Who got your vote?Monthly Splatfests are a thing of the past for Splatoon 3 these days, but Nintendo is still keeping the seasonal events coming. With Splatoween out the way, the next one to roll around is Frosty Fest, a festive celebration which will be heading to the Splatlands next month.As revealed in a tweet by @NintendoUK, the Frosty Fest Splatfest will get underway from 11th-12th January 2025 (depending on your region), with the theme this time asking 'What would make you happiest?' There are three gift-based teams to choose between, with Team Money, Experiences and Presents all vying for your support.Read the full article on nintendolife.com

Chinese hackers have reportedly breached a key office within the U.S. Treasury tasked with reviewing foreign investments and transactions that could threaten U.S. national security.CNN reports, citing U.S. officials familiar with the incident, that the Chinese hackers targeted the Committee on Foreign Investment in the United States, or CFIUS, which can approve or deny deals that present national security risks, such as corporate mergers and takeovers or deals that involve sensitive U.S. information.Treasury officials confirmed to TechCrunch last week that it was investigating a major cybersecurity incident following a breach at one of its security vendors, BeyondTrust. The Treasury said the hackers broke in using a stolen BeyondTrust key to remotely access employee workstations and documents on the departments unclassified network. It was later revealed that the Chinese hackers had also breached the departments office for international financial sanctions, the Office of Foreign Assets Control, or OFAC.U.S. cybersecurity agency CISA said this week that there was no indication that the hackers had broken into any other U.S. government department as part of the campaign.Bloomberg reports that the hackers targeting the Treasury are known as Silk Typhoon (previously called Hafnium), an active China-backed hacking group known to carry out mass hacking operations aimed at stealing information.The cyberattack at the Treasury is the latest in a string of incidents identified in recent months and linked to the China-backed family of Typhoon hackers. These cyberattacks have included the targeting of private communications of U.S. government officials and prepositioning destructive malware in U.S. critical infrastructure to strike in the event of a future conflict between China and the United States.The Chinese government has repeatedly denied the accusations.

Explore the unique blend of humor and horror in Bhool Bhulaiyaa 3. Redchillies VFX brings the story to life with their really cool visual effects, from eerie haunted settings to playful supernatural elements! Vincent Frei The Art of VFX 2025The post Bhool Bhulaiyaa 3: VFX Breakdown by Redchillies VFX appeared first on The Art of VFX.

Military drone manufacturer Firestorm Labs has filed a lawsuit against competitor RapidFlight in an intellectual property (IP) dispute. The San Diego-based company claims that RapidFlight falsely accused its 3D printed Tempest drone of infringing on two patents.Filed in the United States District Court for the Southern District of California, the case sees Firestorm request a jury trial to confirm that it has not infringed on either of RapidFlights US patent numbers 11,597,490 or 11,840,323. These relate to drone airframe structures with multiple 3D printed sections.In the court filing, Firestorm argues that its drone-making adversary has failed to compete on technology capabilities, performance, and price. The company highlights one instance where, during a head-to-head demonstration, RapidFlight figuratively and literallycrashed and burned.The plaintiff asserts that these failings have led the defendant to use unsupported threats in an attempt to bully Firestorm out of the industry. This reportedly includes repeated patent infringement assertions made verbally and in writing for over a year. RapidFlight is also said to have made unsupported allegations to its competitors potential customers, giving them an unfair advantage in attaining government contracts.In addition to a declaration that Firestorm has not infringed the patents in question, the unmanned aerial system (UAS) manufacturer is seeking compensation for legal fees and additional relief deemed appropriate by the court. The anticipation that RapidFlight would file a patent infringement lawsuit prompted Firestorm to launch this pre-emptive declaratory judgment action.Firestorm Labs and RapidFlight have been contacted for comment.Firestorm Labs Tempest drone. Image via Firestorm Labs.Firestorm challenges RapidFlights 3D printing patent infringement claims The Complaint for Patent Infringement Lawsuit outlines a slew of allegations against RapidFlight, highlighting repeated legal threats and accusations.Firestorm stated that it responded to these in good faith, explaining why it believes them to be false. Despite this, RapidFlight is said to have persisted in unjustified accusations of infringement. The Virginia-based firm also reportedly refused to engage and reach an amicable resolution.In one letter from June 2023, RapidFlight is said to have demanded that the plaintiff stop selling its alleged infringing products, destroy all offending inventory, and pay royalties. The letter accuses Firestorm of infringing the 11,547,490 patent, demanding the firm acquiesce to these demands within two weeks.In response, multiple letters were sent to RapidFlight in July and August 2023 outlining why these allegations were false. In particular, Firestorm claims that a connector component was misidentified as a patented reinforcement element, voiding the infringement claim. 