Tag Archives: TECHNOLOGY

Download the super-speedy Firefox Quantum beta today

Mozilla has launched the beta and developer versions of Firefox Quantum – the latest edition of the web browser, which comes with a new engine that uses multi-core processing to optimize speed.

Quantum, also known as Firefox 57, is a serious step up from the previous version, and Mozilla claims you’ll notice the difference immediately when browsing your favorite sites.

Aware of its reputation for sluggishness, the company has released a benchmarking video showing the beta giving Chrome a run for its money opening many popular websites.

The new browser is the fruit of Mozilla’s Project Quantum – an initiative launched in October 2016 to develop a new engine that would make the most of multiple cores modern desktop and mobile hardware.

Firefox Quantum also prioritizes the tab you’re currently using, so it downloads and runs before those in the background, cutting RAM usage by around 30%.

If you’re already using Firefox, you’ll be upgraded to Quantum automatically on November 14. If you’d rather give it a try now, you can download the beta for desktop, Android and iOS.

The developer edition of Quantum is also available today for web developers.

      

The best free alternatives to CCleaner 2017

CCleaner has long been one of the web’s most popular PC cleanup tools, but after it was acquired by Avast and suffered a serious malware attack, many people have begun seeking alternatives.

Running out of hard drive space is less of an issue these days thanks to the plummeting price of storage, but there are still many reasons to use a tool like CCleaner to purge unwanted files.

As well as simply being good practice, it helps to keep your drive in good health, and many of the files you have stored can reveal a great deal of personal information about you; you might want to consider getting rid of anything you don’t need.

We’re not just talking about the documents you have manually created, but also those that are created for you in the background, such as cookies and registry entries.

With that in mind, we’ve put a host of PC cleanup tools to the test and curated our own list of the best alternatives to CCleaner.

1. BleachBit

A quick and convenient alternative to CCleaner, with hidden depths

BleachBit is open source – something that helps with transparency (the source code is publicly available) and also speed of development (users are free to make their own contributions and fix any bugs as they’re identified).

BleachBit is a very simple CCleaner alternative, but that works to its advantage. There’s a portable version available for those looking to build up a USB toolkit, and there are also different editions for various operating systems.

Although simple and lightweight, BleachBit certainly gets the job done. There’s support for a massive range of programs meaning that BleachBit is able to take care of your privacy no matter what you use your computer for.

Everyday maintenance tasks are quick and simple, but there’s also a more intensive Deep Scan option available that plunges deeper into your system files.

Outside of the main program interface you’ll find a new Shred option in the Windows context menu. This deletes unwanted files securely by overwriting them several times so they’re impossible to recover – a nice touch in an already excellent program.

Download here: BleachBit

2. Glary Utilities

A popular CCleaner substitute that promises to deliver faster performance

Glary Utilities is one of the best-known names on this list, and for good reason. This is a collection of tools which work together to help improve the health and performance of your computer, and part of this is the cleanup component. The Disk Cleanup tool can be used to free up space, while the Tracks Erase and Temporary Files Cleaner both help to maintain your privacy and security.

There’s a startup management tool that can be used to take control of startup items to improve boot times, and a defragmenter that will improve the performance of your drive once you’ve deleted the clutter.

Browse through its options and you’ll also find a file encrypter, file shredder memory optimization, disk checker, duplicate file finder, and many other tools you’ll recognize from CCleaner.

You’ll be offered an additional malware-removal tool while installing Glary Utilities, but it’s deselected by default so it’s easy to avoid if you’d rather skip it.

Download here: Glary Utilities

3. Wise Disk Cleaner

Convenient and well designed – a free CCleaner alternative for everyone

Whether you’re an advanced user, or just someone who wants things to be as simple as possible, Wise Cleaner has something to keep you happy.

At its most simple, you can use the Common Cleaner mode to clean up after your web browser, Windows itself and the programs you have installed – this can also be run on an automated schedule.

Then there’s the Advanced Cleaner, which weeds out additional unwanted files, and the Slimming System section, which strips out unnecessary components such as unused Windows installation file – a great way to claim back astonishing amounts of space.

Finally, when you’ve got rid of anything you can live without, there’s a great defrag tool to speed up your drive (provided it’s not an SSD).

You can create a desktop shortcut for easy access to the quick cleanup tool, and if you want a more tailored result, you can create a list of exclusions so you can ensure that certain cookies are never deleted.

Download here: Wise Disk Cleaner

4. KCleaner

Thorough drive cleaning with automatic scanning to protect your privacy

Despite the cheeky similarity in the names, KCleaner isn’t just a CCleaner clone – in many ways it’s a far simpler tool.

At its heart, this is a disk cleanup application which will scour your hard drive for files that are not needed and are simply wasting space. You can claw back megabytes or even gigabytes of space, and the program can clean up after a wide range of popular programs, including web browsers and messaging tools – notorious for leaving behind very revealing files.

