Saturday, July 18, 2026


TECH


Japan's answer to deadly heat waves is a human refrigerator

Japan's Do Hiemon Box is a new walk-in personal cooling booth that maintains an interior temperature of 15°C, with 5°C airflow directed at the head and neck. Priced at ¥1.5 million (~$9,230), it's now on sale for businesses across Japan.

A Japanese company has developed what it calls a human refrigerator — a walk-in personal cooling booth that chills the body in minutes and is already showing up in public spaces across Japan.

Called the "Do Hiemon Box", the product was developed by SDRS, a Japanese refrigeration and vending machine manufacturer, and is distributed by industrial equipment supplier Trusco Nakayama. The design is directly inspired by Japan's ubiquitous vending machines. The refrigeration booth is roughly the same shape and footprint as a standard unit, standing 2,029 mm tall and 931 mm wide, and weighing 293 kg. It runs on wheels, requires no installation, and can be deployed indoors or outdoors.

Mechanics-wise, the booth manages to maintain an interior ambient temperature of 15°C. Once seated on the built-in chair, chilled air at around 5°C is directed toward the user's head, neck, shoulders, and back simultaneously. The company says users feel much cooler within five minutes only, and that ten minutes inside may help relieve symptoms of heat exhaustion by rapidly lowering body temperature. Three airflow and cooling settings are available, and the unit shuts off automatically after 20 minutes to prevent overcooling. Power consumption is roughly half that of a typical spot air conditioner.

The Do Hiemon Box went on sale in April at ¥1.5 million (approximately $9,230) plus tax. Businesses and organizations should benefit greatly from this, instead of individual buyers. One unit has already been donated to Maebashi City Hall in Gunma Prefecture.

The booth releases air at approximately 5°C...Developed by Trusco Nakayama, the "Do Hiemon Box" is based on the structure of a frozen food vending machine.

Upon entering and sitting in the booth, the user receives a stream of air at approximately 5°C directed at their head and the back of their neck. The unit features three temperature and airflow settings and shuts off automatically after 20 minutes to prevent over-cooling.

In a test featured in the report, a journalist ran for five minutes in an outdoor temperature of around 36°C. After entering the booth, their measured surface body temperature reportedly dropped from approximately 35°C to 15.3°C in about four minutes.

Designed for both indoor and outdoor use, the unit operates on a standard 100-volt power outlet and is equipped with wheels for easy mobility.

Launched on April 1, 2026, the product had already been adopted by approximately 130 companies—primarily factories and workplaces with high-heat environments—according to the report.

Since June 2025, companies with employees working in conditions that pose a risk of heatstroke have been required to establish communication methods and emergency procedures to prevent such cases from worsening.

The timing also makes sense. Japan recently introduced new official terminology for days when temperatures exceed 40°C, and on July 15 alone, 48 people were taken to hospital for heatstroke in Tokyo.

 

mundophone

Friday, July 17, 2026

 

TECH


Autonomous cybercrime and DNS abuse: Trends shaping the future of digital attacks

Europol warns that, in the coming years, the ability of authorities to respond will depend on the adoption of advanced technologies, legal access to critical data, and much closer collaboration with the private sector.

One of the most disruptive trends is the emergence of autonomous cybercrime. Criminal groups are already using agentic AI systems capable of executing entire attack workflows—from information gathering to intrusion, exfiltration, and monetization—with minimal human intervention. As these tools become more accessible, attackers can distance themselves from operations, reducing the risk of identification and transforming cybercrime into an increasingly intangible threat.

The report also highlights the evolution of hybrid threats, where state-sponsored actors and cybercrime groups collaborate seamlessly. DDoS attacks continue to be used to undermine public trust and generate political instability, while hacker coalitions combine intrusions, data theft, and fraud schemes. The result is a dynamic attack ecosystem where the boundaries between espionage, sabotage, and financial crime are becoming increasingly blurred.

At the heart of this new reality lies DNS abuse, which the IOCTA identifies as one of the critical infrastructures most frequently exploited for online attacks and fraud. DNS acts as a bridge between criminal infrastructure and victims, enabling offenders to launch phishing campaigns, distribute malware, or control botnets via temporary domains. Criminals exploit the lack of automated reporting mechanisms and the slow pace of international legal requests. By the time a malicious domain is finally blocked, the attack has often already reached significant scale.