3D models of relevant drone sections were also sent to illustrate the companys innocence.Following this, RapidFlight reportedly requested access to its competitors confidential and sensitive technical manuals or other product design documents. Firestorm denied this request, categorizing it as a fishing expedition to find potential infringements.The defendant then allegedly communicated unsupported allegations to potential Firestorm clients, including government decision-makers. This reportedly included claims that a patent infringement lawsuit was imminent, in an attempt to gain an unfair advantage in securing competitive contracts. The San Diego-based drone maker hopes launching this suit will clear the cloud of litigation from its business and its customers.RapidFlight M2 drone. Image via RapidFlight.3D printing patent disputesFirestorm is one of the latest companies to face 3D printing patent infringement allegations. Last year, Stratasys sued Bambu Lab, accusing the leading Shenzhen-based market leader of infringing on ten patents. The plaintiff argued that Bambus X1C, X1E, P1S, P1P, A1, and A1 mini breached IP relating to processes and features like purge towers, heated build platforms, tool head force detection, and networking capabilities.Stratasys demanded a trial by jury to achieve a declaration that the patents had been infringed upon, in addition to damages and an injunction blocking the future sale of the offending machines.This case has drawn criticism from the open-source 3D printing community. RepRap founder Dr. Adrian Bowyer called the idea of patents nonsense upon stilts, arguing that they inhibit creativity and stifle innovation. He criticized Stratasys for engaging in patent parasite behavior.This sentiment was echoed by Dr. Joshua Pearce, who worries that the case could lead to the weaponization of IP. Andrew Spitzer, a patent litigator from Crowell & Moring, believes the case could cause a seismic shift in the 3D printing landscape, with Stratasys potentially becoming a gatekeeper to the 3D printing industry.Elsewhere, 2024 saw 3D printer manufacturer Markforged settle a patent infringement lawsuit filed by Continuous Composites, resolving a legal battle that began in 2021. The allegations related to Markforgeds infringement of several patents relating to continuous composite additive manufacturing.Earlier in the year, a jury ruled against Markforged on one patent claim, awarding $17.34 million in damages. In September, Markforged signed a Settlement and Patent License Agreement, in which it agreed to pay Continous Composites a further $18 million upfront, followed by $1 million in 2025, $2 million in 2026, and $4 million in 2027.Who won the 2024 3D Printing Industry Awards?All the news from Formnext 2024.Subscribe to the 3D Printing Industry newsletter to keep up with the latest 3D printing news.You can also follow us on X, like our Facebook page, and subscribe to the 3D Printing Industry Youtube channel to access more exclusive content.Featured image shows a RapidFlight M2 drone. Image via RapidFlight.

Hello, Im looking to put some text around this disk within the separated sections so I was wondering how I can unwrap them into straight strips with minimal distortion to allow for this process to be easier in texturing? 1 post - 1 participant Read full topic

Brought to you by:Architect: Pelli Clarke & PartnersLocation: ChicagoCompletion Date:2024Wolf Point, a four-acre site located at the intersection of the Chicago Rivers three forks masterplanned by Pelli Clarke & Partners, is finally complete after a 15-year development saga. The final component of the project wrapped up construction late last year; it is a 57-story office tower leased almost exclusively to Salesforce. Clad head-to-toe in glass curtain wall, the tower features an articulated crown at its peak, a decorative element that signals the new skyscrapers prominence in the Chicago skyline. The Salesforce tower joins two previously completed residential buildings on the site, Wolf Point East and West, designed by bKL Architecture and Pelli Clarke & Partners, respectively. Before this, the site was used for decades as a parking lot. In addition to the three towers, the masterplan adds 2.3 acres of public park space that is integrated with the citys riverwalk, fulfilling municipal waterfront zoning requirements.Pelli Clarke & Partners masterplan for Wolf Point includes two residential towers, an office tower, and a public park. (Courtesy Pelli Clarke & Partners)The development site has been owned by the Kennedy family since 1936and has sat vacant for over 80 years. Darin Cook, partner at Pelli Clarke, told AN,In the Daniel Burnham plan of Chicago from 1909, this is one of the most significant sites. Its this unusual peninsula that sticks