NOD32

NOD32 is an antivirus package made by the Slovak company Eset. Versions are available for Microsoft Windows, Linux, FreeBSD, and other platforms. Remote administration tools for multiuser installations are also available at extra cost. A NOD32 Enterprise Edition is available that consists of NOD32 AntiVirus and NOD32 Remote Administrator. The NOD32 Remote Administrator program allows a network administrator to monitor anti-virus functions, push installations and upgrades to unprotected PCs on the network, and update configuration files from a central location.

History

NOD32 was born in the early 1990s when computer viruses were becoming increasingly prevalent.

Initially the program gained popularity with IT workers in Eastern European countries, as Eset was based in Slovakia. Though the program's abbreviation was originally pronounced as individual letters, recent worldwide use of the program has led to the more common single-word pronunciation, sounding like the English word "nod".

Current versions of NOD32 are very different from the original NOD software. Several generations of the program have been developed as a response to a rapidly changing attack pattern by increasingly complex viruses. The program, now for both 32-bit and 64-bit systems^[, is known as NOD32, replacing the older 16-bit flagship product, NOD-ICE.

Naming

At the time of its creation, the popular television program Nemocnica na Okraji Mesta, or "Hospital at the Edge of the City" was broadcasting on many European television networks. Early viruses often targeted hard disk boot sectors, located near the edge of the disk. As a pun, the program's creators named their new anti-virus program the "Nemocnica na Okraji Disku", "Hospital at the Edge of the Disk", giving it the initials NOD.

Technical information

NOD32 consists of an on-demand scanner and four different real-time monitors. The on-demand scanner (somewhat confusingly referred to as NOD32) can be invoked by the scheduler or by the user. Each real-time monitor covers a different virus entry point:

• AMON (Antivirus MONitor) - scans files as they are accessed by the system, preventing a virus from executing on the system.

• DMON (Document MONitor) - scans Microsoft Office documents and files for macro viruses as they are opened and saved by Office applications.

• IMON (Internet MONitor) - intercepts traffic on common protocols such as POP3 and HTTP to detect and intercept viruses before they are saved to discs.

• EMON (E-mail MONitor) - An auxiliary module for scanning incoming/outgoing e-mails via the MAPI interface, such as Microsoft Outlook and Microsoft Exchange.

• XMON (MS eXchange MONitor) - scans incoming and outgoing mail when NOD32 is running and licensed for Microsoft Exchange Server - ie, running on a server environment. This module is not present on workstations at all.

NOD32 AMON Virus Detection Alert

NOD32 is written largely in assembly code , which contributes to its low use of system resources and scanning speed. NOD32 can process more than 23MB per second while scanning on a P4 based PC and, on average, uses less than 20MB of memory in total. The physical RAM used is often just a third of that.

According to a 2005 Virus Bulletin test, NOD32 performs scans two to five times faster than other antivirus competitors.

In a networked environment NOD32 clients can update from a central "mirror server" on the network, reducing bandwidth usage since new definitions need only be downloaded once by the mirror server as opposed to once for each client.

In addition to signature files, NOD32's scan engine uses heuristic detection (called "ThreatSense" by Eset) to provide better protection against newly released viruses.

Future Development

Screenshot of NOD32 v3 (Beta 2)

Eset has released beta versions of a new version (version 3) of NOD32 Anti-Virus. NOD32 Version 3 will include a redesigned graphical interface, intended to be more user friendly.

Eset Smart Security

Eset is also currently in the beta stages of developing an internet security suite, called Eset Smart Security. Eset Smart Security is intended to compete with other internet security suites, such as Norton Internet Security and Kaspersky Internet Security.

Eset Smart Security is planned to include the following features:

• NOD32 Anti-Virus engine (the next version of Eset's anti-malware engine (NOD32 v3.0))
• Firewall (with port stealthing and advanced filtering features)
• Anti-Spam (filtering with Bayesian filter, whitelisting and blacklisting)

Antivirus software

Antivirus software consists of computer programs that attempt to identify, thwart and eliminate computer viruses and other malicious software (malware).

Antivirus software typically uses two different techniques to accomplish this:

• Examining (scanning) files to look for known viruses matching definitions in a virus dictionary
• Identifying suspicious behavior from any computer program which might indicate infection. Such analysis may include data captures, port monitoring and other methods.

Most commercial antivirus software uses both of these approaches, with an emphasis on the virus dictionary approach.

Approaches

Dictionary

In the virus dictionary approach, when the antivirus software looks at a file, it refers to a dictionary of known viruses that the authors of the antivirus software have identified. If a piece of code in the file matches any virus identified in the dictionary, then the antivirus software can take one of the following actions:

1. attempt to repair the file by removing the virus itself from the file
2. quarantine the file (such that the file remains inaccessible to other programs and its virus can no longer spread)
3. delete the infected file

To achieve consistent success in the medium and long term, the virus dictionary approach requires periodic (generally online) downloads of updated virus dictionary entries. As civically minded and technically inclined users identify new viruses "in the wild", they can send their infected files to the authors of antivirus software, who then include information about the new viruses in their dictionaries.