KCLeaner can be used on a manual basis, but if you really want to keep on top of things you can have it start automatically with Windows and run a cleanup on a schedule. This is particularly useful for protection your privacy, and is supplemented by a secure deletion option which will overwrite deleted files with random data so there’s no chance of recovery.

Download here: KCleaner

5. PrivaZer

Protect your privacy with deep scans and secure deletion of personal data

This CCleaner replacement is designed to protect your personal information from interception and abuse – hence the name.

PrivaZer offers both advanced and basic modes, and whichever you opt for, you’ll be presented with a wizard-like interface to configure the software to your liking. After answering a few questions about the sort of cleaning up you want to perform, the one-click clean option will get things tidied up in record time.

For a more thorough purge of sensitive files, there’s a Deep Scan option for local or network drives, removable media and connected devices. Confidential data can be overwritten up to 35 times to render it completely undetectable and unrecoverable.

PrivaZer gives you a great deal of control over your file cleanup, and we particularly like the option to run a scan whenever a browser window is closed.

Download here: Privazer

      

Nasty Windows 8.1 bug stops users logging onto their PC with a Microsoft account

Some folks using Windows 8.1 have been hit by a nasty bug which apparently prevents them from logging on to their PC using a Microsoft account.

The bug was reportedly caused by a recent Microsoft OS update – KB4038792 to be precise, the monthly security rollup of patches for September – and the software giant has acknowledged the problem.

As Computerworld spotted, on Microsoft’s ‘answers’ support forum, the company’s advice is that affected users will need to login with a local account for the time being – but obviously not being synced with your Microsoft account is a big pain.

Meanwhile, the software giant advised that it is working on a patch right now, but didn’t give any estimated time of arrival for the fix.

The Microsoft employee dealing with user queries on the support forum stated: “Our engineers are still in the process of creating a bug fix for the ‘Can’t connect to Microsoft Services’ error that occurs in Windows 8.1 when users try to add or switch to a Microsoft account.

“We have not yet received any estimated time frame for the bug fix. We’ll post an update here once the bug fix has been released.”

It’ll be ready when it’s ready

There’s been no further post as of the time of writing, but we get the feeling this is not a simple fix. It’s not clear how many Windows 8.1 users are affected, but fingers crossed that Microsoft won’t take too much time in solving the problem.

You could chalk this one down as ‘another good reason to upgrade to Windows 10′, and note that the free upgrade to Microsoft’s newest OS is still (unofficially) available.

Indeed, some of the users posting on that support thread have suggested this may be Microsoft’s way of further ‘encouraging’ folks to make the leap to Windows 10. Or rather that the lack of priority for Windows 8.1 might be a reason to upgrade, given that the older OS is obviously way down the pecking order compared to the new kid on the operating system block.

      

10 best gaming laptops in the UAE for 2017: top gaming notebook reviews

As cross-platform play finally makes its way to consoles, the best gaming laptops continue to bear a competitive edge against their living room-based rivals. For one thing, you don’t have to pay for the online multiplayer – there’s almost never a subscription fee required to play games purchased through Steam, Origin and even the Windows 10 Store.

  • Note that not all of the best laptops are meant for gaming

Yet, even as we’re faced with smartphones that cost over a grand, gamers can’t seem to shake the cost of playing on a powerful new PC. Even as Nvidia comes out with cheaper on-the-go graphics options, there’s a baseless misconception that you have to be rich to own one of the top gaming laptops. In the long-run, however, it’s actually cheaper to game on PC.

That being the case, whether you need a gaming laptop that runs everything in 4K or just anything you can use to run the best PC games at stable frame rates, we’ve gathered the top gaming laptops in every category to help you determine your next big purchase. In an order based on our review ratings and awards, these are the best gaming laptops of 2017.

It’s almost as if Asus has initiated a new laptop category of its own with the Zephyrus GX501. That’s because, with the help of Nvidia’s Max-Q technology, the Republic of Gamers has crafted a hardy gaming notebook that measures no thicker than an Ultrabook. In fact, the only area wherein it’s not Ultrabook-esque is the battery, which struggles to attain a consecutive lifespan beyond two hours.

Read the full review: Asus ROG Zephyrus GX501

best gaming laptop

For many gamers, Ultrabook is a four-letter word, but it doesn’t have to be. The first time you get your hands on a Razer Blade, you’ll be looking at a battery life of 7 and a half hours of non-stop video. While you could argue it does skimp as far as graphics are concerned, with the help of a Razer Core external GPU enclosure, you can strap an Nvidia GTX 1080 Ti to this thing down the road if you want. Plus, with the newly added 4K screen option, you may actually need it.

Read the full review: Razer Blade

The industrial look of the laptop is distinctly unique from what MSI usually offers, delivering impressive performance with a slim design and great cooling to boot.

