| | | |  ZIF | | | | Zero Insertion Force. A type of socket developed for CPU chips to allow processors to be added or removed without the use of special tools and/or large forces. Previously, with the increasing complexity of CPUs and the according increase in number of connecting pins, damage to the chip (or even the circuit board) was becoming more and more likely. With the advent of the PGA (Pin Grid Array) processors, the zero insertion force socket went a long way to resolving this issue. "Ordinary" IC sockets rely on significant friction forces to grip the pins of the chip, making a good electrical contact but also making insertion and extraction without damage difficult. The risk of damage increases as the number of pins does and the force required is multiplied, particularly so in the case of replacing or upgrading CPUs on the home PC where the user may have little or no experience of the task. On a Zero Insertion Force socket, it is immediately apparent that this is a physically larger socket - necessary to allow for the mechanism involved. A lever on the socket is released from it's catch and moved, releasing the tension in the individual pin sockets. The processor is aligned as appropriate then dropped in with "zero insertion force". The lever is then moved back into position - which moves the top plate of the assembly and applies pressure to the individual pin sockets - and then locked in place, creating good electrical contacts and securing the chip in the socket. Outside of the world of Personal Computers, Zero Insertion Force sockets are not commonly used (other than in some testing rigs), due to being relatively expensive and having a large footprint on the printed circuit board. | | | | | | Kernel | | | | The inner, central part common to most operating systems, responsible for managing the machine's resources. Sometimes previously referred to as the "core" or "nucleus" and distinct from other, higher layers of the operating system's structure. Used in particular when referring to Unix/Linux-based systems. It performs the most basic, low-level functions including control of the computer's hardware - input/output devices including mouse, keyboard, displays etc (either directly or via software) - memory allocation and process control. Execution of the kernel is usually initiated by the boot process, after which it initialises and starts the first process. The kernel is critical and in constant use so is typically loaded into memory at all times. Applications or other parts of the operating system access the kernel and it's resources via System Calls and Inter-Process Communication (IPC). The efficiency and speed of the kernel determines how efficient and quickly the rest of the operating system will run and so kernel design is a critical process. Kernels may be broadly divided into two parts - Monolithic kernels and Microkernels. In the monolithic kernel all of the operating system's "Services" run in the same area of memory as the kernel. This has many advantages but can also mean that a system crash can be caused by something such as a device driver problem, due to the inter-dependancy of the system components. With a Microkernel, a much "leaner" approch is used and many services, other than minimal ones such as memory management, are performed by user-space programs on request by System Calls, leading to an easier-to-maintain kernel. There may be occassions where the system is slowed down due to the number of system calls required, however. Some kernels have been developed that are able to be used by any operating system - an example is the Mach kernel. | | | | | | Firewall | | | | A hardware or software-based device used to protect a computer or network from access by unauthorised users. The term is derived from i) the firewalls used in building construction to stop the spread of fire by isolating parts of a building at critical points ii) the practice of firefighters of clearing part of a building or forest to remove combustible materials creating a barrier. An example of hardware incorporating a firewall is a modern router (firewalls work in close conjunction with router software) - there are also stand alone firewall devices. Software firewalls are available on a buy-then-subscribe basis, where the software is initially purchased with free security updates included for a year (typically). This is then often followed by a paid subscription structure, to be eligible for further updates as and when they are released. They are sometimes also offered as freeware in the form of a "lite" version of the subscription package. All traffic into and out of the network must flow through the firewall. Data packets are inspected to determine whether they are to be allowed or not - the rules determining which data packets are allowed through the firewall and which are denied access are set during the configuration of the firewall. A number of different methods are used to determine what happens to a data packet and these have evolved over time as firewalls have become more sophisticated (partly driven by the need to cope with increasingly sophisticated hackers!), as follows. Packet filters look at each data packet and it's contents in isolation and independently of the data stream it is a part of. Stateful filtering not only looks at the packet contents but also, by maintaining records of all connections, is able to compare the packet with those from known and/or trusted sources and in addition to determine whether it is part of an existing data stream or a new connection. Application layer filtering was the third major development - also known as proxy filtering - and the most sophisticated because it can recognise protocols and the way they are used and detect irregularities and suspicious activity (up to a point). Ultimately however, any firewall is only as effective as the way it has been configured. A badly configured firewall can be more or less useless, with many users failing to fully grasp how to set up the filters and opting for the "default allow" set of rules which greatly diminishes the effectiveness of the device. | | | |
|