Dictionary-based antivirus software typically examines files when the computer's operating system creates, opens, closes or e-mails them. In this way it can detect a known virus immediately upon receipt. Note too that a System Administrator can typically schedule the antivirus software to examine (scan) all files on the computer's hard disk on a regular basis.

Although the dictionary approach can effectively contain virus outbreaks in the right circumstances, virus authors have tried to stay a step ahead of such software by writing "oligomorphic", "polymorphic" and more recently "metamorphic" viruses, which encrypt parts of themselves or otherwise modify themselves as a method of disguise, so as to not match the virus's signature in the dictionary.

Suspicious behavior

The suspicious behavior approach, by contrast, doesn't attempt to identify known viruses, but instead monitors the behavior of all programs. If one program tries to write data to an executable program, for example, the antivirus software can flag this suspicious behavior, alert a user and ask what to do.

Unlike the dictionary approach, the suspicious behavior approach therefore provides protection against brand-new viruses that do not yet exist in any virus dictionaries. However, it can also sound a large number of false positives, and users probably become desensitized to all the warnings. If the user clicks "Accept" on every such warning, then the antivirus software obviously gives no benefit to that user. This problem has worsened since 1997^{[citation needed]}, since many more nonmalicious program designs came to modify other .exe files without regard to this false positive issue. Thus, most modern antivirus software uses this technique less and less.

Other approaches

Some antivirus software use other types of heuristic analysis. For example, it could try to emulate the beginning of the code of each new executable that the system invokes before transferring control to that executable. If the program seems to use self-modifying code or otherwise appears as a virus (if it immediately tries to find other executables, for example), one could assume that a virus has infected the executable. However, this method could result in a lot of false positives.

Yet another detection method involves using a sandbox. A sandbox emulates the operating system and runs the executable in this simulation. After the program has terminated, software analyzes the sandbox for any changes which might indicate a virus. Because of performance issues, this type of detection normally only takes place during on-demand scans. Also this method may fail as viruses can be nondeterministic and result in different actions or no actions at all done when run - so it will be impossible to detect it from one run.

Some virus scanners can also warn a user if a file is likely to contain a virus based on the file type.

An emerging technique to deal with malware in general is whitelisting. Rather than looking for only known bad software, this technique prevents execution of all computer code except that which has been previously identified as trustworthy by the system administrator. By following this default deny approach, the limitations inherent in keeping virus signatures up to date are avoided. Additionally, computer applications that are unwanted by the system administrator are prevented from executing since they are not on the whitelist. Since modern enterprise organizations have large quantities of trusted applications, the limitations of adopting this technique rest with the system administrators' ability to properly inventory and maintain the whitelist of trusted applications. As such, viable implementations of this technique include tools for automating the inventory and whitelist maintenance processes.

Issues of concern

• The ongoing writing and spreading of viruses and of panic about them gives the vendors of commercial antivirus software a financial interest in the ongoing existence of viruses. Some theorize that antivirus companies have financial ties to virus writers, to generate their own market, though there is currently no evidence for this.
• Some antivirus software can considerably reduce performance. Users may disable the antivirus protection to overcome the performance loss, thus increasing the risk of infection. For maximum protection the antivirus software needs to be enabled all the time — often at the cost of slower performance (see also software bloat).
• It is important to note that one should not have more than one antivirus software installed on a single computer at any given time. This can seriously cripple the computer and cause further damage.
• It is sometimes necessary to temporarily disable virus protection when installing major updates such as Windows Service Packs or updating graphics card drivers.^{[citation needed]} Having antivirus protection running at the same time as installing a major update may prevent the update installing properly or at all.
• When purchasing antivirus software, the agreement may include a clause that your subscription will be automatically renewed, and your credit card automatically billed at the renewal time without your approval. For example, McAfee requires one to unsubscribe at least 60 days before the expiration of the present subscription.^{[citation needed]} In that case, the subscriber may contest the charges with the credit card issuer, but this recourse is likely to fail if in fact the subscriber had authorised such a "continuous payment authority".
• Some antivirus programmes are actually spyware masquerading as antivirus software. It is best to double-check that the antivirus software which is being downloaded is actually a real antivirus program.
• Some commercial antivirus software programs contain adware. For example, the home/small business version of CA Anti-Virus 2008 displays an advert for CA products whenever the desktop is unlocked after a period of inactivity.

Antivirus, mobile devices and innovative solutions

It would be no surprise when viruses that plague the desktop and laptop world quickly migrate to mobile devices. More and more vendors in this space are offering solutions to combat secure mobile handsets with antivirus solutions. Mobile devices present significant challenges for antivirus software, such as:

• Processor Constraints
• Memory Constraints
• Definitions and new signature updates to these mobile handsets

SIM, flash based and USB based antivirus products

Mobile handsets are now offered with a variety of interfaces and data connection capabilities. Consumers should carefully evaluate security products before deploying on small form factor devices.

Solutions that are hardware-based, perhaps USB devices or SIM-based antivirus solutions, might work better in meeting the needs of mobile handset consumers. Technical evaluation and review on how deploying an antivirus solution on cellular mobile handsets should be considered as scanning process might impact other legitimate applications on the handheld.

