Posts

前言：信息安全=技术+管理 信息安全不止于数字信息，还包含实体信息； 信息安全，不仅要求能够防患未然，而且在问题发生时要求能够处理。 信息安全三元素：CIA，额外的三个元素AAA 什么是Hash? Hash 用于防篡改，用于做快照，通过hash算法生成指定长度的唯一串。eg: 通过爬取网页内容生成hash,来判断网站内容是否更新 //这里了解一下相关的hash算法 非对称加密： 两种情况：1.用公钥加密 2.用私钥进行签名 用途：前者是为了对内容本身进行加密，后者是为了进行数字签名（目的是防止内容本身被篡改） 过程： 使用公钥（对内容加密）：发送方使用公钥对内容加密后，接收方使用发送方的私钥进行解密。 使用私钥（对内容进行签名）: 发送方：先对内容进行Hash(目的是生成固定长度的串)，再通过私钥进行数字签名，将得到的签名值附在内容的尾部 接收方：使用公钥对签名进行处理，得到原始的内容Hash, 同时对内容生成hash,比对二者是否相等，最终判断内容是否被篡改 新时期，新风险：大算力暴力破解加密信息，在信息失去时效性前得到明文。 以下是AI扩展内容 信息安全导论：核心概念与基础技术 前言：信息安全是一个涵盖广泛的领域，其有效性建立在技术与管理的紧密结合之上。它不仅关乎数字信息的安全，也包含实体信息（如纸质文件、设备）的保护。一个健全的信息安全体系不仅要能防患于未然，还必须在安全事件发生时具备有效的响应与处理能力。 信息安全的核心基石：CIA 三元组与 AAA 信息安全的目標通常围绕三个核心原则，即 CIA 三元组： 保密性 (Confidentiality)：确保信息不被未授权的用户、实体或进程访问或泄露。 完整性 (Integrity)：保护数据免受未授权的篡改或破坏，确保数据的准确性和可靠性。 可用性 (Availability)：确保授权用户在需要时可以可靠地访问信息和相关资产。 此外，还有三个至关重要的支撑性元素，常被称为 AAA： 认证 (Authentication)：验证用户、系统或实体的身份是否属实。（“你是你说的人吗？”） 授权 (Authorization)：决定通过认证的主体拥有哪些访问权限和操作权限。（“你被允许做什么？”） 可审计性 (Accounting / Auditing)：记录和审查用户及系统的活动日志，用于追踪、取证和合规性检查。（“你做了什么？”） 什么是哈希（Hash）？ 哈希（Hash），或称散列，是一种将任意长度的输入（如消息、文件）通过哈希算法转换成固定长度、唯一（或近乎唯一）的输出串的函数。这个输出串称为哈希值或消息摘要。 核心特性： 确定性：相同的输入永远产生相同的哈希值。 快速计算：能快速计算出任意输入的哈希值。 单向性：从哈希值极难（在计算上不可行）反推出原始输入。 抗碰撞性：极难找到两个不同的输入得到相同的哈希值。 雪崩效应：输入的微小变化会导致哈希值发生巨大且不可预测的变化。 用途： 防篡改：正如您笔记中所说，这是哈希最主要的用途之一。例如，软件下载站会提供文件的哈希值。用户下载文件后可以自行计算其哈希值并与官网提供的进行比对，若不一致，则说明文件可能在传输过程中被篡改或损坏。 快照与验证：用于检测数据变化。您的例子非常贴切：爬虫程序定期对网页内容生成哈希并存储。下一次爬取时，只需计算新内容的哈希并与旧值对比，即可高效判断网页内容是否更新，而无需比对整个网页内容。 密码存储：系统通常不直接存储用户密码明文，而是存储其哈希值。用户登录时，系统对输入的密码再次进行哈希计算，并与存储的哈希值比对。这样即使数据库泄露，攻击者也无法直接获得用户的明文密码。 区块链与数字货币：构成了区块链技术的基石，用于连接区块和保证交易记录的不可篡改性。 常见哈希算法： MD5：产生128位哈希值。因其抗碰撞性已被攻破，不再推荐用于安全目的，但仍可用于简单的完整性校验。 SHA-1：产生160位哈希值。同样存在安全性弱点，已被大多数安全应用淘汰。 SHA-2 家族：包括 SHA-256、SHA-384、SHA-512 等，是目前广泛使用的安全哈希算法。 SHA-3：最新的哈希标准，设计上与SHA-2不同，提供了另一种选择。 非对称加密（公钥密码学） 非对称加密使用一对 mathematically related 的密钥：一个公钥 (Public Key) 和一个私钥 (Private Key)。公钥可以公开给任何人，而私钥必须由所有者严格保密。正如您所指出的，其应用主要分为两种情况： ...

