Kategorie

Landmark Admin has issued an update to its investigation of a cyberattack it suffered in May 2024, increasing the number of impacted individuals to 1.6 million. [...]

4chan, a notorious online forum, was taken offline earlier today after what appears to be a significant hack and has since been loading intermittently. [...]

Microsoft announced it will begin disabling all ActiveX controls in Windows versions of Microsoft 365 and Office 2024 applications later this month. [...]

Internet outages are bad news for small- to medium-sized businesses. Point-of-sale systems won’t work when connections fail, meaning transactions can’t go through and revenue is lost until service is restored. And, as we know from the news, the situation is only getting worse with the increasing frequency of intense storms that tear down lines.

SMBs know they can ill afford downtime because their tight operating margins limit their tolerance for lost revenue. Those same restrictions place it beyond their means to hire in-house technical know-how and build infrastructure that could keep them up and running.

It’s a serious financial issue that needs to be confronted. Internet downtime that freezes retail businesses exacts a hefty toll. A store with annual revenue of $250,000 that’s open eight hours a day, six days a week, suffers an average loss of about $100 every hour it can’t process in-store and online purchases. That’s not counting the cost of recovery and paying employees for idle time.

In addition to hurting revenue, these outages frustrate customers and damage reputation, to say nothing of the stress they bring.

Wireless backup offers a solution

Fortunately for shops and restaurants that don’t want these interruptions to stop them from serving customers, there is a good remedy: wireless backup.

The obvious advantage is wireless access doesn’t rely on a cable attached to the building. Wireless networks operate over separate, cellular infrastructure that can survive when wired connections don’t. While electrical service faces a similar risk from downed power lines, providers can deal with by installing backup equipment outfitted with its own battery-based power supply.

The backup gear inside the building kicks in automatically when primary services go out and shuts down again when they return, so shop owners need not intervene. And for cost-conscious SMBs, the price of these services can be quite small when compared to the potential losses.

One such service, Business Connection Backup from Optimum, includes a failover router at customer sites with an integrated power supply that supports eight hours of battery-powered uptime.

The router connects to multiple cellular providers and automatically chooses the strongest signal. It can maintain an internet link for up to six wired or Wi-Fi devices that are deemed most important, such as telecommunication and point-of-sale equipment. So, while a café may not be able to provide Wi-Fi service to all its customers, it could still handle credit card payments and mobile orders.

At about a dollar a day, it’s relatively inexpensive versus the hourly cost of an inability to process online and in-store purchases.

Wireless internet backup can be an effective and reliable service that relieves the burdens of downtime when internet connections fail, helping owners run their businesses efficiently and keep their customers happy. Given the daunting hourly cost of business-wide outages, wireless backup is a practical insurance policy. And like any good insurance policy, it can bring peace of mind. 

To learn more about how to protect your business from power or internet disruptions, visit the Optimum Business Connection Backup page. 

Google has unveiled a new generative AI (genAI) model, Dolphin Gemma, which will attempt to decode how dolphins communicate with each other.

Dolphins are among the most intelligent animals on the planet and communicate partly through whistles and calls. However, it is still unknown whether dolphins have an actual language. Google is hoping Dolphin Gemma can help to clarify that.

The model has been trained on a huge data collection of recordings of sounds from bottlenose dolphins from the Wild Dolphin Project. It will begin field testing this summer. At the same time, Google will also provide open access to Dolphin Gemma.

-“The goal would be to someday speak ‘dolphin’, and we’re really trying to crack the code,” Denise Herzing at the Wild Dolphin Project said in a video provided by Google.

Every year, distributed denial of service (DDoS) attacks break records for frequency, size, and sophistication, making it imperative that enterprises adopt powerful mitigation measures. To be effective, those measures require network and processing capacity that can handle the flood of requests DDoS attacks generate in their quest to overwhelm corporate servers. 

Defense mechanisms need to incorporate detection technology that can quickly distinguish attacks from legitimate, normal spikes in incoming business traffic. And they need to generate reports on DDoS incidents to help businesses plan future security enhancements and to provide data that supports audit and compliance requirements.

Given the cost of tools and staffing to meet all these needs, enterprises cannot act alone. Their best strategy is to enlist dedicated DDoS services that unburden corporate security teams from assembling in-house specialized talent and technology to design, install, monitor and maintain the necessary mitigation infrastructure on site. Such services can be both effective and painless to adopt. 

Addressing the DDoS problem

While DDoS attacks certainly worry CIOs, CTOs and CSOs, they should also be of concern to CFOs and CEOs because of the well-known havoc they can wreak on revenues, productivity, and reputation.

Mitigating DDoS attacks requires the ability to process incoming attack volume and sort harmful traffic from legitimate. Because the cost of doing so is just too large for enterprises to bear, they must find trusted service partners with the scale and expertise to handle it for them.

These partners monitor inbound traffic and redirect any suspicious activity to scrubbing centers that find the suspect traffic and drop it. Clean traffic gets routed to customer networks. And all that must happen fast, to avoid intrusive delays that disrupt end users. The mitigation partner needs to have the network capacity and processing power to automatically respond to the attacks it detects — before any damage is done, and no matter the scale of the attack. 