Read our hands-on preview: MSI GS63VR Stealth Pro

Unlike most laptops its size, the Alienware 13 R3 bears a hinge-forward design. By moving the heat sinks behind the screen, the chassis is allowed to be thinner, at 0.81-inch (0.22cm). Unfortunately, this means you won’t find many 13-inch laptop bags that will actually suit the Alienware 13 R3. While you may be tempted by the inclusion of a full-size Nvidia GeForce GTX 1060, it’s the OLED touch display that caught our attention.

Read the full review: Alienware 13 R3

best gaming laptop

At long last, Razer has introduced a true desktop replacement that won’t weigh you down. Measuring in at only 0.88 inches thick with the option between a 17-inch 1080p display running at 120Hz or a G-Sync-laden 4K touchscreen, the Razer Blade Pro also introduces the company’s ultra-low-profile mechanical switches to a notebook for the first time ever. That’s a deal that’s only sweetened by an unusual trackpad placement that makes it comfier to boot.

Read the full review: Razer Blade Pro

Best gaming laptops

The Asus Strix GL502 may not boast the most innovative design, swapping out the usual black and red color scheme for one that makes it feel like Halloween year-round. But, it’s undoubtedly one of the best when it comes to gaming in 1080p. In fact, we were able to crank the settings all the way up in Overwatch without taking a hit below 60fps. The battery life is janky, sure, but the screen, performance and onboard sound system more than make up for it.

Read the full review: Asus ROG Strix GL502

When considering a high-end gaming notebook, you need to look at performance, features and style. Acer has all those bases covered, and even though it’s pricey for a notebook that’s still using a previous generation video card, all the packed-in features — including the 4K screen, an SSD and hard drive combo, and booming sound system — make it worthwhile.

Read the full review: Acer Predator 17 X

To be frank, Alienware hasn’t been a name typically associated with value. That seems to be changing with the Alienware 17 R4, which bears so many different customization options when it comes to specs that you can practically name your own price. Bespeckled with all of the signature elements we’ve come to expect from the brand, such as RGB backlit-accents and tons of ventilation, our only real qualm with the Alienware 17 R4 is a disappointing battery life.

Read the full review: Alienware 17 R4

best gaming laptops

The Lenovo Legion Y720 looks to be a solid choice for a mid-range gaming laptop. While we’ve seen plenty of laptops break the bank for the best specs and performance, this 15.6-inch option starts at a refreshingly affordable AED 5,699 – and users on a tighter budget may want to consider the lower-end Legion Y520 that starts at AED 3,699.

Read our hands-on preview: Lenovo Legion Y720

If there’s one thing we can say that we enjoy about the GT83VR Titan, it’s that you can rest assured that any game you throw at this device for the next few years should play at Ultra settings without issue. There’s also the fully customizable RGB keyboard backlighting, and the hardware-controlled cooling fans when you want to overclock. The laptop also offers Hi-Res audio through a dedicated port for the audiophiles out there.

Read the full review: MSI GT83VR Titan

Gabe Carey has also contributed to this article

      

Microsoft’s Surface Pro LTE will go on sale December 1

Following last week’s leak of the Surface Pro LTE specs, Microsoft has revealed that this fresh spin on the hybrid, which adds cellular connectivity, will go on sale December 1.

This was announced by a Microsoft spokesperson over at the Ignite conference in Orlando, as Neowin reports, so we’ve got just over two months to wait now.

Meanwhile, there’s a good chance we’ll see a full reveal of the LTE-sporting new convertible at Microsoft’s big event in London which is scheduled for the end of October.

The bad news? Apparently the Surface Pro with LTE will only be available with a Core i5 processor, and there’ll be no Core i7 model for those who want to push the performance boat out further – at least not initially. This variant may arrive in the future, of course.

Two’s company

All this is in line with the aforementioned leak from online retailer Misco, which showed two different models of the Surface Pro LTE for pre-order, both powered by a 7th-generation (Kaby Lake) Core i5 processor. One offers 4GB of system memory and 128GB SSD storage, while the other doubles that up to 8GB and 256GB respectively.

According to the retailer, these devices will be pitched at about £1,130 (around $1,510, AU$1,930) and £1,400 (around $1,870, AU$2,390) respectively.

The new Surface Pro was certainly a hit with us, scoring highly in our review back in the summer, impressing with its much-improved accessories and performance in terms of battery longevity.

Obviously an LTE version allowing for internet connectivity when on the move will be a further boon.

  • One of Microsoft’s Surface hybrids is on our list of best laptops

      

Twitter is testing longer tweets up to 280 characters

We’ve all been there. You leave out a crucial word or resort to “bc” or simply don’t send a tweet because you can’t get the nuance of your message across in 140 characters. The character limit has been a major sticking point for Twitter and its users, but today, that changes. Sort of.

Twitter has announced that it’s running a small test in which the character limit of tweets will expand from 140 to 280. That’s double the characters users have up until now been afforded to play with.