策略选取：powershell函数 之前情况：创建文章需要切换到hugo目录，再用hugo命令，发布网站则需要3个git命令。 改善之后：创建文章： np ‘文章名’ ； 发布网站： 一、创建文章： 1. 创建powershell配置文件 1 2 3 4 5 6 7 8 # 检查配置文件是否存在 Test-Path $PROFILE # 如果返回 False，创建配置文件 if (!(Test-Path $PROFILE)) { New-Item -Type File -Path $PROFILE -Force Write-Host "已创建 PowerShell 配置文件" -ForegroundColor Green } 2. 记事本打开文件并复制函数 1 2 # 用记事本打开配置文件 notepad $PROFILE PowerShell的函数 a.中文版：存在shell编码与函数编码不一致问题（前者中文编码，后者utf-8) 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 function New-Post { param( [Parameter(Mandatory=$true)] [string]$Title ) # 保存当前目录 $currentLocation = Get-Location try { # 设置网站路径(!!!!!! hugo网站的根目录) $websitePath = "C:\Users\amebo\MyFreshWebsite" # 检查目录是否存在 if (-not (Test-Path $websitePath)) { Write-Host "错误：找不到目录 $websitePath" -ForegroundColor Red return } # 检查 Hugo 是否安装 if (-not (Get-Command hugo -ErrorAction SilentlyContinue)) { Write-Host "错误：未找到 hugo 命令" -ForegroundColor Red return } # 切换到网站目录并创建文章（！！！！核心操作：创建md） Set-Location $websitePath Write-Host "正在创建文章: $Title..." -ForegroundColor Yellow hugo new "posts/$Title.md" if ($LASTEXITCODE -eq 0) { Write-Host "成功创建文章：posts/$Title.md" -ForegroundColor Green } else { Write-Host "创建文章失败" -ForegroundColor Red } } finally { # 返回原始目录 Set-Location $currentLocation } } # 设置别名 Set-Alias -Name newpost -Value New-Post Set-Alias -Name np -Value New-Post Write-Host "New-Post 函数已加载！使用方法: np `"文章名称`"" -ForegroundColor Green b. 英文版：不存在编码问题 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 # 1. 创建英文版本的函数内容 $englishContent = @' function New-Post { param( [Parameter(Mandatory=$true)] [string]$Title ) $current = Get-Location $websitePath = "C:\Users\amebo\MyFreshWebsite" if (-not (Test-Path $websitePath)) { Write-Host "Error: Directory not found" -ForegroundColor Red return } if (-not (Get-Command hugo -ErrorAction SilentlyContinue)) { Write-Host "Error: hugo not found" -ForegroundColor Red return } Set-Location $websitePath Write-Host "Creating post: $Title..." -ForegroundColor Yellow hugo new "posts/$Title.md" if ($LASTEXITCODE -eq 0) { Write-Host "Success: posts/$Title.md created" -ForegroundColor Green } else { Write-Host "Failed to create post" -ForegroundColor Red } Set-Location $current } Set-Alias np New-Post Set-Alias newpost New-Post Write-Host "New-Post function loaded. Use: np `"PostTitle`"" -ForegroundColor Green '@ # 2. 保存到配置文件（使用ASCII编码） $englishContent | Out-File -FilePath $PROFILE -Encoding ASCII # 3. 重新加载配置文件 . $PROFILE 效果： ...