SIM-based solutions with antivirus integrated on the small memory footprint might provide a basic solution to combat malware/viruses in protecting PIM and mobile user data. USB and Flash memory-based solutions give the user an advantage to swap and use these products with a range of hardware devices.

History

There are competing claims for the innovator of the first antivirus product. Perhaps the first publicly known neutralization of a wild PC virus was performed by European Bernt Fix (also Bernd) in early 1987. Fix neutralized an infection of the Vienna virus. First edition of Polish antivirus software mks_vir started in 1987. Program was only available in Polish language version. Fall 1988 also saw antivirus software Dr. Solomon's Anti-Virus Toolkit released by Briton Alan Solomon. By December 1990 the market had matured to the point of nineteen separate antivirus products being on sale including Norton AntiVirus and ViruScan from McAfee.

Peter Tippett made a number of contributions to the budding field of virus detection.^{[citation needed]} He was an emergency room doctor who also ran a computer software company. He had read an article about the Lehigh virus and questioned whether they would have similar characteristics to biological viruses that attack organisms. From an epidemiological viewpoint, he was able to determine how these viruses were affecting systems within the computer (the boot-sector was affected by the Brain virus, the .com files were affected by the Lehigh virus, and both .com and .exe files were affected by the Jerusalem virus). Tippett’s company Certus International Corp. then began to create anti-virus software programs. The company was sold in 1992 to Symantec Corp, and Tippett went to work for them, incorporating the software he had developed into Symantec’s product, Norton AntiVirus.^{[citation needed]}

A very uncommon use of the term "antivirus" is to apply it to benign viruses that spread and combated malicious viruses. This was common on the Amiga computer platform.^{[citation needed]}

Random Access Memory

Random access memory (usually known by its acronym, RAM) is a type of data storage used in computers. It takes the form of integrated circuits that allow the stored data to be accessed in any order — that is, at random and without the physical movement of the storage medium or a physical reading head. RAM is a volatile memory as the information or instructions stored in it will be lost if the power is switched off.

The word "random" refers to the fact that any piece of data can be returned in a constant time, regardless of its physical location and whether or not it is related to the previous piece of data.This contrasts with storage mechanisms such as tapes, magnetic discs and optical discs, which rely on the physical movement of the recording medium or a reading head. In these devices, the movement takes longer than the data transfer, and the retrieval time varies depending on the physical location of the next item.

Terminology

A 1GB DDR RAM memory

Originally, RAM referred to a type of solid-state memory, and the majority of this article deals with that, but physical devices which can emulate true RAM (or, at least, are used in a similar way) can have "RAM" in their names: for example, DVD-RAM.

RAM is usually writable as well as readable, so "RAM" is often used interchangeably with "read-write memory". The alternative to this is "ROM", or Read Only Memory. Most types of RAM lose their data when the computer powers down. "Flash memory" is a ROM/RAM hybrid that can be written to, but which does not require power to maintain its contents. RAM is not strictly the opposite of ROM, however. The word random indicates a contrast with serial access or sequential access memory.

"Random access" is also the name of an indexing method: hence, disk storage is often called "random access" because the reading head can move relatively quickly from one piece of data to another, and does not have to read all the data in between. However the final "M" is crucial: "RAM" (provided there is no additional term as in "DVD-RAM") always refers to a solid-state device.

Many CPU-based designs actually have a memory hierarchy consisting of registers, on-die SRAM caches, DRAM, paging systems, and virtual memory or swap space on a hard-drive. This entire pool of memory may be referred to as "RAM" by many developers, even though the various subsystems can have very different access times, violating the original concept behind the "random access" term in RAM. Even within a hierarchy level such as DRAM, the specific row/column/bank/rank/channel/interleave organization of the components make the access time variable, although not to the extent that rotating storage media or a tape is variable.

Overview

The key benefit of RAM over types of storage which require physical movement is that retrieval times are short and consistent. Short because no physical movement is necessary, and consistent because the time taken to retrieve a piece of data does not depend on its current distance from a physical head; it requires practically the same amount of time to access any piece of data stored in a RAM chip. Most other technologies have inherent delays for reading a particular bit or byte. The disadvantage of RAM over physically moving media is cost, and the loss of data when power is turned off.

Because of this speed and consistency, RAM is used as 'main memory' or primary storage: the working area used for loading, displaying and manipulating applications and data. In most personal computers, the RAM is not an integral part of the motherboard or CPU—it comes in the easily upgraded form of modules called memory sticks or RAM sticks about the size of a few sticks of chewing gum. These can quickly be removed and replaced should they become damaged or too small for current purposes. A smaller amount of random-access memory is also integrated with the CPU, but this is usually referred to as "cache" memory, rather than RAM.

Modern RAM generally stores a bit of data as either a charge in a capacitor, as in dynamic RAM, or the state of a flip-flop, as in static RAM. Some types of RAM can detect or correct random faults called memory errors in the stored data, using RAM parity and error correction codes.

Many types of RAM are volatile, which means that unlike some other forms of computer storage such as disk storage and tape storage, they lose all data when the computer is powered down. For these reasons, nearly all PCs use disks as "secondary storage". Small PDAs and music players (up to 8 GB in Jan 2007) may dispense with disks, but rely on flash memory to maintain data between sessions of use.