The reason for the change, Twitter explains in a blog post, is that in some languages, namely Chinese, Japanese and Korean, users are able to convey meaning with fewer characters. In other languages, such as English, it typically takes many more characters to express the same message.

Twitter has found that just 0.4% of tweets in Japanese hit the 140-character limit. By contrast, 9% of tweets in English do. Most tweets in Japanese are 15 characters long, Twitter said, while in English, tweets average 34 characters.

Twitter’s change is about giving all users around the world ample room to tweet, which should lead to an increase in tweets overall.

“Our research shows us that the character limit is a major cause of frustration for people Tweeting in English, but it is not for those Tweeting in Japanese,” Twitter said. “Also, in all markets, when people don’t have to cram their thoughts into 140 characters and actually have some to spare, we see more people Tweeting – which is awesome!”

The extended character limit is being tested in all languages “impacted by cramming”, Twitter said, meaning Chinese, Japanese and Korean won’t be included.

Twitter maintains it is still all about brevity, and that a 280-character limit allows it to stay within the realm of bite-size information delivery.

It seems all but a given that Twitter will roll the longer character limit out as an official feature to all users, but it is, wisely, taking the time to test this out with a small group, gathering feedback and data, and going from there.

Twitter CEO Jack Dorsey tweeted about the change, calling it “a big move” that maintains the spirit of Twitter.

      

What’s the best Linux firewall distro?

This article was provided to TechRadar by Linux Format, the number one magazine to boost your knowledge on Linux, open source developments, distro releases and much more. Subscribe to the print or digital version of Linux Format here.

You don’t have to manage a large corporate network to use a dedicated firewall. While your Linux distro may already have an impressive firewall installed as well as an equally impressive arsenal of tools to manage it, the advantages don’t extend to the other devices on your network.

A typical network has more devices connected to the internet than the total number of computers and laptops in your average small or home office. With the onslaught of IoT, it won’t be long before your router is doling out IP addresses to your washing machine and microwave as well.

The one thing you wouldn’t want in this Jetsonian future is having to rely on your router’s limited firewall capabilities to shield your house – and everyone in it – from the malicious bits and bytes floating about on the internet.

A dedicated firewall stands between the internet and internal network, sanitising the traffic flowing into the latter. Setting one up is an involved process both in terms of assembling the hardware and configuring the software. However, there are quite a few distros that help you set up a dedicated firewall with ease, and we’re going to look at the ones that have the best protective open source software and roll them into a convenient and easy to use package.

Specifically, in this roundup, we’re going to dissect and compare five different distros: IPFire, OPNsense, pfSense, Sophos UTM and Untangle NG Firewall.

How we tested

While you can test these firewall distros on a spare physical PC, it’s more convenient to take them for a spin inside a virtual machine. Create a virtual network by firing up VirtualBox and heading to File > Preferences > Network. Switch to the host-only network tab and add a new network using the screwdriver icon to assign it an IP address e.g. 192.168.56.1.

Next, create a VM for the firewall distro and make sure it had two network adaptors – the first one in bridged mode, the second one as a host-only network. After installing the distro, you can assign a different IP address such as 192.168.56.2 to the second adaptor and configure it as a DHCP server to assign an IP address range of 192.168.56.20 – 192.168.56.50. From here on out, any other VM connected to the host-only adaptor will be routed through the firewall VM, so you can experiment with it safely.

See our guide to running Linux in a Virtual Machine here.

The IPFire kernel is hardened with the grsecurity patchset to thwart zero day exploits and comes with strict access controls. The distro can also compartmentalise networks based on their respective security levels using a simple colour-coded system. IPFire also allows you to create custom policies to manage individual networks. For more elaborate control, you can also manage outbound access to the internet from any segment.

IPFire uses a Stateful Packet Inspection (SPI) firewall that’s built on top of the utility netfilter. It facilities Network Address Translation (NAT), packet filtering and packet mangling. You can set up the firewall for everything from forwarding ports to creating a safe DMZ between your network and internet. The project’s wiki also hosts a ‘security hardening’ guide to create firewall rules for common scenarios.

The pfSense distro uses the p0f OS fingerprinting utility to allow you to filter traffic based on the operating system initiating the connection. You can also choose to log traffic matching each rule. The OPNsense distro was forked from pfSense and offers pretty much the same features for the firewall and other aspects of the system.

Sophos UTM, unlike the other distros, cuts off all traffic and then enables you to allow specific types, such as web and email, during initial setup. The server also includes an innovative category-based web filter that blocks sites based on the type of content and includes categories such as Drugs, Spam URLs, Nudity, Weapons and so on. It also offers to scan emails sent over POP3 for viruses.