DNS is equally essential for ransomware and C2 operations, with botnets utilizing residential proxies to mask traffic and mimic legitimate users. This technique hinders detection and makes dismantling criminal infrastructures significantly more complex.

The IOCTA 2026 report emphasizes that the future of cybercrime will be characterized by distributed infrastructure, opaque cryptocurrencies, fragmented markets, and autonomous AI. To narrow the “speed gap” between attackers and law enforcement, Europol advocates for a response grounded in technological innovation, lawful access to critical data, and ongoing international cooperation. Without such adaptation, cybercrime will continue to gain ground.

Domain Name System (DNS) hijacking is a type of DNS attack in which an attacker deliberately manipulates how DNS queries are resolved in order to redirect users to malicious websites. Hackers carry out this attack by installing malware on users' PCs, seizing control of routers, or intercepting/hacking DNS connections.

DNS hijacking can also be used for phishing or pharming. After hijacking the DNS of a legitimate site, attackers direct users to a fake site where they are prompted to enter login credentials or sensitive financial information. Some governments also use DNS hijacking to redirect users to state-approved websites as part of a censorship strategy.

How does a DNS hijacking attack work? When registering a site with a domain registrar, you select an available domain name, and your site's IP address is registered alongside that domain name. For the sake of illustration, let's say you choose the domain name BusinessSite.com.

A DNS record contains your site's unique IP address, linking your domain name to that address. In a DNS hijacking attack, hackers gain access to your DNS settings and change your unique IP address to a different one. Consequently, your domain name—BusinessSite.com—will point to the attacker's servers when the DNS record is queried.

In other words, when someone types "BusinessSite.com" into Chrome, Firefox, or another browser, they are not taken to your actual website. Instead, they are routed to a site controlled by the attacker. If the visitor believes the site they are viewing is legitimate, they might enter sensitive information or inadvertently download malware.

How can DNS hijacking be detected? Common signs of DNS hijacking include slow-loading web pages, frequent pop-up ads on sites where they shouldn't appear, and pop-ups claiming that the user's machine is infected with malware. Fortunately, in addition to these warning signs, there are several online tools you can use to check if your DNS has been hijacked, including:

Network Ping: You can identify DNS hijacking by using a ping utility to ping the questionable domain. You will know your DNS has not been hijacked if the results indicate that the IP address does not exist. Conversely, if you ping the suspicious domain and an IP address appears, there is a good chance your DNS has been hijacked.

Router Check: Attackers can use malware to gain access to your router's administration page. Once inside, they can alter the DNS settings so that the router uses a server managed by the attacker. To check for this type of attack, simply access your router's administration page and verify your DNS settings.

WhoIsMyDNS Check: Another excellent online tool is WhoIsMyDNS, which allows you to identify the actual server responding to DNS requests on your behalf. If the displayed DNS server is unfamiliar to you, you may have fallen victim to DNS hijacking.

Types of DNS hijacking attacks...To prevent DNS hijacking, you first need to understand the different types of attacks. DNS hijacking can take four different forms:

Local DNS hijacking: An attacker installs Trojan horse software on a user's computer and then modifies local DNS settings to redirect the user to harmful websites.

Router-based DNS hijacking: Many routers have weak firmware or use the default passwords they shipped with. Attackers can exploit this to hack a router and change its DNS settings, affecting everyone who uses that router.

Man-in-the-middle (MITM) attacks: Attackers use man-in-the-middle techniques to intercept communications between users and a DNS server. They then redirect the target to malicious websites. Compromised DNS server: Hackers can alter DNS records on a DNS server, allowing them to redirect DNS requests to malicious websites. If the site looks legitimate, the user might not even realize they are in the wrong place.

 

TECH


World emoji day

World Emoji Day, celebrated on July 17, is a global tribute to the small icons that have revolutionized our digital communication. The date was established in 2014 by Jeremy Burge, founder of Emojipedia, and quickly gained traction on social media.

The reason? The calendar emoji displays "July 17" by default—a reference to the launch of Apple’s iCal in 2002. Over time, all major platforms adopted this same standard for the emoji, reinforcing the significance of the date.

