You can use the CloudWatch console to graph metric data generated by AWS services and your applications. Now, you can zoom into a shorter time period such as one minute or five minutes while viewing the metric graph at a longer interval.
Once zoomed, you can also pan the metric graph across your selected interval, but at a zoomed detail level.
像是這份文件裡提到 Amazon DNS Server 一定會在 VPC 的 base 位置加二 (舉例來說，10.0.0.0/16 的 VPC，Amazon DNS Server 會在 10.0.0.2)：
Amazon DNS Server The Amazon DNS Server in a VPC provides full public DNS resolution, with additional resolution for internal records for the VPC and customer-defined Route 53 private DNS records.4 The AmazonProvidedDNS maps to a DNS server running on a reserved IP address at the base of the VPC network range, plus two. For example, the DNS Server on a 10.0.0.0/16 network is located at 10.0.0.2. For VPCs with multiple CIDR blocks, the DNS server IP address is located in the primary CIDR block.
When you create a VPC, we automatically create a set of DHCP options and associate them with the VPC. This set includes two options: domain-name-servers=AmazonProvidedDNS, and domain-name=domain-name-for-your-region. AmazonProvidedDNS is an Amazon DNS server, and this option enables DNS for instances that need to communicate over the VPC's Internet gateway. The string AmazonProvidedDNS maps to a DNS server running on a reserved IP address at the base of the VPC IPv4 network range, plus two. For example, the DNS Server on a 10.0.0.0/16 network is located at 10.0.0.2. For VPCs with multiple IPv4 CIDR blocks, the DNS server IP address is located in the primary CIDR block.
另外也還是有些東西在官方的說明文件內沒看過，像是講到 Elastic Network Interface (ENI) 對 Amazon DNS Server 是有封包數量限制的；這點我沒在官方文件上找到，明顯在量太大的時候會中獎，然後開 Support Ticket 才會發現的啊 XDDD：
Each network interface in an Amazon VPC has a hard limit of 1024 packets that it can send to the Amazon Provided DNS server every second.
Secondary DNS in a VPC，直接用程式抄一份到 Amazon Route 53 上，這樣 Amazon DNS Server 就可以直接看到了，這也是 AWS 在一般情況下比較推薦的作法。
Highly Distributed Forwarders，每台 instance 都跑 Unbound，然後針對不同的 domain 導開，這樣可以有效避開單一 ENI 對 Amazon DNS Server 的封包數量限制，但缺點是這樣的設計通常會需要像是 Puppet 或是 Chef 之類的軟體管理工具才會比較好設定。
Zonal Forwarders Using Supersede，就是在上面架設一組 Unbound 伺服器集中管理，透過 DHCP 設定讓 instance 用。但就要注意量不能太大，不然 ENI 對 Amazon DNS Server 的限制可能會爆掉 XD
The popularity of flat design in digital interfaces has coincided with a scarcity of signifiers. Many modern UIs have ripped out the perceptible cues that users rely on to understand what is clickable.
After reading this discussion, my current conclusion is that we've totally misunderstood the impact of the attack, and that the security of our bittorrent downloads is still good enough. So I propose we revert to what we did before the 2.12 release, i.e. ship Torrents, for the foreseeable future when 2nd pre-image attacks are not realistic yet.
回到 Tails 3.0 本身，其中比較大的改變是放棄了 32bits 的支援：
Tails 3.0 works on 64-bit computers only and not on 32-bit computers anymore.
After you set it up in your data center or in the cloud, your configured buckets will be available as NFS mount points. Your application simply reads and writes files and directories over NFS; behind the scenes, the gateway turns these operations into object-level requests on your S3 buckets, where they are accessible natively (one S3 object per file).
Android Marshmallow introduces a redesigned application permission model: there are now only eight permission categories, and applications are no longer automatically granted all of their specified permissions at installation time. An opt-in system is now used, in which users are prompted to grant or deny individual permissions (such as the ability to access the camera or microphone) to an application when they are needed for the first time. Applications remember the grants, which can be revoked by the user at any time.