out into the river, so you actually have 270 degree exposure around the site. Even in Burnhams plan, he had a major landmark at this point in the river. It only took around 114 years to realize that, he added.The Wolf Point site juts out into the Chicago River, creating wrap-around views of the Salesforce tower. (Jason ORear)When designing the new building, Pelli Clarke & Partners were constrained by an established view corridor from the river to a Holiday Inn located behind Wolf Point as well as setback zoning related to the Chicagos Riverwalk. For this reason, the tower is narrow and rectangular in plan. To create a more formally expressive massing, the architects articulated the top of the tower, implementing a series of tapered setbacks around the buildings uppermost floors. A setback was also incorporated at the towers podium, where the buildings glazed lobby and entrance step inward to maximize Wolf Points landscaped public space.A glass-encased lobby establishes views outward to the public park. (Jason ORear)Pelli Clarke & Partners specified low-e coated glazing for the project to improve energy efficiency. This product allows 53 percent visible light transmittance during the day, allowing office workers to cut down on the use of artificial lighting. In addition, the silvery blue color of the curtain walls vision glass was diligently matched to that of the opaque glazing that covers the buildings spandrel panels, creating a more monolithic exterior expression. The Salesforce tower is the first construction project in Chicago required to submit environmental product declarations (EPDs) to the city. Using this data, Pelli Clarke & Partners collaborated with the structural engineer to reduce the use of steel and concrete in the structure through efficient column placements.Because of its position at the confluence of the Chicago River, Pelli Clarkes tower is highly visible from multiple vantage points within Downtown Chicago. (Jason ORear)Construction logistics were complicated by the irregularities of the Wolf Point site. Because of a city mandate that construction materials could not be stored above ground, a temporary access road was constructed beneath the property, building upon Downtown Chicagos pre-existing network of below-ground streets. After the building was completed, this access road was filled in. The builders also had to contend with the towers proximity to the Chicago River, which is occasionally subject to flooding. Accordingly, a large cofferdam was constructed below grade. During excavation, an abandoned coal delivery tunnel was discovered beneath the site, a remnant from the early 20th century, when coal was delivered to the basements of downtown businesses. To ensure the foundations structural stability, this tunnel was also filled in with concrete.Chicagos Skyline continues to grow with the addition of Salesforce tower, and several recently-completed residential skyscrapers. (Jason ORear)Despite nationwide struggles to fill office space, Hines, the projects developer, has succeeded in leasing 97 percent of the tower, managing to attract one of the worlds largest technology firms. As skyscrapers transition from office use to primarily residential functions, Pelli Clarke & Partners Salesforce tower finds itself alone among recently-completed buildings of comparable size. For example, Jahns 1000M and Goettsch Partners One Chicagotwo of the largest towers completed in the past several yearsare both residential high rises. Additional condo towers are forthcoming as well, including SOMs 400 Lake Shore Drive, which broke ground this past summer.Regardless of this trend away from office towers, development is clearly still booming in Chicago, as new buildings are regularly added to the citys already architecturally distinguished skyline.Project SpecificationsDesign Architect: Pelli Clarke & PartnersArchitect of Record: HKSLandscape Architect: ConfluenceInterior Design: GenslerStructural Engineer: Magnusson Klemencic AssociatesElectrical Engineer: Alvine EngineeringCivil Engineer: EpsteinLighting Design: OneLux StudioAV/Acoustics: CeramiSecurity Consultant: Affiliated EngineersTelecommunications: EpsteinFacade Consultant: Curtain Wall Design & ConsultingGeneral Contractor: Walsh ConstructionOwner: Wolf Point SouthOwner Representative: RL Edwards PartnersDeveloper: HinesGlazing Contractor: HarmonFacade Installation: HarmonElevator/Vertical Transportation: Persohn/Hahn AssociatesFacade Access: OlympiqueBMCS: HMA ConsultingWind Engineer: RWDIGeotechnical Engineer: GEI ConsultantsTraffic Consultant: Kimley-HornParking Consultant: DesmanCurtain Wall: HarmonLobby Glazing: SentechStainless Steel Column Covers: Bell Pro ArchitecturalGlass: Viracon, Cricursa