Software can "partition" a portion of a computer's RAM, allowing it to act as a much faster hard drive that is called a RAM disk. Unless the memory used is non-volatile, a RAM disk loses the stored data when the computer is shut down. However, volatile memory can retain its data when the computer is shut down if it has a separate power source, usually a battery.

If a computer becomes low on RAM during intensive application cycles, the computer can resort to so-called virtual memory. In this case, the computer temporarily uses hard drive space as additional memory. Constantly relying on this type of backup memory it is called thrashing, which is generally undesirable, as virtual memory lacks the advantages of RAM. In order to reduce the dependency on virtual memory, more RAM can be installed.

Recent developments

Currently, several types of non-volatile RAM are under development, which will preserve data while powered down. The technologies used include carbon nanotubes and the magnetic tunnel effect.

In summer 2003, a 128 KB magnetic RAM chip manufactured with 0.18 µm technology was introduced. The core technology of MRAM is based on the magnetic tunnel effect. In June 2004, Infineon Technologies unveiled a 16 MB prototype again based on 0.18 µm technology.

Nantero built a functioning carbon nanotube memory prototype 10 GB array in 2004.

In 2006, Solid state memory came of age, especially when implemented as "Solid state disks", with capacities exceeding 150 gigabytes and speeds far exceeding traditional disks. This development has started to blur the definition between traditional random access memory and disks, dramatically reducing the difference in performance.

Memory wall

The "memory wall" is the growing disparity of speed between CPU and memory outside the CPU chip. An important reason of this disparity is the limited communication bandwidth beyond chip boundaries. From 1986 to 2000, CPU speed improved at an annual rate of 55% while memory speed only improved at 10%. Given these trends, it was expected that memory latency would become an overwhelming bottleneck in computer performance.

Currently, CPU speed improvements have slowed significantly partly due to major physical barriers and partly because current CPU designs have already hit the memory wall in some sense. Intel summarized these causes in their Platform 2015 documentation (PDF):

“First of all, as chip geometries shrink and clock frequencies rise, the transistor leakage current increases, leading to excess power consumption and heat (more on power consumption below). Secondly, the advantages of higher clock speeds are in part negated by memory latency, since memory access times have not been able to keep pace with increasing clock frequencies. Third, for certain applications, traditional serial architectures are becoming less efficient as processors get faster (due to the so-called Von Neumann bottleneck), further undercutting any gains that frequency increases might otherwise buy. In addition, resistance-capacitance (RC) delays in signal transmission are growing as feature sizes shrink, imposing an additional bottleneck that frequency increases don't address.”

The RC delays in signal transmission were also noted in Clock Rate versus IPC: The End of the Road for Conventional Microarchitectures which projects a maximum of 12.5% average annual CPU performance improvement between 2000 and 2014. The data on Intel Processors clearly shows a slowdown in performance improvements in recent processors. However, Intel's new processors, Core 2 Duo (codenamed Conroe) show a significant improvement over previous Pentium 4 processors; due to a more efficient architecture, performance increased while clock rate actually decreased.

DRAM packaging

For economic reasons, the large (main) memories found in personal computers, workstations, and non-handheld game-consoles (such as Playstation and Xbox) normally consists of dynamic RAM (DRAM). Other parts of the computer, such as cache memories and data buffers in hard disks, normally use static RAM (SRAM).

PC motherboard

A PC motherboard is a printed circuit board used in a personal computer. It is also known as the mainboard or planar board and occasionally abbreviated to mobo or MB. The term mainboard is also used for the main circuit board in this and other electronic devices.

A typical motherboard provides attachment points for one or more of the following: CPU, graphics card, sound card, hard disk controller, memory (RAM), and external peripheral devices. The connectors for external peripherals are nearly always color coded according to the PC 99 specification.

All of the basic circuitry and components required for a computer to function sit either directly on the motherboard or in an expansion slot of the motherboard or are connected with a cable. The most important component on a motherboard is the chipset. It often consists of two components or chips known as the Northbridge and Southbridge, though they may also be integrated into a single component. These chips determine, to an extent, the features and capabilities of the motherboard.

The remainder of this article discusses the state of the so-called "IBM compatible PC" motherboard in the early 2000s. It contains the chipset, which controls the operation of the CPU, the PCI, ISA, AGP, and PCI Express expansion slots, and (usually) the IDE/ATA controller as well. Most of the devices that can be attached to a motherboard are attached via one or more slots or sockets, although some modern motherboards support wireless devices using the IrDA, Bluetooth, or 802.11 (Wi-Fi) protocols.

CPU sockets

There are different slots and sockets for CPUs, and it is necessary for a motherboard to have the appropriate slot or socket for the CPU. Newer sockets, those with a three digit number, are named after the number of pins they contain. Older ones are simply named in the order of their invention, usually with a single digit.