How did it start?

1999: The first emojis appear, created by Shigetaka Kurita in Japan.

2013: Emojipedia—the "encyclopedia of emoji"—is launched.

2014: The first World Emoji Day takes place, featuring the hashtag #WorldEmojiDay.

Why does this date make sense?

The calendar emoji displays July 17, an "Easter egg" (a hidden message, image, or feature inserted by creators into products like games, movies, and software as a surprise for users).

In 2015, the topic was the most discussed subject on Twitter.

In 2016, Google changed the design of its calendar icon to reflect this date.

On World Emoji Day, celebrated this Friday (July 17), here’s a quick test: do you know what πŸ‘, πŸ’€, πŸͺ‘, 😭, and πŸ’… mean? The answer might not be so obvious.

Created to complement communication, emojis have taken on new meanings over the years. In many cases, they have moved beyond simply representing the object or emotion they depict to function as slang, cultural references, and even codes shared by specific online communities.

This phenomenon is driven primarily by social media, where trends spread rapidly; unlike verbal language, no one "officially" assigns a new meaning to an emoji. It emerges spontaneously as thousands of people begin using it in the same way. Here are a few examples:

πŸ˜‚ Doesn't always indicate laughter...For a long time, the "laughing-crying" face (πŸ˜‚) was practically synonymous with laughter. Today, especially among parts of Generation Z and Generation Alpha, other emojis have stepped in to fill that role.

πŸ’€ : "dying" of laughter

😭: crying from laughing so hard

There are even more curious cases. In 2021, TikTok users began using the πŸͺ‘ (chair) emoji to signify laughter following a joke started by British influencer KSI. The idea was simply to replace the laughing emoji with a chair. Despite the lack of any logical connection, the joke went viral, and for a time, the chair became a sort of code among the platform's users.

πŸ‘ Might not just mean "OK"...Some emojis have come to convey ideas completely different from their original design. The πŸ‘ (thumbs-up), for instance, is still interpreted by many as a sign of approval or agreement. However, among younger users, it can also be perceived as a curt, cold, sarcastic, or even passive-aggressive response, depending on the conversation's context.

πŸ’… Doesn't mean painting your nails...This is another example of an emoji that might not mean exactly what it looks like. The πŸ’… (painting nails) emoji can convey self-confidence, or the idea that someone wants to make a point or come out on top in an argument.

πŸ™ Prayer or a high-five? For many, the emoji showing two hands pressed together signifies gratitude, prayer, or a request. However, some interpret it as a high-five or a way of saying "thanks."

🀑 Can mean more than just a clown...This emoji can carry a meaning beyond simply representing a clown. Younger generations use the 🀑 to indicate that they’ve made a fool of themselves or acted like a "sucker."

πŸ”₯ It doesn't just mean fire...This emoji is commonly used figuratively to express that something is impressive or of exceptional quality, or to show that something is "hot" or attractive.

mundophone

Thursday, July 16, 2026


TECH


Forgotten UEFI shims undermining secure boot

ESET researchers identified 11 old and forgotten UEFI shim bootloaders at versions 0.9 and below that can be used to bypass UEFI Secure Boot on any UEFI-based machine that trusts Microsoft’s Microsoft Corporation UEFI CA 2011 third-party UEFI certificate authority (CA) certificate, regardless of the installed operating system (OS). Reported shims can be exploited to execute untrusted code during system boot, enabling attackers to deploy malicious UEFI bootkits (such as Bootkitty, HybridPetya, or BlackLotus) even on systems with UEFI Secure Boot enabled. We reported our findings to CERT/CC in February 2026, and the vulnerable UEFI applications were revoked on Microsoft’s June 9th, 2026 Patch Tuesday.

While two CVE IDs were assigned to this case to cover the reported shims, CVE-2026-8863 and CVE-2026-10797, exploitation of each reported shim is not just about a single bug or two that can be found in these old shims directly. In fact, the attack surface is extended by the shims’ trusted, second-stage bootloaders (mostly GRUB 2), which – like the shims themselves – may include outdated versions with known vulnerabilities. The discovered shims come from various tools or software packages, including PC-diagnostics software, Linux distributions, and other UEFI-based utilities. Importantly, exploitation is not limited to systems with the affected software or OS installed, as attackers can bring their own copy of the vulnerable shims to any UEFI system with the Microsoft third-party UEFI certificate enrolled.