Tech Chinese auto giant wants to make flying cars your next commute option Ambitious plans to transform urban travel with innovative eVTOL tech Published January 10, 2025 11:00am EST close Chinese auto giant wants to make flying cars your next commute option A company is setting the stage for a new era in how we think about commuting and connectivity in our cities. GAC Group, a prominent automotive manufacturer from China, is making waves in the transportation sector with the launch of its new eVTOL brand, Govy.This development reflects GAC's commitment to sustainable air travel, as the company taps into its extensive automotive expertise and innovative technology to create fresh solutions for urban mobility.With Govy, GAC is not just entering the flying car market; it's setting the stage for a new era in how we think about commuting and connectivity in our cities. Flagship aircraft of Govy named AirJet. (Govy)Introducing the AirJetThe flagship aircraft of Govy, named AirJet, is a revolutionary composite-wing flying car designed to operate as an air taxi for distances of up to 124 miles. This innovative vehicle combines the efficiency of fixed-wing aircraft with the flexibility of multi-rotor systems, allowing for vertical takeoff and landing capabilities.The AirJet is constructed with over 90% carbon fiber composite materials, making it remarkably lightweight just one-third the weight of a conventional car of similar size. This lightweight design not only enhances performance but also enables longer electric flights.WHAT IS ARTIFICIAL INTELLIGENCE (AI)? Flagship aircraft of Govy named AirJet. (Govy)Performance and features of the AirJetIn terms of performance, the AirJet is powered by GAC's proprietary electric drive system, which allows it to reach impressive speeds of up to 155 miles per hour. The current model boasts a range exceeding 124 miles, with ambitious plans to extend this range to 249 miles through the development of future solid-state battery technology. Additionally, the AirJet can be recharged in just 30 minutes, ensuring quick turnaround times for operations.GET FOX BUSINESS ON THE GO BY CLICKING HEREThe AirJet is designed with both luxury and safety in mind. It features a spacious cabin with a "1+1+X" seating arrangement that provides flexibility for passengers. The aircraft is equipped with autonomous flight capabilities, allowing for seamless operation without human intervention. Safety is paramount in the design of the AirJet. It includes advanced safety systems such as redundant power and control systems, real-time monitoring, and obstacle detection to ensure secure flights. Flagship aircraft of Govy named AirJet. (Govy)The robo-air taxi systemGAC's vision extends beyond individual aircraft to encompass a comprehensive Robo-AirTaxi system that integrates ground and aerial transport for end-to-end smart mobility solutions. This system will utilize the Govy AirCar for short urban trips under 12.4 miles and the AirJet for mid-range travel up to 124 miles. A key aspect of this vision is the creation of a "40-minute Greater Bay Area life circle" in China, which aims to facilitate efficient intercity travel and significantly reduce transit times and costs. Flagship aircraft of Govy named AirJet. (Govy)Future plans and commercializationLooking ahead, GAC has outlined an ambitious roadmap for Govy. By 2025, the company aims to achieve airworthiness certification for its flying cars, establish production lines, and begin taking pre-orders from customers. Furthermore, GAC plans to launch demonstration operations in two to three Greater Bay Area cities of China by 2027. Flagship aircraft of named AirJet. (Govy)Kurt's key takeawaysWith the introduction of Govy and its flagship AirJet, GAC Group is positioning itself at the forefront of urban aerial transportation. By combining innovative technology with a comprehensive ecosystem approach, GAC aims to transform urban mobility into something smarter, safer, and more sustainable. As we move toward a future where aerial vehicles become an integral part of our transportation networks, GAC's initiatives could play a pivotal role in shaping how we navigate our cities and connect with one another.CLICK HERE TO GET THE FOX NEWS APPWould you feel comfortable using flying cars like the Govy AirJet for your daily commute, and why or why not? Let us know by writing us atCyberguy.com/ContactFor more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading toCyberguy.com/NewsletterFollow Kurt on his social channels:Answers to the most asked CyberGuy questions:New from Kurt:Copyright 2025 CyberGuy.com. All rights reserved. Kurt "CyberGuy" Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on "FOX & Friends." Got a tech question? Get Kurts free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com. Related Topics

Security supplier Ivanti has once again found itself at the centre of an expanding series of breaches after it emerged that two freshly disclosed vulnerabilities in a number of its products are likely being exploited by China-backed threat actors.The vulnerabilities in question which are designated CVE-2025-0282 and CVE-2025-0283 affect Ivantis Connect Secure, Policy Secure and Neurons for ZTA gateway products.Exploitation of the first enables a threat actor to achieve unauthenticated remote code execution (RCE), and exploitation of the second enables a locally authenticated attacker to escalate their privileges.CVE-2025-0282 is officially a zero-day, and has already been added to the Cybersecurity and Infrastructure Security Agencys (CISAs) Known Exploited Vulnerabilities (KEV) catalogue. In the UK, a spokesperson for the National Cyber Security Centre (NCSC), said: The NCSC is working to fully understand the UK impact and investigating