Untangle’s hosted firewall can be set up through an easy to use interface that makes it very straightforward and simple to define rules for firewalling traffic. You can also gain granular control over the traffic by defining complex rules that combine multiple parameters. This might seem like quite an involved process, but it’s made more accessible by abundant use of relevant pull-down menus.

Verdict

  • IPFire: 4/5
  • OPNsense: 4/5
  • pfSense: 4/5
  • Sophos UTM: 5/5
  • Untangle NG Firewall: 4/5

All the distros in this roundup bundle a lot of other functionality besides a basic firewall. Some distros offer these features as free add-ons while others charge for them. While we’ll list all the functionality provided by each distribution, in order to be fair to the FOSS distros, we’ll rate all of them based on the modules that are available free of charge.

IPFire can be used as: a VPN gateway; an infrastructure server; a content filter; a proxy server; a caching name server; and an update accelerator etc. When used as an internet gateway the distro can connect to the internet through various technologies, encompassing all popular types of broadband access, as well as mobile access, including VDSL, ADSL, Ethernet and 3G/4G.

Both pfSense and OPNsense can operate as a traffic shaper, load balancer and VPN. They both offer three options for VPN connectivity including IPsec, OpenVPN and PPTP. Similarly, you can use the Sophos UTM server as a site-to-site VPN solution and configure it to handle VoIP connections and balance load.

Untangle doesn’t ship with any components pre-installed but its recommended package installs over a dozen applications and services including: a web filter; virus blocker; spam blocker; bandwidth control; application control; captive portal; WAN balancer, as well as a firewall. Some of the applications that Untangle doesn’t install are an ad blocker, intrusion prevention and web cache.

Unlike the other distros, some of the Untangle applications are paid options with a 14-day trial.

Verdict

  • IPFire: 5/5
  • OPNsense: 5/5
  • pfSense: 5/5
  • Sophos UTM: 5/5
  • Untangle NG Firewall: 3/5

While servers require more involvement and active maintenance, some aspects of the installation process are, in fact, streamlined i.e. a server distro is designed to take over an entire hard disk which eradicates the need to define partitions. The firewall distros in this roundup go to great lengths to help you mould the installation as per your network configuration. All of them employ browser-based interfaces that can be used to monitor and modify the various components of the firewall.

Having a graphical interface is crucial – a technologically sound base isn’t enough by itself. A convoluted or illogically arranged management interface will have a direct bearing on a distro’s usability and prevent users from getting the most out of it.

We’ll break this slide down into mini-reviews of the deployment experience, starting with…

IPFire

IPFire is written from scratch and has a straightforward installation process. The installer will detect the number of NICs (Network Interface Controllers) attached to the computer and ask you to assign them to one of the four colour-coded zones. Each of these zones caters to a group of machines that share a common security level. Later on you’ll be asked to assign an IP address to the NIC that’s connected to your internal network. An IP address will be doled out via DHCP.

Once you’ve installed the distro, fire up its browser-based admin interface which is available on the IP address you assigned to the NIC connected to the local network. Head to the Firewall section in the admin interface to define the rules for the firewall. While the interface is simple to use, it requires some expertise for effective deployment. You should also read the documentation thoroughly.

Score: 3/5

OPNsense

This distro was forked from pfSense and follows the same straightforward installation procedure. After installation, the distro boots to the command-line dashboard which also includes the address of the browser-based admin console. The admin interface is the one major visible difference between the distro and its progenitor. The interface takes you through a brief setup wizard prompting you for information about your network.

Once it’s rebooted with the right settings, head to the Rules section under Firewall. The rules definition interface is presented logically and includes a switch to display relevant help information to explain the various settings. Similarly, configuring the other components of the firewall distro is also a relatively intuitive process. Since the distro has a vast number of settings, you can enter keywords in the search box at the top of the interface to locate the relevant setting.

Score: 4/5

pfSense

The FreeBSD-based distros, pfSense and OPNsense, use the same fairly automated installers, though the original pfSense version offers more advanced options, including the ability to install a custom kernel. Again, just like OPNsense, pfSense boots to a console-based interface that gives you the option to configure the network interfaces on the installed machine.

Once they are all set up and configured, a browser-based console will take you through the setup wizard. The web interface for pfSense has recently been updated giving it a much smoother and more streamlined feel.

The distro requires you to put some time into learning it, especially if you’re going to use the add-on packages, but the documentation is worth its weight in gold (if printed out).

Score: 3/5

Sophos UTM

To get started with Sophos UTM you have to download the ISO, register on the project’s website, get a user licence and upload it to the server for further configuration. During installation, Sophos asks you to select the NIC connected to the internal network and assign it an IP address, which you can use to access the distro’s browser-based admin interface. You’ll also be asked to agree to installation of some proprietary components which are necessary in order to use the distro.

Once installed, you can bring up the browser-based management interface and run through the brief setup during which you can upload the licence. Sophos then locks down all traffic and enables you to ‘poke’ holes for the type of traffic you wish to allow.