The full list of the software products relying on the reported shims along with their affected versions is available in CERT/CC’s Vulnerability Note. In response to ESET researchers’ report, UEFI shim bootloaders with the following PE Authenticode hashes were revoked in the dbx update that was part of Microsoft’s June 9th Patch Tuesday:

AE75F0D82BA3DF824FBFC69340CC3B4D66C598373B1AB54CDB6C8BFD83A6B961

7B2A3F5C96F95BD8086CE54B0825E300F9C8F11FE3401BB631B3215C8DE9EB10

EB86FA1386FE6E4533B8B938DCC1250616D2F1C14C15E2FCF80834A161018A0A

FD23D6E57DE6F4E1F9D7118DA1C5F31A8AF6BE5E5D9E8170F9493447268D50C5

A0DE9333442C1BF9349A460141AE5E80F911955C6506040FA3D021BF6C1AE3E4

95B6D71FC0C0F8C5E1533A37AEF92CF6B0C961E2CC612A97117FA6759CE5FC06

236A9CB0D71951C36398A32EB660CE2CD4A52CCFA7CF751CC6A35D9DE549E19B

5E594C448760A3135B1A3A83E07A4F2E6FBE49414EF2C7CAB1CBA77F284FA63B

8A964D5F8373948D20A1D4296FB92E545DAD4617A0C810F3B934B53D98AE8963

410260B1B6F5AF5FBEEB9EA3220658435E876CB3247126EE907A437F312DB373

96275DFD6282A522B011177EE049296952AC794832091F937FBBF92869028629

Following is the coordinated disclosure timeline. We’d like to thank CERT/CC for its help in coordinating the vulnerability disclosure process, and the affected vendors for smooth and transparent communication and cooperation during the vulnerability disclosure and remediation process. To protect your systems against this threat, install the latest Microsoft dbx updates. Instructions on how to do that can be found in the Protection and detection section.

To understand the impact that such vulnerable shims can have on UEFI Secure Boot-protected systems, we need to understand how UEFI Secure Boot works, and how signed UEFI shim bootloaders extend the Secure Boot trust chain. In this section we’ll look at UEFI Secure Boot basics, how UEFI shims extend the UEFI Secure Boot trust chain, and two shim-related features: Machine Owner Key (MOK) and Secure Boot Advanced Targeting (SBAT). For anyone already familiar with the theory, we recommend jumping directly to the section Bypassing UEFI Secure Boot using old shims.

UEFI Secure Boot...As shown in Figure 1, when UEFI firmware loads a boot application – like Windows Boot Manager or a UEFI shim – it verifies the binary against two Secure Boot databases:

db (allowed certificates and Authenticode hashes), and

dbx (forbidden certificates and Authenticode hashes).

The image must be trusted by db and not listed in dbx – otherwise, the boot manager triggers a security violation instead of executing it. To make this work out of the box on newly purchased devices with UEFI Secure Boot enabled, most OEMs enroll a set of Microsoft UEFI certificates in the db database, namely:

-Microsoft Windows Production PCA 2011 and Windows UEFI CA 2023 (used to sign Microsoft’s own UEFI boot applications; the 2011 certificate will be added to dbx soon as a result of the BlackLotus-related vulnerabilities).

-Microsoft Corporation UEFI CA 2011 and Microsoft UEFI CA 2023 (used to sign third-party UEFI boot software, such as Linux shims, recovery tools, and disk encryption utilities).

This means that anyone wanting their boot-time software to be UEFI Secure Boot-compatible by default can submit their binaries to Microsoft for signing through the Windows Hardware Dev Center, and once approved, the signed files become trusted on the vast majority of UEFI systems. As a result, Microsoft plays a central role in securing most UEFI-based devices, effectively deciding what is, and what is not, allowed to run during boot.

mundophone


TECH


Data center cooling for AI becomes a decisive factor for infrastructure expansion

The explosion of artificial intelligence workloads is transforming how data centers are designed. While cooling was once viewed merely as a support component, it has now become a strategic element. As increasingly powerful servers pack greater processing capacity into smaller spaces, dissipating the heat generated by the equipment has emerged as a major bottleneck for infrastructure operators and providers.