cases of active exploitation affecting UK networks.In the real world, Ivanti said, a limited number of users of its Connect Secure appliances have been affected by CVE-2025-0282 as of Thursday 9 January 2025. However, no users of Policy Secure or ZTA gateways have been impacted, and as of 9 January, there was no conclusive evidence that CVE-2025-0283 had been exploited at all.A patch is now available for both CVEs in Connect Secure, but for now, they both remain unpatched in Policy Secure and Neurons for ZTA, with a fix not expected until 21 January.An Ivanti spokesperson said: We continue to work closely with affected customers, external security partners, and law enforcement agencies as we respond to this threat. We strongly advise all customers to closely monitor their internal and external ICT as a part of a robust and layered approach to cyber security to ensure the integrity and security of the entire network infrastructure.We have made additional resources and support teams available to assist customers in implementing the patch and addressing any concerns.Thank you to our customers and security partners for their engagement and support, which enabled our swift detection and response to this issue, they added. We remain committed to continuously improving our products and processes through collaboration and transparency.This incident serves as areminder of the importance of continuous monitoring and proactive and layered security measures, particularly for edge devices (such as VPNs) which provide an essential service as the initial access point to a corporate network but which are also highly appealing to attackers.According to Google Clouds Mandiant, which has been working alongside Ivanti on investigation and remediation, in at least one instance, a threat actor has managed to use the flaws to deploy elements of the SPAWN malware ecosystem, including SPAWNMOLE, a tunneller, and SPAWNSNAIL, an SSH backdoor.Mandiants researchers said use of these malwares following the targeting of Ivanti products has been attributed to the UNC5337 threat activity cluster, which is linked to UNC5221, a suspected China-nexus espionage group that is known to have exploited other Ivanti vulnerabilities in early 2024.Writing on LinkedIn, Mandiant chief technology officer Charles Carmakal described UNC5221s latest campaign as developing and still under analysis, and hinted that there may be other threat actors in the mix. Describing a potential mass exploitation scenario, he urged Ivanti users to prioritise applying the new patches immediately.However, he warned, this process may not be without risk. The threat actor implemented a novel technique to trick administrators into thinking theyve successfully upgraded a system, he wrote.The threat actor deployed malware which blocks legitimate system upgrades while simultaneously displaying a fake upgrade progress bar. This creates a convincing facade of a successful update, when in reality, the malware silently prevents the actual upgrade from taking place. Some organisations may assume theyve addressed the vulnerability when they actually havent.He added that the attackers may also have fiddled with Ivantis on-board Integrity Checker Tool designed to help users identify compromises to hide evidence of their malwares presence.Benjamin Harris, CEO of WatchTowr, an attack surface management specialist, urged Ivanti users to pay close attention to the latest developments.Our concern is significant as this has all the hallmarks of APT usage of a zero-day against a mission-critical appliance, he said. It also resembles the behaviour and drama circulating Ivanti products that we as an industry saw in January 2024, and we can only hope that Ivanti has learned from that experience with regard to actioning an effective response.Harris added that the lack of patches across the full affected product stack should be an additional concern.Ivanti Connect Secure users have a patch available, but once again patches for other affected appliances like Ivantis Policy Secure and Neurons for ZTA gateways are left waiting three weeks for a patch. Users of these products should not hesitate these appliances should be pulled offline until patches are available, he said.WatchTowr client or not we urge everyone to please take this seriously. Throw your vulnerability SLAs into the proverbial wind in situations like this, they are no longer relevant and the difference between a rapid response, and a response in hours, could be the difference between your organisation calling your cyber insurer or not.Read more about Chinese threat activityNine months after its malicious botnet comprising legacy routers was disrupted by the Americans, Chinese APT Volt Typhoon is rebuilding and presents as persistent a threat as ever.Following the Salt Typhoon attacks, CISA offers advice to 'highly targeted' individuals, such as using end-to-end encryption and moving away from purely SMS-based MFA.US government agencies confirmed Wall Street Journal reports that China-backed threat actors breached telecommunication providers and access data for law enforcement requests.

The latest of the company's L9 Series projectors offers better brightness, depth, and clarity - in a fetching design.