Score: 5/5

Untangle NG Firewall

The Debian-based distro Untangle NG is very easy to set up and is the only distro in this roundup which restarts automatically after installation into the web-based setup wizard. Untangle NG asks you to set the password for the admin user, then to choose and configure the two network cards. One of these connects to the internet and the other to your local network.

Once setup is complete, Untangle prompts you to create a free account in order to configure the server. You’ll then have to install applications, such as the firewall, to enable specific functions. Almost all the applications are preconfigured and run automatically after install. You can also customise each application by clicking the Settings button under it. Untangle’s dashboard also enables you to analyse the traffic passing through the server, and each application will show statistics for its own traffic as well.

Score: 4/5

Virtually all the distros in this roundup offer a range of paid services. IPFire offers paid support through Lightning Wire Labs who provide custom solutions to businesses deploying the firewall. The company also offers customised hardware appliances to integrate into your network infrastructure.

OPNsense has multiple commercial support options. The annual subscription to the business support package costs €299 (around £260, $360 or AU$450) and includes three hours of technical assistance. You can purchase additional hours if you wish. There are also gold, silver and bronze professional services designed for larger deployments, integrations and custom changes to the distro.

You can also purchase support packages for your pfSense deployment which include technical support, configuration assistance and a configuration review. Furthermore, the pfSense project offers pfSense Training, with the cheapest course starting at $899 (around £660, AU$1,120).

Besides selling a retail version of the Sophos UTM for larger organisations, Sophos offers support packages via its resellers. The firm also has over 40 online and offline training courses on different aspects of the distro. Fees for the courses vary but an introductory two-hour webinar costs $249 (around £185, AU$310).

Untangle sells several components to extend the functionality of the firewall. If you purchase NG Firewall Complete it costs $50 a month (around £40, AU$65) for up to 25 devices. There’s a 10% discount for paying annually.

Untangle also sells several hardware appliances with its firewall server preinstalled ranging from the small u25 appliance for $399 (around £295, AU$500) to the firm’s m3000 for $7,599 (around £5,600, AU$9,500).

Verdict

  • IPFire: 5/5
  • OPNsense: 5/5
  • pfSense: 5/5
  • Sophos UTM: 5/5
  • Untangle NG Firewall: 5/5

Just like paid services, all projects behind the firewall distros in this roundup offer a hefty amount of documentation and support in the form of guides, wikis and forums to help you through the deployment process.

The IPFire project hosts detailed documentation in wikis, as well as its English and German forum boards in addition to an IRC channel and dedicated mailing lists.

OPNsense also has forums, a wiki, IRC and very detailed documentation covering every aspect of deployment. Furthermore, the project has over a dozen how-tos on popular configurations/setups, such as configuring traffic shaping, web filtering and setting up a guest network.

The best source of documentation for the pfSense distro is its handbook which comes with a gold membership subscription. Besides this there’s a wiki, forums, mailing lists and IRC. The wiki hosts a large collection of how-tos, most of which are clear and to the point. The project developers are also very active on social networks, such as Reddit, where users can seek help.

The Sophos website hosts PDFs of the quick-start guide and a 600-page administrator’s guide, in addition to community-supported bulletin boards. There’s also the Sophos Knowledge Base which hosts articles on different aspects of the distro.

Finally, the Untangle project hosts forums, a FAQ, and its wiki pages have screenshots where applicable, along with some short tutorials.

Verdict

  • IPFire: 5/5
  • OPNsense: 5/5
  • pfSense: 5/5
  • Sophos UTM: 5/5
  • Untangle NG Firewall: 5/5

A firewall server – just like any other server – needs constant upkeep, whether it’s to install updates or new add-ons. IPFire ships with Pakfire, an extensive package management utility that makes it fairly simple to expand on the basic installation. The package manager also enables updates to address security issues.

Similarly, pfSense also includes a package manager which can be used to install and update packages. The packages are grouped under categories, such as Services and Utility, Security and so forth, and include a wide range of applications, such as Asterisk, Dansguardian, FreeRadius2, Snort, Squid and a lot more. The distro is configured to automatically install new versions of firmware and includes a host of diagnostic tools and utilities to troubleshoot the installation.

OPNsense also supports add-ons via the use of plugins, but doesn’t offer as many packages as you get with pfSense. Like pfSense, OPNSense can fetch and install updates for all the installed components.

There’s no package management option in Sophos UTM as all features are shipped in the distro and you can enable them as required. The distro includes the Up2Date utility for installing updates to the firewall’s firmware, as well as for fetching newer patterns for components, such as the antivirus and the Intrusion Prevention System.

Untangle requires you to use the interface to fetch any components you need. The Reports application monitors and prepares detailed and visually appealing reports about the server as well as its different components. The distro also includes the ability to update the installation and its components. You can configure it to install updates automatically during setup, as well as use the web interface to customise the schedule for the automatic updates.