Everyone who was ever a guest of Theodore Roosevelt was astonished at the range and diversity of his knowledge. Whether his visitor was a cowboy or a Rough Rider, a New York politician or a diplomat, Roosevelt knew what to say. And how was it done? The answer was simple. Whenever Roosevelt expected a visitor, he sat up late the night before, reading up on the subject in which he knew his guest was particularly interested. For Roosevelt knew, as all leaders know, that the royal road to a person’s heart is to talk about the things he or she treasures most. The genial William Lyon Phelps, essayist and professor of literature at Yale, learned this lesson early in life. “When I was eight years old and was spending a weekend visiting my Aunt Libby Linsley at her home in Stratford on the Housatonic,” he wrote in his essay on Human Nature, “a middle-aged man called one evening, and after a polite skirmish with my aunt, he devoted his attention to me. At that time, I happened to be excited about boats, and the visitor discussed the subject in a way that seemed to me particularly interesting. After he left, I spoke of him with enthusiasm. What a man! My aunt informed me he was a New York lawyer, that he cared nothing whatever about boats—that he took not the slightest interest in the subject. ‘But why then did he talk all the time about boats?’ “‘Because he is a gentleman. He saw you were interested in boats, and he talked about the things he knew would interest and please you. He made himself agreeable.’” And William Lyon Phelps added, “I never forgot my aunt’s remark.” As I write this chapter, I have before me a letter from Edward L. Chalif, who was active in Boy Scout work. “One day I found I needed a favor,” wrote Mr. Chalif. “A big Scout jamboree was coming off in Europe, and I wanted the president of one of the largest corporations in America to pay the expenses of one of my boys for the trip. “Fortunately, just before I went to see this man, I heard that he had drawn a check for a million dollars, and that after it was canceled, he had had it framed. “So the first thing I did when I entered his office was to ask to see the check. A check for a million dollars! I told him I never knew that anybody had ever written such a check, and that I wanted to tell my boys that I had actually seen a check for a million dollars. He gladly showed it to me; I admired it and asked him to tell me all about how it happened to be drawn.” You notice, don’t you, that Mr. Chalif didn’t begin by talking about the Boy Scouts, or the jamboree in Europe, or what it was he wanted? He talked in terms of what interested the other man. Here’s the result: “Presently, the man I was interviewing said, ‘Oh, by the way, what was it you wanted to see me about?’ So I told him. “To my vast surprise,” Mr. Chalif continues, “he not only granted immediately what I asked for, but much more. I had asked him to send only one boy to Europe, but he sent five boys and myself, gave me a letter of credit for a thousand dollars and told us to stay in Europe for seven weeks. He also gave me letters of introduction to his branch presidents, putting them at our service, and he himself met us in Paris and showed us the town. ...

Docker 配置数据源和中间件 1 docker-compose up -d mysql redis 命令组成： docker-compose：调用容器编排工具 up：核心操作指令，会根据配置文件创建/重建容器 -d：表示以分离模式（后台）运行‌ 执行流程： 首先检查当前目录下的docker-compose.yml文件 创建所需的网络和存储卷 按依赖顺序启动MySQL和Redis容器‌ 1 docker exec bs-blog-mysql mysqladmin ping -h localhost -u root -p123456 命令结构： docker exec：在运行中的容器内执行命令 bs-blog-mysql：目标容器名称 mysqladmin ping：MySQL管理工具的健康检查指令 -h localhost：指定连接本地MySQL实例 -u root：使用root账户连接 -p123456：指定数据库密码 预期响应： 若服务正常会返回 mysqld is alive 若连接失败可能返回 Access denied 或连接超时错误

全局异常处理 通过创建一个基础异常类,该类继承运行时异常, 1 2 3 4 5 6 7 8 9 10 11 12 13 /** * 业务异常 */ public class BaseException extends RuntimeException { public BaseException() { } public BaseException(String msg) { super(msg); } } 而项目中所有业务异常都继承该基础异常类（BaseException） 一个全局异常处理器，处理BaseException，业务流程中抛出的异常，经过该全局异常处理器的捕捉，最后通过一个统一的结果对象返回给前端 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 /** * 全局异常处理器，处理项目中抛出的业务异常 */ @RestControllerAdvice @Slf4j public class GlobalExceptionHandler { /** * 捕获业务异常 * @param ex * @return */ @ExceptionHandler public Result exceptionHandler(BaseException ex){ log.error("异常信息：{}", ex.getMessage()); return Result.error(ex.getMessage()); } } 统一的返回结果类Result，定义了重载的success静态方法（分别对应有无返回数据），和一个静态error方法。 ...