Sockets supporting Intel processors

• Socket 6 - 80486DX4
• Socket 7 - Intel Pentium and Pentium MMX, AMD K6 and some Cyrix CPUs)
• Socket 8 - Intel Pentium Pro
• Slot 1 - Intel Pentium II, older Pentium III, and Celeron processors (233 MHz - 1.13 GHz)
• Slot 2 - Intel Xeon processors based on Pentium II/III cores
• Socket 370 - Celeron processors and newer Pentium IIIs (700 MHz - 1.4 GHz)
• Socket 423 - Intel Pentium 4 and Celeron processors (based on the Willamette core)
• Socket 478 - Intel Pentium 4 and Celeron processors (based on Northwood, Prescott, and Willamette cores)
• Socket 479 - Intel Pentium M and Celeron M processors (based on the Banias and Dothan cores)
• Socket M - Intel Core processors (based on the Yonah core)
• Socket 603 / 604 - Intel Xeon processors based on the Northwood and Willamette Pentium 4 cores
• Socket T / LGA 775 (Land Grid Array) - Intel Pentium 4, Core 2, and Celeron processors (based on Northwood, Prescott, Conroe, Kentsfield, and Cedar Mill cores)
• LGA 771 (Land Grid Array) - Intel Xeon Core 2, and based on Woodcrest cores

Sockets supporting AMD CPUs

• Slot A - or Socket 462 (aka Socket A) - newer AMD Athlon, Athlon XP, Sempron, and Duron processors
• Socket 754 - lower end AMD Athlon 64 and Sempron processors with single-channel memory support
• Socket 939 - AMD Athlon 64, AMD Athlon 64 FX, AMD Athlon 64 X2, and AMD Opteron processors with dual-channel memory support
• Socket 940 - AMD Opteron and early AMD Athlon FX processors
• Socket AM2 - Sempron, AMD Athlon 64, AMD Athlon 64 X2, AMD Athlon 64 FX and AMD Opteron (AMD Phenom?)
• Socket F - AMD Opteron and high-end AMD Athlon 64 FX

Peripheral card slots

There are usually a number of expansion card slots to allow peripheral devices and cards to be inserted. Each slot is compatible with one or more industry bus standards. Commonly available buses include: PCI (Peripheral Component Interconnect), PCI-X, AGP (Accelerated Graphics Port), and PCI Express.

ISA was the original bus for connecting cards to a PC. Despite significant performance limitations, it was not superseded by the more advanced but incompatible MCA (Micro Channel Architecture) (IBM's proprietary solution which appeared in their PS/2 series of computers and a handful of other models) or the equally advanced and backward-compatible EISA (Extended Industry Standard Architecture) bus. It endured as a standard feature in PCs till the end of the 20th century, aided first by the brief dominance of the VESA (Video Electronic Standards Association) extension during the reign of the 486 and later by the need to accommodate the large number of existing ISA peripheral cards. The more recent PCI bus is the current industry standard, which initially was a high-speed supplement to ISA for high-bandwidth peripherals (notably graphics cards, network cards, and SCSI host adaptors), and gradually replaced ISA as a general-purpose bus. An AGP slot is a high speed, single-purpose port designed solely for connecting high performance graphics cards (which produce video output) to the monitor. Both AGP and PCI buses are marked for replacement by PCI Express, although this is unlikely to happen prior to 2006 because of the large established base of AGP/PCI motherboards and add-in cards.

A typical motherboard of 1999 might have had one AGP slot, four PCI slots, and one (or two) ISA slots; since about 2002 the last ISA slots in new boards have been replaced with extra PCI slots. Sometimes an Advanced Communications Riser slot is used instead on less expensive motherboards.

As of 2001, most PCs also support Universal Serial Bus (USB) connections, and the controller and ports required for this are usually integrated onto the motherboard. An ethernet interface and a basic audio processor are now almost universally integrated into current motherboards as well.

Temperature and reliability

Generally, motherboards are air cooled with heat sinks on the larger chips such as the northbridge and CPU, and they have monitored sockets for case fans. Newer motherboards have integrated temperature sensors to detect motherboard and CPU temperatures, which can be used by the BIOS or Operating system to regulate fan speed. The removal of waste thermal energy became a major concern for workstation PCs around 2000, with the problem becoming more severe over time as computer systems continued to consume more and more power.

A study of the German c't computer magazine c't 2003, vol. 21 pg. 216-221 found that some spurious computer crashes and general reliability issues ranging from screen image distortions to I/O read/write errors can surprisingly be attributed not to software or peripheral hardware but to aging PC motherboards.

Motherboard voltage regulation uses electrolytic capacitors. These capacitors exhibit aging effects which depend on the temperature of the parts, since their water based electrolytes slowly evaporate leading to capacity loss and motherboard malfunctions due to voltage instabilities. While most capacitors are rated for 2000 hours at 105 °C (life formula ), their expected design life roughly doubles for every 10 °C below this. At 45 °C a lifetime of 15 years can be expected, which appears reasonable for a computer mainboard. In the past, many manufacturers delivered substandard capacitors, which would reduce this life expectancy figure. With inadequate case cooling this can become a serious problem. It is, however, possible to find and replace broken capacitors on PC mainboards. For more information on certain types of premature capacitor failure on PC motherboards, see capacitor plague.