New AI-focused systems operate using high-density racks capable of consuming far more power than previous server generations. Consequently, the amount of heat produced has also risen significantly.

This scenario has prompted industry companies to ramp up investments in thermal management technologies. In recent months, the market has seen a wave of acquisitions involving manufacturers specializing in dry coolers, heat exchangers, and systems that utilize low-global-warming-potential (GWP) refrigerants.

The goal is to integrate the entire thermal control chain, ranging from equipment cooling to the infrastructure responsible for heat distribution within the data center.

This approach allows thermal management to be treated as a unified system, boosting operational efficiency and mitigating the risk of overheating.

For Chief Technology Officers (CTOs) and Chief Operating Officers (COOs), infrastructure decisions can no longer focus solely on available computing capacity.

Industry experts emphasize the need to evaluate the ecosystem's entire thermal architecture, including monitoring, automation, and intelligent temperature control systems.

Solutions based on optimization algorithms can automatically adjust the operation of cooling equipment, thereby reducing energy waste.

Industry benchmarks indicate that this type of intelligent management can cut energy costs by 15% to 25%, depending on the facility's specific characteristics.

At the same time, the use of low-GWP refrigerants has shifted from being a competitive advantage to a regulatory requirement in many markets. Thermal planning cuts costs and prevents delays... Another point highlighted by experts is that thermal design must be incorporated from the earliest planning stages of a new data center.

When cooling systems are added only after the infrastructure has been built, costs rise significantly.

Industry estimates indicate that redesigning the entire cooling system after the initial installation can increase expenses by 30% to 40% of the original project budget.

Consequently, there is growing demand for suppliers capable of delivering comprehensive solutions that integrate engineering, component manufacturing, installation, and ongoing thermal management.

This integration reduces the risk of delays, improves financial predictability, and facilitates future expansions in computing capacity.

Consolidation among companies specializing in thermal infrastructure also reflects a significant shift in the sector.

Data center operators are reducing their reliance on multiple independent suppliers and prioritizing partners capable of offering integrated solutions throughout the infrastructure's entire lifecycle.

Beyond the initial design, these platforms include real-time monitoring, predictive maintenance, performance analysis, and continuous energy consumption optimization.

With the rapid expansion of artificial intelligence and high-density computing, experts believe that thermal management will evolve from a mere operational concern into a key factor determining data center growth potential in the coming years.

mundophone

Wednesday, July 15, 2026


TECH


Why flights are getting bumpier—and the best seat to minimize the impact of turbulence

It is something even the most frequent flyers dread: the constant chiming of the seatbelt sign, belongings sliding across the cabin floor, and seats shaking while passing through areas of rough air. And if you’ve noticed that flights have been getting bumpier in recent years, data suggests you’re right, reports the *Daily Mail*.

New research from the University of Reading found that wind shear—which creates instability in the jet stream—has increased by 15% since 1979. Similarly, severe clear-air turbulence on busy flight paths has risen by 55%.

In fact, Delta Air Lines is being sued by a group of passengers following a severe turbulence incident on July 30, 2025, that left 25 people injured.

Meanwhile, on an easyJet flight earlier this year, the pilot was forced to declare an emergency and return the aircraft to the UK after encountering a bout of intense turbulence.

In another incident, ten people were injured on a Cathay Pacific flight from Brisbane to Hong Kong in May after turbulence threw passengers and crew against the plane's ceiling.

But what is causing this rapid increase in bumpy, turbulent flights? Former airline pilot Emma Henderson told the *Daily Mail*: "Like it or not, the main reason is climate change." She explains how, as the atmosphere warms, jet streams can intensify in certain regions due to temperature differences between air masses.

"Stronger wind shear within and around the jet stream creates more clear-air turbulence, which is particularly challenging because it cannot be detected by weather radar," explains the pilot, who now works as a professional speaker. Clear-air turbulence (CAT) is increasing "most notably" at cruising altitude, though she points out that "not every type of turbulence is on the rise."