Alexander Sikov/Getty ImagesVirtual private networks are no longer just for tech enthusiasts and privacy buffs -- they've become an essential tool for navigating a more restricted internet. VPNs offer a lifeline to digital freedom and security, from bypassing censorship to securing data from prying eyes. In the US, legislation in several states has blocked adult websites orplacedthem behind strict age gates. Regional policies limit access to various types of content, including streaming services and political materials. As more sites and services become geographically restricted, more individuals are using VPNs to bypass these blocks, protect their digital freedoms, and safeguard their data. Beyond unblocking adult websites or region-locked media, many users worry about government surveillance, data retention laws, and the sale of personal browsing data by ISPs. A VPN addresses these privacy risks by encrypting your traffic and masking your IP address. However, a VPN alone may not provide a comprehensive solution for network security or privacy concerns. To truly safeguard your data and enhance network privacy, combining a VPN with robust protocols like WireGuard and integrating them into advanced hardware setups (such as Firewalla and others mentioned below) can make a significant difference. Also: How AI will transform cybersecurity in 2025 - and supercharge cybercrimeThis guide outlines how to pair the open-source WireGuard protocol with Proton VPN, a Swiss-based provider celebrated for its strong privacy policies, and to integrate them into router-based setups for entire-network coverage. I'll also explore advanced techniques like policy-based routing, IP passthrough, zero-trust segmentation, and even building your firewall router on Linux or FreeBSD. Understanding VPN protocols and WireGuard Many commercial VPNs (ExpressVPN, NordVPN, etc.) rely on proprietary protocols that often lock users into specific apps. For example, NordVPN'sNordLynx protocol is based on WireGuard but deviates from the standard implementation. It does not use standard WireGuard .conf files for direct use on routers. Instead, NordVPN (and ExpressVPN) employs the older OpenVPN protocol for router configurations, which is less performant and more complex to set up. In contrast, WireGuard provides a refreshing alternative with an open-source design, a tight codebase (4,000 lines total), and notably high performance. Its modern cryptographic methods and lean architecture result in lower latency and faster speeds than legacy protocols like OpenVPN or IPSec, making it an excellent fit for bypassing region locks, streaming content, or engaging in latency-sensitive tasks like gaming. Example of a simple WireGuard configuration (.conf) file created by Proton VPN's download portal. Screenshot by Jason Perlow/ZDNETWireGuard's key management is also straightforward and highly efficient. Each peer -- whether a router, laptop, or smartphone -- is assigned a public/private key pair, eliminating the need to manage complex certificates. This simplified design reduces the overall attack surface and eases auditing, as fewer lines of code typically mean fewer potential vulnerabilities. Notably, you can install WireGuard on a router (rather than on each device in your network), allowing all network traffic to pass through the secure tunnel without managing separate VPN clients or profiles on individual computers or mobile devices. This router-based approach is especially valuable for environments where multiple devices -- from personal laptops to IoT gadgets -- must be secured, as it centralizes the VPN configuration and simplifies network-wide encryption. Legal and ethical disclaimer Using VPNs to bypass regional blocks or consume restricted content may be unlawful in certain jurisdictions. VPNs bolster privacy but do not guarantee total anonymity. If you evade local laws concerning adult content, abortion information, or other regulated material, understand there may be legal consequences. Always research your VPN provider's logging policies -- some free solutions log user data or inject malware, compromising rather than enhancing user privacy. WireGuard VPN providers Although this article primarily showcases Proton VPN for its transparent WireGuard .conf files (no proprietary lock-in), strong no-log policy, and free vs. paid plan structure, many other reputable VPN providers offer WireGuard configuration files for router-based setups. These include: Mullvad An independent, Swedish-based VPN service run by Mullvad VPN AB. Mullvad is praised for its no-email registration, strict no-logs policy, and the option to pay anonymously in cash or cryptocurrency.CyberGhost Part of Kape Technologies, which owns ExpressVPN, Private Internet Access (PIA), and ZenMate. CyberGhost is known for specialized servers (streaming, torrenting) and user-friendly apps.Private Internet Access (PIA) Another Kape Technologies brand, recognized for its large server network, advanced configurations like split tunneling, and its built-in ad/malware blocker ("PIA MACE").Surfshark Now under the Nord Security umbrella (following a 2022 merger), Surfshark is popular for unlimited device connections, ad/malware blocking ("CleanWeb"), and relatively budget-friendly pricing.Many of these services let you select a server in their portal or app and generate a .conf file for WireGuard, which you can then import into your router. The basic steps -- choosing a region, downloading the configuration, and applying it -- are similar to those we'll follow with Proton VPN below. Why Proton VPN? Proton VPN was founded in 2017 by the team behind Proton Mail, the world's largest secure email service. Operated under the Swiss-based, non-profitProton Foundation, Proton VPN prioritizes user privacy over profit-driven motives, similar to theSignalmessaging service. Its structure ensures that no shareholders or external investors influence its mission, maintaining a focus on privacy and security.Proton generates revenue through paid subscription plans to sustain its services, but it remains a not-for-profit organization governed by the Proton Foundation. This unique approach allows Proton to regularly publish transparency reports, invest in independent security research, and avoid corporate ownership by large VPN conglomerates. Proton VPN is a compelling choice for users seeking privacy-first, router-friendly configurations. Even on the free tier, Proton VPN delivers reliable and fast connections. Its focus on privacy extends to its router-friendly WireGuard configurations, which are transparent and free of proprietary lock-in. Proton VPN's tiered Free and Paid plans cater to a broad range of needs.PlanFreePaidServer Locations 35 countries (limited) 110 countries (city-level selection) Speed Decent, not guaranteed Often near max ISP speeds, priority servers Advanced Features Basic NetShield (ad block) Full NetShield, multi-hop, Secure Core Devices 1 device 10+ devices (tier-dependent) Performance ~5070% of ISP bandwidth Potentially close to full ISP bandwidth Step-by-Step: Using WireGuard on Proton VPN Step 1: Create a Proton VPN account Visit ProtonVPN.com and click Get Proton VPN Free.Choose a Free or Paid plan, depending on your needs.Verify your account via email.Log in to your Proton VPN dashboard once your account is confirmed. Proton VPN's download portal. Jason Perlow/ZDNET Step 2: Generate your WireGuard configuration Go to Downloads (or the WireGuard Configuration section) in your Proton VPN dashboard.Enter a descriptive name for your configuration in the "Device/certificate name" field, such as "ZDNET Test Router."Choose Router (or whichever platform you're setting up).Configure NetShield (ad/malware blocker) by selecting the desired filter level, or leave it off if you prefer.(Optional) Enable NAT/PMP (for port forwarding) or Moderate NAT based on your networking needs.(Optional) Check "VPN Accelerator" to improve speeds, if supported.Pick a standard server or region. Proton VPN may also auto-select the best server based on load.Click Create (or "Download") to generate and save the .conf file. Many WireGuard-compatible routers, such as the Firewalla Purple and Gold series, allow direct import of WireGuard .conf files generated by services such as Proton VPN. Screenshot by Jason Perlow/ZDNET Step 3: Configure your router Log in to your router's admin interface (commonly accessed via 192.168.x.x).Navigate to the VPN / WireGuard settings section.Import or Paste the Proton VPN .conf file you downloaded. Some routers let you upload the file directly; others might require copying the keys, peer settings, and endpoint details manually.Save your changes and enable the WireGuard interface or tunnel. Step 4: Enable IP Passthrough or Bridge Mode (if needed) If your ISP modem also acts as a router (e.g., AT&T BGW-320, Arris, etc.), you risk double NAT (Network Address Translation) unless you enable "Bridge Mode" or "IP Passthrough." This configuration ensures your custom router (Firewalla, OpenWRT, or another) receives a public IP directly, managing NAT independently. Access the ISP gateway's admin interface (often 192.168.1.254 or 192.168.0.1).Locate Bridge Mode or IP Passthrough in the advanced settings.Assign the MAC address of your router as the passthrough device.Save and reboot both devices. Step 5: Verify your connection Check your public IP at ipinfo.io. It should show Proton VPN's server location. Speedtest.net will also display your IP configuration.