Form factor

The motherboard fits into the computer case with screws or clips. There are many form factors, or sizes of motherboard. In general, it is necessary for the case, power supply, and motherboard to conform to the same standard in order for them to operate properly.

As new generations of components have been developed, the standards for motherboard design have changed too - for example with AGP being introduced, and more recently PCI Express. However the basic standardized size and layout of motherboard have changed much more slowly, and are controlled by their own standards. This is helped by the fact that in many ways, the list of components a motherboard must include changes far slower than the components themselves. For example, north bridge controllers have changed many times since their original introduction, with many manufacturers bringing out their own versions, but in terms of form factor standards, the requirement to allow for a north bridge has remained fairly static for many years.

Differences between form factors are most apparent in terms of their intended market sector, and involve variations in size, design compromises and typical features. Most modern computers have very similar requirements, so form factor differences tend to be based upon subsets and supersets of these. For example, a desktop computer may require more sockets for maximal flexibility and many optional connectors and other features on-board, whereas a computer to be used in a multimedia system may need to be optimized for heat and size, with additional plug-in cards being less common. The smallest motherboards may sacrifice CPU flexibility in favor of a fixed manufacturer's choice.

DVD

Size comparison: A 12 cm Sony DVD+RW and a 19 cm Dixon Ticonderoga pencil.

DVD (also known as "Digital Versatile Disc" and "Digital Video Disc") is a popular optical disc storage media format used for data storage. Its main uses are for movies, software, and data archiving. Most DVDs are of the same dimensions as compact discs (CDs) but store more than 6 times the data.

The term DVD is used in describing three ways that data is stored on the disks — DVD-ROM has data which can only be read and not written, DVD-R can be written once and then functions as a DVD-ROM, and DVD-RAM holds data that can be re-written multiple times.

DVD-Video and DVD-Audio discs respectively refer to properly formatted and structured video and audio content. Everything else, including other types of DVD discs with video content, is referred to as a DVD-Data disc. DVD is also used generically to refer to HD (High Density) video disc formats Blu-ray and HD DVD.

History

In the early 1990s two high-density optical storage standards were being developed; one was the MultiMedia Compact Disc, backed by Philips and Sony, and the other was the Super Density disc, supported by Toshiba, Time Warner, Matsushita Electric, Hitachi, Mitsubishi Electric, Pioneer, Thomson, and JVC. IBM's president, Lou Gerstner, acting as a matchmaker, led an effort to unite the two camps behind a single standard, anticipating a repeat of the costly videotape format war between VHS, Betamax and Video 2000 in the 1980s.

Philips and Sony abandoned their MultiMedia Compact Disc and fully agreed upon Toshiba's SuperDensity Disc with only one modification, namely changing to EFMPlus modulation. EFMPlus was chosen as it has a great resilience against disc damage such as scratches and fingerprints. EFMPlus, created by Kees Immink, who also designed EFM, is 6% less efficient than the modulation technique originally used by Toshiba, which resulted in a capacity of 4.7 GB as opposed to the original 5 GB. The result was the DVD specification, finalized for the DVD movie player and DVD-ROM computer applications in December 1995. In May 1997, the DVD Consortium was replaced by the DVD Forum, which is open to all other companies.

Etymology

"DVD" was originally used as an initialism for the unofficial term "digital videodisk".It was reported in 1995, at the time of the specification finalization, that the letters officially stood for "digital versatile disc" (due to non-video applications),however, the text of the press release announcing the specification finalization only refers to the technology as "DVD", making no mention of what (if anything) the letters stood for.A newsgroup FAQ written by Jim Taylor (a prominent figure in the industry) claims that four years later, in 1999, the DVD Forum stated that the format name was simply the three letters "DVD" and did not stand for anything. The official DVD specification documents have never defined DVD. Usage in the present day varies, with "DVD", "Digital Video Disc", and "Digital Versatile Disc" all being common.

DVD-Video

DVD-Video is a standard for storing video content on DVD media. In the U.S., weekly DVD-Video rentals first out-numbered weekly VHS cassette rentals in June 2003, illustrating the rapid adoption rate of the technology in the marketplace.

Though many resolutions and formats are supported, most consumer DVD-Video disks use either 4:3 or 16:9 aspect ratio MPEG-2 video, stored at a resolution of 720×480 (NTSC) or 720×576 (PAL). Audio is commonly stored using the Dolby Digital (AC-3), Digital Theater System (DTS) formats, ranging from monaural to 5.1 channel "Surround Sound" presentations, and/or MPEG-1 Layer 2. Although the specifications for video and audio requirements vary by global region and television system, many DVD players support all possible formats. DVD-Video also supports features like menus, selectable subtitles, multiple camera angles, and multiple audio tracks.

DVD-Audio

DVD-Audio is a format for delivering high-fidelity audio content on a DVD. It offers many channel configuration options (from mono to 5.1 surround sound) at various sampling frequencies. Compared with the CD format, the much higher capacity DVD format enables the inclusion of either considerably more music (with respect to total running time and quantity of songs) or far higher audio quality (reflected by higher linear sampling rates and higher vertical bit-rates, and/or additional channels for spatial sound reproduction).