"We’ve also seen an uptick in storm activity in the UK recently, and that brings the risk of more turbulence as well," Henderson adds. Turbulence could "potentially" become more common in the future as global warming progresses.

"Climate models suggest that if global temperatures continue to rise, clear-air turbulence could become more frequent and intense along some major flight paths, particularly over the North Atlantic and North America," the captain explains.

But that doesn't mean you have to brace for a bumpy ride every time you go on vacation: the aviation industry is adapting.

From improved turbulence forecasting to the use of Electronic Flight Bags (tablets replacing paper manuals) that display real-time turbulence data to pilots, airlines are leveraging technology in various ways to ensure smoother journeys.

Henderson, who has decades of flying experience, explains: "Pilots today have access to far more information than we did just 15 years ago."

Even simple changes—such as more proactive seatbelt policies and ensuring cabin crew take their seats earlier when turbulence is forecast—help make flights smoother and safer.

How a pilot flies the aircraft can also affect the intensity of the bumps felt on board. Measures like changing altitude or making slight course adjustments can lead to a more pleasant flight. "Sometimes, climbing or descending just 2,000 feet allows you to find much more stable air," says Ms. Henderson. The former captain explains that pilots can also "slow down to the aircraft's turbulence penetration speed, which reduces structural loads and often makes the flight feel less jarring." When possible, simply diverting around the area of ​​turbulence is another solution.

"Flying through thunderstorms is typically avoided altogether, as they bring severe turbulence, hail, lightning, and strong vertical air currents," states Ms. Henderson. "Pilots promptly divert, traveling many extra kilometers to go around them." However, clear-air turbulence is harder to avoid "because it is not visible."

According to Henderson, there are several regions prone to intense turbulence, including the North Atlantic jet stream and the Himalayan and Andes mountain ranges. She says passengers shouldn't worry about the increase in turbulence but emphasizes the need to "respect" safety regulations.

"The biggest risk associated with turbulence isn't the aircraft itself, but rather the people inside the cabin who don't have their seatbelts fastened," Ms. Henderson emphasizes. She adds: "Almost all serious injuries caused by turbulence involve passengers or crew members being thrown against the cabin interior because they weren't wearing their seatbelts."

Modern aircraft are designed to withstand forces far greater than those of typical turbulence, and pilots have just as much interest as passengers in avoiding a bumpy flight. Generally speaking, the pilot notes that turbulence is actually just "uncomfortable" rather than "dangerous."

How can passengers minimize the effects of turbulence?

Henderson recommends:

-Keep your seatbelt loosely fastened whenever you are seated, even if the seatbelt sign is off.

-Choose a seat level with the wings—or just ahead of them—if you are particularly nervous, as this is usually the part of the aircraft where you feel the least movement.

-Avoid excessive alcohol consumption if you are prone to motion sickness.

-Stay hydrated.

-Look outside instead of focusing on objects moving inside the cabin.

-Remember that turbulence feels intense because you are in a large, enclosed space, but aircraft are designed to flex. This movement is a sign that they are doing exactly what they were designed to do.

-Listen to the cabin crew. They are acting based on information from the cockpit, rather than simply reacting to the sensation of movement in the passenger cabin.

mundophone


TECH


Doors closing on their own? How your AI-controlled smart home could turn against you...

Artificial intelligence is poised to play a much larger role in smart homes. While virtual assistants today answer questions or execute isolated commands, a new architecture proposed by researchers at New York University envisions AI agents capable of coordinating virtually an entire property's infrastructure: locks, cameras, lighting, sensors, alarms, air conditioning, and other connected devices.

The idea was presented in the study "Internet of Agentic Things: Networked AI Agents for Closed-Loop IoT Orchestration."

Dubbed the "Internet of Agentic Things" (IoAT), the concept describes a network of autonomous agents that do not merely receive commands but interpret goals, devise plans, activate various pieces of equipment, and adapt their decisions based on environmental changes. Instead of simply turning on a light or adjusting the temperature in response to a specific request, these systems could understand instructions like "prepare the house for the night" or "save energy without compromising security" and automatically execute dozens of coordinated actions.

The authors summarize the proposal in a sentence that helps clarify the shift: "agents do not merely observe the physical world; they participate in a closed-loop cycle of perception, reasoning, action, and adaptation."

