like this:
public class CoinResponse {
private List&Coin& coinL
public CoinResponse(List&Coin& coinList) {
this.coinList = coinL
public List&Coin& getCoins() {
return this.coinL
And here's the ugly part:
List&Coin& coins = Arrays.asList( new Coin(), new Coin(), new Coin());
CoinResponse response = new CoinResponse(coins);
XStream xstream = new XStream();
xstream.alias( "coins", CoinResponse.class );
xstream.addImplicitCollection( CoinResponse.class, "coinList" );
System.out.println(xstream.toXML(response));
Basically, this is telling Xstream to use "coins" when converting the CoinResponse, and then don't use any name at all for the list itself.
@XStreamAlias("coins")
public class Coins {
@XStreamImplicit(itemFieldName="coin")
List&String& coins = new ArrayList&String&();
20.9k84262
Your Answer
Sign up or
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Post as a guest
By posting your answer, you agree to the
Not the answer you're looking for?
Browse other questions tagged
Stack Overflow works best with JavaScript enabled