Despite DVD-Audio's superior technical specifications, there is debate as to whether the resulting audio enhancements are distinguishable to typical human ears. DVD-Audio currently forms a niche market, probably due to its dependency upon new and relatively expensive equipment.

Security

DVD-Audio discs employ a robust copy prevention mechanism, called Content Protection for Prerecorded Media (CPPM) developed by the 4C group (IBM, Intel, Matsushita, and Toshiba).

To date, CPPM has not been "broken" in the sense that DVD-Video's CSS has been broken, but ways to circumvent it have been developed. By modifying commercial DVD(-Audio) playback software to write the decrypted and decoded audio streams to the hard disk, users can, essentially, extract content from DVD-Audio discs much in the same way they can from DVD-Video discs.

Computer software

Computer software is a general term used to describe a collection of computer programs, procedures and documentation that perform some task on a computer system. The term includes application software such as word processors which perform productive tasks for users, system software such as operating systems, which interface with hardware to provide the necessary services for application software, and middleware which controls and co-ordinates distributed systems.

Terminology

The term "software" is sometimes used in a broader context to describe any electronic media content which embodies expressions of ideas such as film, tapes, records, etc.

Relationship to computer hardware

Computer software is so called in contrast to computer hardware, which encompasses the physical interconnections and devices required to store and execute (or run) the software. In computers, software is loaded into RAM and executed in the central processing unit. At the lowest level, software consists of a machine language specific to an individual processor. A machine language consists of groups of binary values signifying processor instructions (object code), which change the state of the computer from its preceding state. Software is an ordered sequence of instructions for changing the state of the computer hardware in a particular sequence. It is usually written in high-level programming languages that are easier and more efficient for humans to use (closer to natural language) than machine language. High-level languages are compiled or interpreted into machine language object code. Software may also be written in an assembly language, essentially, a mnemonic representation of a machine language using a natural language alphabet. Assembly language must be assembled into object code via an assembler.

The term "software" was first used in this sense by John W. Tukey in 1958 In computer science and software engineering, computer software is all computer programs. The concept of reading different sequences of instructions into the memory of a device to control computations was invented by Charles Babbage as part of his difference engine. The theory that is the basis for most modern software was first proposed by Alan Turing in his 1935 essay Computable numbers with an application to the Entscheidungsproblem.

Types

Practical computer systems divide software systems into three major classes: system software, programming software and application software, although the distinction is arbitrary, and often blurred.

• System software helps run the computer hardware and computer system. It includes operating systems, device drivers, diagnostic tools, servers, windowing systems, utilities and more. The purpose of systems software is to insulate the applications programmer as much as possible from the details of the particular computer complex being used, especially memory and other hardware features, and such accessory devices as communications, printers, readers, displays, keyboards, etc.
• Programming software usually provides tools to assist a programmer in writing computer programs and software using different programming languages in a more convenient way. The tools include text editors, compilers, interpreters, linkers, debuggers, and so on. An Integrated development environment (IDE) merges those tools into a software bundle, and a programmer may not need to type multiple commands for compiling, interpreter, debugging, tracing, and etc., because the IDE usually has an advanced graphical user interface, or GUI.
• Application software allows end users to accomplish one or more specific (non-computer related) tasks. Typical applications include industrial automation, business software, educational software, medical software, databases, and computer games. Businesses are probably the biggest users of application software, but almost every field of human activity now uses some form of application software. It is used to automate all sorts of functions.

Program and library

A program may not be sufficiently complete for execution by a computer. In particular, it may require additional software from a software library in order to be complete. Such a library may include software components used by stand-alone programs, but which cannot work on their own. Thus, programs may include standard routines that are common to many programs, extracted from these libraries. Libraries may also include 'stand-alone' programs which are activated by some computer event and/or perform some function (e.g., of computer 'housekeeping') but do not return data to their calling program. Programs may be called by one to many other programs; programs may call zero to many other programs.

Three layers

Starting in the 1980s, application software has been sold in mass-produced packages through retailers.

Users often see things differently than programmers. People who use modern general purpose computers (as opposed to embedded systems, analog computers, supercomputers, etc.) usually see three layers of software performing a variety of tasks: platform, application, and user software.

Platform software

Platform includes the firmware, device drivers, an operating system, and typically a graphical user interface which, in total, allow a user to interact with the computer and its peripherals (associated equipment). Platform software often comes bundled with the computer. On a PC you will usually have the ability to change the platform software.

Application software

Application software or Applications are what most people think of when they think of software. Typical examples include office suites and video games. Application software is often purchased separately from computer hardware. Sometimes applications are bundled with the computer, but that does not change the fact that they run as independent applications. Applications are almost always independent programs from the operating system, though they are often tailored for specific platforms. Most users think of compilers, databases, and other "system software" as applications.

User-written software

User software tailors systems to meet the users specific needs. User software include spreadsheet templates, word processor macros, scientific simulations, and scripts for graphics and animations. Even email filters are a kind of user software. Users create this software themselves and often overlook how important it is. Depending on how competently the user-written software has been integrated into purchased application packages, many users may not be aware of the distinction between the purchased packages, and what has been added by fellow co-workers.

