Java serialization technology is about to be abolished!!!

Our object is not just in memory, it needs to be transferred to the network, or it is saved for the next load, so Java serialization technology is required. The Java serialization technique is the transformation of an object into an array of binary bytes, which can be persisted by saving the binary data to a disk or a transport network, and the disk or network receiver can deserialize the object of the class on the template of the object's generic class.

If you're not familiar with the Java serialization Technology, read the article "about what you should know about Java serialization" in detail.

Oracle now plans to abolish the antiques in Java-serialization technology, because it brings many serious security issues (such as serialization of storage security, deserialization security, transport security, etc.), according to statistics, at least 3 per 1 of the vulnerability is serialized, which is also 1997 A huge mistake in the serialization technology of the Birth of the year.

, serialization technology is now ubiquitous in Java applications, especially today's persistence frameworks and distributed technologies that require serialization to transmit objects such as Hibernate, Mybatis, Java RMI, Dubbo, etc. That is, the use of serialization technology is unavoidable for objects to be stored or transmitted, so the removal of serialization technology will be a long-term plan.

It is learnt that in the future Java version, there will be a mini-serialization framework to replace the current antique serialization technology. This new framework will enable developers to value the serialization engine and support the serialization of objects in a more secure way, such as JSON and XML formats.

Serialization technology has been developed since Java has been 20 years, but there is no improvement and breakthrough. And because of its easy-to-use approach, it brings a number of security vulnerabilities to Java applications. Now that the Oracle release is getting faster and quicker, let's see more of the serialization technology evolution in the new version!

Java serialization Rebirth, Java will be immortal! This time, we thank Turing Education Press for sponsoring 8 of the 84-yuan "Ming-java" free to our fans, want to learn more about the steady Java, we will be able to win.

This book, illustrated by illustrations, is rich in examples, with 284 charts and 258 sections of code that explain the basics from Java to object-oriented programming, involving variables, branches, loops, basic data types and operations, arrays, methods, classes, packages, interfaces, characters and strings, exception handling, and so on. The programs that appear in the book include guessing games, scissors games, mental arithmetic training, and so on, allowing readers to learn happily.

The rules for sending the book are as follows.

1. What would you do if you were to design a secure serialization technology? Welcome Message! We will elect 4 wonderful message users to send books, the number of wall is limited, irrelevant to the topic and random messages will not be selected.

2, there are 4 of Java technology stack from the knowledge of the planet to send out, there is a desire to deepen the learning of Java technology friends can join the Java technology Stack planet. There is no free lunch, and the opportunity is reserved for those who are prepared to pay.

Closing Time: 2018/06/03 18:00

This event is required to be part of our public number correspondence article.

Java serialization technology is about to be abolished!!!