Verdict

  • IPFire: 5/5
  • OPNsense: 4/5
  • pfSense: 5/5
  • Sophos UTM: 4/5
  • Untangle NG Firewall: 5/5

While IPFire is based on Linux From Scratch, its browser-based interface is borrowed from the older firewall distro IPCop. The interface has a simple and easy to navigate layout with the different aspects of the firewall server grouped under tabs listed at the top of the page. The System tab houses options to configure the overall installation. This is where you’ll find the option to enable SSH access and create a backup ISO image of IPFire with or without log files. The Status tab shows you an overview of the various components, while the Services tab lets you enable and configure individual services besides the firewall.

The dashboard in pfSense is more verbose than IPFire’s but has pretty much the same layout. The Firewall drop-down menu houses options to define the filtering rules as well as configure the traffic shaper. Settings for other services, such as the load balancer and captive portal, are housed under the Services menu. VPN has its own menu and enables you to configure the various supported VPN protocols. The CLI console on the firewall server displays a dashboard of sorts, as well. In addition to the addresses assigned to the different NICs, it allows you to reset the configuration of the install to the default state and even upgrade the install.

OPNsense has a more refined interface than pfSense. Certain sections, such as when adding firewall rules, include a toggle labelled ‘Full Help’. When enabled, this option appends relevant information to fields to help you make the right selection.

Sophos UTM also has a loaded dashboard interface. Among other things, it displays information about the threats that firewall components have blocked in the last 24 hours. You can also use the Search box to narrow down the list of options.

Untangle also has a polished interface. Once you’ve installed an application, it’s enabled automatically and listed in the app rack. Each app has a Settings button for tweaking parameters. The rack also supplies a snapshot of traffic it has processed.

Verdict

  • IPFire: 3/5
  • OPNsense: 4/5
  • pfSense: 2/5
  • Sophos UTM: 4/5
  • Untangle NG Firewall: 4/5

Deploying a server is as much about personal preference as it is about a product’s technical dexterity. Despite objective testing, the results and our recommendation are influenced by our own preferences. Also, all firewall servers offer much the same functionality, but since this is delivered by different applications, one product might perform a certain task better than the others.

The one distro we definitely do not recommend is Untangle. This isn’t a reflection of its technical inferiority, but the fact that similar functions from its competitors are available cost-free. The majority of Untangle’s apps in the free version are 14-day trials. Even with the paid components, the distro doesn’t offer anything compelling over the others.

We’ve docked pfSense a few points for similar reasons. The distro is a tweaker’s paradise – you can flesh it out into any kind of server. However, unless you’re used to its tools and FreeBSD underpinnings, it’ll only end up confusing you with a myriad options.

OPNsense, which is a fork of pfSense, has a much better user interface and rewritten components, such as the captive portal.

The runner-up prize goes to IPFire which has an impressive list of features. Its Pakfire package management system helps you to update and expand the initial installation. The distro’s UI also makes it easier to configure several components, such as OpenVPN, when compared with the other offerings here.

The top honour goes to Sophos UTM which is free for managing a network of up to 50 IP addresses, and bundles Sophos Endpoint Protection for up to 10 computers. The distro includes an impressive list of tools, many of which are identical to the paid enterprise edition. We also like that the distro enables the firewall as soon as it’s installed, and allows you to poke holes in the firewall to enable the flow of required traffic. Not only is this the proper way to deploy a firewall, the Sophos wizard makes it easier for inexperienced users to reap the benefits from the get-go.

So, our final rankings are as follows:

1st Place: Sophos UTM – bundles all the essential features with an intuitive UI.

Overall score: 4/5

Web: https://www.sophos.com

2nd Place: IPFire – a secure and expandable distro with a functional management interface.

Overall score: 4/5

Web: http://www.ipfire.org

3rd Place: OPNsense – all the benefits of pfSense with a reimagined UI.

Overall score: 4/5

Web: https://opnsense.org

4th Place: pfSense – feature rich and fully functional distro, with a simple interface.

Overall score: 3/5

Web: https://www.pfsense.org

5th Place: Untangle NG Firewall – the free version is little more than a demo for the paid version.

Overall score: 2/5

Web: https://www.untangle.com

One popular firewall distro we didn’t include in this roundup is Smoothwall Express. It hasn’t had a stable release since 2014, but is still one of the most well-known firewall distros out there.

Then there’s also the feature-restricted community edition of the Endian Firewall as well as the Zeroshell firewall router distro for embedded devices. You can also add firewall functionality to your existing gateway server. ClearOS and Zentyal are two such systems which can be adapted into firewalls.

If you are the DIY type, it’s possible to build your own firewall appliance with little effort. One approach would be to use an ARM-based computer such as a Raspberry Pi. The website for the IPFire distro provides ARM images to download and install to your Pi’s SD card.