Operation

Computer software has to be "loaded" into the computer's storage (such as a hard drive, memory, or RAM). Once the software is loaded, the computer is able to execute the software. Computers operate by executing the computer program. This involves passing instructions from the application software, through the system software, to the hardware which ultimately receives the instruction as machine code. Each instruction causes the computer to carry out an operation -- moving data, carrying out a computation, or altering the control flow of instructions.

Data movement is typically from one place in memory to another. Sometimes it involves moving data between memory and registers which enable high-speed data access in the CPU. Moving data, especially large amounts of it, can be costly. So, this is sometimes avoided by using "pointers" to data instead. Computations include simple operations such as incrementing the value of a variable data element. More complex computations may involve many operations and data elements together.

Instructions may be performed sequentially, conditionally, or iteratively. Sequential instructions are those operations that are performed one after another. Conditional instructions are performed such that different sets of instructions execute depending on the value(s) of some data. In some languages this is known as an "if" statement. Iterative instructions are performed repetitively and may depend on some data value. This is sometimes called a "loop." Often, one instruction may "call" another set of instructions that are defined in some other program or module. When more than one computer processor is used, instructions may be executed simultaneously.

A simple example of the way software operates is what happens when a user selects an entry such as "Copy" from a menu. In this case, a conditional instruction is executed to copy text from data in a 'document' area residing in memory, perhaps to an intermediate storage area known as a 'clipboard' data area. If a different menu entry such as "Paste" is chosen, the software may execute the instructions to copy the text from the clipboard data area to a specific location in the same or another document in memory.

Depending on the application, even the example above could become complicated. The field of software engineering endeavors to manage the complexity of how software operates. This is especially true for software that operates in the context of a large or powerful computer system.

Currently, almost the only limitations on the use of computer software in applications is the ingenuity of the designer/programmer. Consequently, large areas of activities (such as playing grand master level chess) formerly assumed to be incapable of software simulation are now routinely programmed. The only area that has so far proved reasonably secure from software simulation is the realm of human art— especially, pleasing music and literature.

Kinds of software by operation: computer program as executable, source code or script, configuration.

Population Health

Population health is an approach to health that aims to improve the health of an entire population. One major step in achieving this aim is to reduce health inequities among population groups. Population health seeks to step beyond the individual-level focus of mainstream medicine and public health by addressing a broad range of factors that impact health on a population-level, such as environment, social structure, resource distribution, etc. An important theme in population health is importance of social determinants of health and the relatively minor impact that medicine and healthcare have on improving health overall.

From a population health perspective, health has been defined not simply as a state free from disease but as "the capacity of people to adapt to, respond to, or control life's challenges and changes" (Frankish et al., 1996).

Income inequality and mortality in 282 metropolitan areas of the United States. Mortality is correlated with both income and inequality.

Recently, there has been increasing interest from epidemiologists on the subject of economic inequality and its relation to the health of populations. There is a very robust correlation between socioeconomic status and health. This correlation suggests that it is not only the poor who tend to be sick when everyone else is healthy, but that there is a continual gradient, from the top to the bottom of the socioeconomic ladder, relating status to health. This phenomenon is often called the "SES Gradient". Lower socioeconomic status has been linked to chronic stress, heart disease, ulcers, type 2 diabetes, rheumatoid arthritis, certain types of cancer, and premature aging.

Despite the reality of the SES Gradient, there is debate as to its cause. A number of researchers (A. Leigh, C. Jencks, A. Clarkwest - see also Russell Sage working papers) see a definite link between economic status and mortality due to the greater economic resources of the better-off, but they find little correlation due to social status differences.

Other researchers such as Richard Wilkinson, J. Lynch , and G.A. Kaplan have found that socioeconomic status strongly affects health even when controlling for economic resources and access to health care. Most famous for linking social status with health are the Whitehall studies - a series of studies conducted on civil servants in London. The studies found that, despite the fact that all civil servants in England have the same access to health care, there was a strong correlation between social status and health. The studies found that this relationship stayed strong even when controlling for health-affecting habits such as exercise, smoking and drinking. Furthermore, it has been noted that no amount of medical attention will help decrease the likelihood of someone getting type 1 diabetes or rheumatoid arthritis - yet both are more common among populations with lower socioeconomic status. Lastly, it has been found that amongst the wealthiest quarter of countries on earth (a set stretching from Luxembourg to Slovakia) there is no relation between a country's wealth and general population health - suggesting that past a certain level, absolute levels of wealth have little impact on population health, but relative levels within a country do.

The concept of psychosocial stress attempts to explain how psychosocial phenomenon such as status and social stratification can lead to the many diseases associated with the SES Gradient. Higher levels of economic inequality tend to intensify social hierarchies and generally degrades the quality of social relations - leading to greater levels of stress and stress related diseases. Richard Wilkinson found this to be true not only for the poorest members of society, but also for the wealthiest. Economic inequality is bad for everyone's health.

Inequality does not only affect the health of human populations. David H. Abbott at the Wisconsin National Primate Research Center found that among many primate species, less egalitarian social structures correlated with higher levels of stress hormones among socially subordinate individuals. Research by Robert Sapolsky of Stanford University provides similar findings.