The paper uses a smart building to illustrate how this works. Upon receiving a command to switch the building to night mode, the AI ​​would check for the presence of people, adjust the climate control system, turn off lights in empty areas, lock doors, activate cameras and alarms, and notify the appropriate personnel if it encountered any unexpected situation—all without an operator needing to control each step individually.

Digital vulnerabilities impacting the physical world... Yet, it is precisely this autonomy that concerns researchers. According to the study, when AI agents take control of physical devices, an error is no longer just an incorrect response on a screen. A misguided decision could result in doors locking at the wrong time, security systems being triggered inappropriately, equipment operating unexpectedly, or other consequences within the physical environment. The authors state that AI is moving beyond mere text generation to directly influence the real world.

The study identifies a range of new risks for this type of infrastructure. These include attacks known as "prompt injection"—where an agent is induced to execute malicious instructions—as well as the compromise of specialized agents, the reuse of outdated information, flaws in digital twins used for decision simulation, communication delays between devices, cascading effects across connected systems, and the leakage of sensitive data such as home occupancy details, location, camera footage, and access logs.

The researchers argue that these threats necessitate a security architecture distinct from the one currently used in smart devices. Recommendations include limiting the actions each agent can perform, validating commands before they reach the equipment, restricting permissions, verifying the continued validity of old information, maintaining local security mechanisms in case cloud communication fails, and logging all AI-driven decisions for subsequent auditing.

In the authors' assessment, the "Internet of Agentic Things" represents the next stage of the Internet of Things. Rather than simply connecting devices, it connects systems capable of perceiving the environment, making decisions, taking action, and continuously learning from the results. This evolution has the potential to transform not only smart homes but also hospitals, factories, transportation networks, and energy systems.

In their conclusion, the researchers summarize this transformation by stating that "the Internet of Agentic Things reimagines the Internet of Things as an active network of ‘cyber-physical’ intelligence, rather than a passive network of devices." They add that the true breakthrough "lies not merely in adding an interface based on large language models, but in combining the distributed reasoning of agents with sensors, memory, digital twins, and feedback-based control." At the same time, the study concludes that the success of this new generation will depend on the ability to ensure that AI agents remain trustworthy, safe, and always subject to oversight mechanisms when their decisions could have effects in the physical world.

Artificial Intelligence (AI) agents are autonomous systems that read and interpret data to make decisions on your behalf. The primary danger lies in the proactive nature of these agents and in vulnerabilities such as "prompt injection," where malicious commands hidden in emails or websites can trick the AI ​​and compromise your home's security.

Key risks associated with AI-powered smart homes:

Intrusions via context manipulation: AI agents often process external content (such as emails or messages) that is beyond your control. A hacker could send an email containing hidden instructions that cause the AI ​​to unlock doors, adjust the temperature, or disable alarms.

Surveillance and privacy breaches: Instead of providing protection, AI can become a tool for espionage. AI-enabled listening devices and cameras can leak data regarding your daily routine, sleep habits, and the times when your home is unoccupied.

Network attacks (Botnets): If your smart home devices lack robust security, malicious actors could hack them to incorporate your home network into a botnet, using your internet connection to launch massive cyberattacks.

Automation acting against the resident: Misinterpretation of sensor data or incorrect commands can cause the AI ​​to perform unwanted actions, such as locking residents out or shutting down essential equipment.

How to protect yourself and maintain control: To mitigate these risks and keep your home under your control, it is essential to implement several layers of defense:

Separation of permissions: Avoid granting AI agents access to critical accounts (such as your primary email or banking accounts) that could interact directly with home devices.

Strong passwords and updates: Change the default passwords on your Internet of Things (IoT) devices and keep firmware updated to patch known vulnerabilities.

Monitoring and action limits: Enable manual confirmation for critical actions, such as opening the garage door or unlocking electronic locks. Isolated networks: Create a secondary Wi-Fi network (guest network or VLAN) exclusively for your smart devices, separating them from your main computers and mobile phones.

mundophone

TECH Japan's answer to deadly heat waves is a human refrigerator Japan's Do Hiemon Box is a new walk-in personal cooling booth that ...