Alternatively you could install a minimal Linux distro, such as Arch Linux, and then use the built-in iptables firewall. To assist you with creating and managing rules, you could also use a graphical tool such as Shorewall. Another approach would be to install and use Ubuntu’s command line tool ufw or its graphical companion Gufw to manage iptables.

      

Seen an amazing photo online? Vivaldi shows you its metadata with two clicks

Ever seen an incredible picture online and wondered what type of camera it was taken with, what exposure and focal length settings the photographer used, or where and when it was taken?

The latest version of super-customizable web browser Vivaldi puts all that information at your fingertips. Just right-click a photo, select ‘Image properties’ to see a comprehensive list of metadata, including a histogram, white balance and color space, dimensions and any software used for post-processing.

“Photography and design experts will appreciate instant access to the multi-channel histogram and raw data. Bloggers can easily get the dimensions of the image,” says Henrik Helmers, designer at Vivaldi. “Photo enthusiasts can use this new feature as a tool to learn more about their hobby.”

Vivaldi’s updated downloads panel makes it easier to sort your files and see useful information at a glance

Vivaldi 1.12 also features an improved downloads panel, with additional data including the file name, download URL, destination folder and download speed. You can filter downloads by name, type, size, data added and date finished, helping avoid the hassle of trawling through a list to find the one you need.

If you find some websites’ accent colors too strong, the browser also features a new slider that lets you adjust their saturation to make them easier on the eye.

      

Alexa has come to mobile Amazon Music streaming

Amazon has announced that its digital assistant Alexa is now available in the Amazon Music app on iOS and Android devices. At the moment the feature is only available in the UK, US, Germany and Austria.

If you’re used to using Alexa on an Echo, or Echo Dot, it will be a slightly different experience, as you won’t have access to the full range of Skills (Amazon’s name for its apps) but will allow you to make more natural track selections.

For example, if you wanted to hear a song but can’t remember the title, you can say “Play the song that goes ‘And I walked off you, And I walked off an old me” and Alexa will play Maggie Rogers’ Alaska.

Or if you wanted to have a throwback hits party, you can say ‘Play Justin Timberlake songs from the 2000s’ and Alexa will line up a playlist full of tunes from his early solo work.

Alexa, go hands-free

Rather than using the ‘Alexa’ command to fire it up as you would on your at-home Alexa device, there will be an Alexa push-to-talk button in your Amazon Music app. Just give it a tap and make your request.

Obviously, having a physical button takes away some of the draw of using a voice interface, but it’s interesting to see Amazon increasing mobile Alexa interfaces, considering the rumors that are doing the rounds about Echo Glasses that would tether to a mobile device.

For now though, you can experience Alexa on your Amazon Music app by simply updating to the latest version of the app in either the App Store or the Google Play Store.

      

Major flaw in macOS High Sierra puts your passwords at risk

Apple has launched the latest version of macOS, High Sierra, with an unpatched zero-day vulnerability in place, a worrying state of affairs even though the flaw is one which theoretically won’t affect the majority of users (at least those who take heed of Gatekeeper’s warnings).

The exploit was discovered by Patrick Wardle, chief security researcher at ‎Synack, and also affects earlier versions of macOS (and OS X for that matter).

It can be delivered by an unsigned app, and is capable of hoovering up all the passwords stored in the macOS keychain (in plain-text, so fully readable), without needing the master password normally required to access the keychain. The user won’t realize anything bad has happened.

Of course, if you try to install an unsigned app under macOS, the operating system will warn you against proceeding. And that’s exactly what Apple pointed out in its defense.

As at ZDNet reports, the company stated: “MacOS is designed to be secure by default, and Gatekeeper warns users against installing unsigned apps, like the one shown in this proof of concept, and prevents them from launching the app without explicit approval.

“We encourage users to download software only from trusted sources like the Mac App Store, and to pay careful attention to security dialogs that macOS presents.”

Fix frustrations

However, Wardle reported the exploit earlier this month, and is disappointed that Apple hasn’t managed to fix the problem for the launch of High Sierra, given that this is a nasty bug that can whip away all your passwords.

And there’s always the prospect of some nefarious type managing to get the exploit into a digitally-signed app, which has happened in the past (using a falsified registration for Apple’s developer program, or indeed simply stolen developer credentials). That would make this threat far more dangerous, of course.

On the subject of revealing the vulnerability before it has been patched, Wardle told ZDNet: “As a passionate Mac user, I’m continually disappointed in the security of macOS … every time I look at macOS the wrong way something falls over. I felt that users should be aware of the risks that are out there – I’m sure sophisticated attackers have similar capabilities.”

Hopefully, now the malware cat is out of the bag in this case, Apple will move swiftly to issue a patch. In the meantime, be careful what you’re installing on your Mac (although that should be your default perspective on software downloads anyway).

  • Naturally, a couple of Apple’s MacBooks make our list of best laptops