(Optional) Run a ping or traceroute to confirm stable routing.All traffic on your network should now traverse the WireGuard tunnel. Which routers support WireGuard? Many router manufacturers are adding native WireGuard support to their devices. Asus, Netgear, and Linksys regularly include WireGuard in their firmware updates, especially for mid-to-high-end models. Open-source firmware platforms like OpenWRT also offer extensive support, making them an excellent choice for advanced users. Other router options GL.iNet OpenWRT-based routers come pre-loaded with WireGuard, making them ideal travel VPN routers. OpenWRT One, developed by the Software Freedom Conservancy and Banana Pi, is a $89 dual-band Wi-Fi 6 router (available from Amazon fully assembled for US and EU power supplies) with full OpenWRT firmware. It features a 2.5GbE PoE WAN port, an M.2 slot for hardware add-ons, and a hardware switch to prevent bricking by toggling between NOR and NAND memory. Because it's standard OpenWRT, you can access thousands of packages (including WireGuard) and frequent security updates. Firewalla Purple and Gold series devices are widely praised for their simple configuration, high performance, and mobile app. Its newAP7 Wi-Fi 7 access pointallows zero-trust segmentation, meaning you can isolate IoT gadgets on separate networks to minimize the impact if one device is compromised. Firewalla routers also offer multiple VPN profiles, letting you fine-tune which devices or users tunnel through WireGuard. If you have enterprise-level or advanced requirements, consider a Firewalla Gold Pro, Ubiquiti Dream Machine, Mikrotik, OPNSense, or Netgate device for robust VLAN configurations, advanced QoS, and large-scale LAN deployments. Troubleshooting and FAQ Even with WireGuard's simplicity, a few issues may arise: Handshake failure: Check that your public/private keys match Proton VPN's settings. Ensure the router's clock is accurate, as major time differences break WireGuard's cryptographic handshake.DNS leaks: Your real location is exposed if DNS requests still go to your ISP. Update your router's DNS to Proton VPN's resolvers and validate at dnsleaktest.com.Policy-based routing: If you want to use the VPN only for specific devices or domains (e.g. streaming boxes that need local region access), explore split tunneling or "policy-based routing" in your router firmware (Firewalla, OpenWRT, OPNsense, etc.).Wi-Fi performance: Upgrading to Wi-Fi 7 or adding multiple access points can alleviate coverage gaps. However, your overall VPN speed also depends on your router's CPU speed for WireGuard encryption.General security tips: Stick to reputable VPNs like Proton VPN, avoid free apps, and keep firmware updated. Router-based VPN setups typically offer better consistency than phone-based VPN apps. Show more Advanced tips and security best practices Key rotation: Change your WireGuard keys periodically to reduce the chance of compromised credentials over time. Proton issues profiles that are valid for one year until a new profile import is required.Hardware constraints: Lower-power routers (~700 MHz single-core) might cap out at ~100 Mbps for WireGuard, while dual-core ARM or x86 at 1.4+ GHz CPUs on these devices can handle hundreds of Mbps or more. (Firewalla Gold Pro can handle 2Gbps WireGuard connections.)Kill switch/fail-closed: In advanced firewall OSes (pfSense, OPNsense), you can configure firewall rules that drop all traffic if the VPN goes down, preventing accidental leaks.Zero-trust segmentation: Isolate IoT or guest devices on separate SSIDs/VLANs. If a device is breached, attackers can't easily pivot across the rest of your network. Building your WireGuard-compatible firewall router on Linux or FreeBSD For advanced users, building a WireGuard-compatible firewall router using open-source platforms like Linux or FreeBSD offers near-limitless customization. Solutions such as OPNsense and pfSense (FreeBSD-based) or OpenWRT and IPFire (Linux-based) provide robust options for integrating WireGuard at the OS level. These platforms allow for refined firewall rules, VLAN management, bandwidth shaping, and multi-WAN failover. While setup requires more technical expertise and hardware compatibility considerations, the payoff is unmatched control over advanced routing and security features. Next steps After you've set up WireGuard on a router via Proton VPN: Explore multi-hop/secure core: Proton VPN's paid plans offer layered routing for heightened privacy.Check WAN failover: If your router supports dual WAN or cellular backup, set up automatic failover so your VPN reconnects if one link drops.Refine policy-based routing: Split tunneling allows selective encryption, perfect for devices that need local content or minimal latency (e.g. gaming consoles).Self-host WireGuard: Platforms like AWS Lightsail, Linode, or DigitalOcean let you build your own VPN server, cutting out third-party operators entirely.Intrusion detection: Tools like Suricata or Snort on OPNsense or pfSense can monitor and block suspicious traffic in real time. The increasing need for router-based VPNs Growing geoblocks, censorship laws, and privacy concerns have made VPNs indispensable for many users. WireGuard stands out with its speed, simplicity, and open-source ethos. Proton VPN offers a robust, privacy-centric VPN that's straightforward to deploy on a wide range of routers, including Firewalla's Gold Series/AP7 for zero-trust segmentation or OpenWRT One for budget-friendly Wi-Fi 6 performance. Also:How we test VPNs in 2025With proper planning, you can maintain the freedom to access geo-blocked content and the security to navigate the modern web safely. Security