Ideally, the service can accomplish all this with little or no additional hardware at corporate sites, while complementing in-house security measures already in place. 

Optimum offers a DDoS solution

One such solution is Managed DDoS Protection offered by Optimum, which is rolled into Optimum Business Internet service. Within a minute of customer-bound traffic showing anomalies that indicate a DDoS attack, all traffic headed to that IP address is off-ramped to Optimum’s scrubbing centers. When it’s been sandboxed and sorted, malicious traffic is dumped and good traffic is routed to the customer, with that extra hop adding just 2ms of latency.

Customers go about business as usual, with no knowledge the attack even occurred until they receive an incident report from Optimum detailing the type, size, and duration of the attack — information that can support audit and compliance requirements. The whole process requires no additional hardware, circuits or tunneling configurations. 

This type of DDoS protection, especially when integrated with other internet services, can mitigate the threat of downtime without additional investment in staff or hardware. It’s a form of protection that’s too good to ignore. 

Learn more about how Optimum can protect you from DDoS attacks. Visit our Business Secure Internet page. 

Apple has a brand new plan to make Apple Intelligence smarter. That plan is you — more specifically, your data.

A post on the company’s Machine Learning blog explains the plan to begin on-device analysis of your user data. Apple trains its own AI using synthetic data, but this is a limited approach because models trained this way can struggle to understand trends when supporting Writing Tools or summaries. The idea is that by combining your results data with this synthetic data Apple can build better models.

The way this works is interesting, as rather than grabbing all your information and uploading it to the cloud, Apple will analyze your information on the device, protect it using a technique called differential privacy, and share what data it does take in a form that does not directly connect to you. Apple isn’t taking everything, either – instead it’s just collecting information to show it how successfully its AI responds to enquiries (poll data). This will be in support of Writing Tools, Image Playground, Image Wand, Memories Creation, and Genmoji, and may be extended to text generation — surely part of the company’s big push to make better AI.

All your data R belongs to?

What’s being proposed is innocuously described.The idea is that Apple will combine this polling data with its own synthetically produced data to identify ways to optimize its own information and deliver better results. It’s basically a tool to ensure the information it uses to drive its AI isn’t garbage in order to make it far more likely that the answers/responses it generates aren’t rubbish either.

Not only is the whole system designed to maintain privacy, but people must opt into the Device Analytics program for this to happen. This is on by default. When enabled, the device will be able to figure out which inputs are closest to the real samples, enabling the company to identify ways in which to improve AI text outputs, including things like email summaries.

“These techniques allow Apple to understand overall trends, without learning information about any individual, like what prompts they use or the content of their emails,” the post said.

Your data is protected by differential privacy, which the company says is already being used to improve Genmojis; it means the company doesn’t know who you are, gains no access to your actual data and doesn’t see any contextual information. It just gets aggregated insights into which responses tend toward being the most appropriate in the real world.

“These most-frequently selected synthetic embeddings can then be used to generate training or testing data, or we can run additional curation steps to further refine the dataset,” Apple said.

Which end of the wedge?

I expect the broader effort is aimed at something more significant, and certainly more significant than the Genmoji Apple’s machine intelligence team spends so much time discussing in the latest report. It’s pretty clear that Genmoji just represents a cuddly face for machine-driven AI — Apple is training its devices to understand mood and context, which when combined with everything else your devices know about you looks increasingly like the creation of digital twins.

While the implementation seems to be currently focused on trivial things like email summaries, it’s pretty clear the system might help it in other domains, such as health. Your health data, for example, could be analyzed on device with only anonymized info shared with advanced medical AI in the cloud to support the AI-driven healthcare system the company is thought to be prepping. (Some reporters note that the system seems similar to the CSAM system Apple once considered; it was used to monitor your behavior, while this new attempt aims to augment it. The CSAM system was arguably more open to abuse.)

You can also turn this new AI system off:

• On iOS: Settings > Privacy & Security > Analytics & Improvements, toggle Share iPhone Analytics to off.
• On Mac: Settings > Privacy & Security > Analytics & Improvements, turn Share Mac Analytics off.

The future will be better tomorrow

If you close your eyes, put your fingers in your ears, and sing really loud you can perhaps pretend you don’t see the connection between rogue government’s such as the current UK administration demanding back doors into data security and news that Apple plans to analyze your data to train Apple Intelligence. But if you’ve read the same self-help manuals (1984, Brave New World, Ruling the Void, V For Vendetta) as the current crop, it’s hard to unsee the connection. 

Of course, these insights will most certainly generate major benefits — better health, higher productivity, economic growth — but all of those positive benefits can be undone if privacy and security are not universally protected. Differential privacy and data encryption show that Apple is trying to do something that combines the potential benefits of contextual AI while protecting your privacy. Sadly, not every company seems faithful to the same path. 

Ultimately, the real message here is that, by its actions, Apple illustrates the reality that AI development firms are hungry for all the data they can consume to optimize their models. That demand makes it inevitable that privacy wars concerning your rights to maintain control of your own information aren’t a series of skirmishes to look forward to tomorrow, they are already here. 

What happens if?

This raises plenty of questions: What happens when, for example, a state demands (and eventually gets) access to all your data, including encrypted data? What happens when that data stack leaks as they all do? What happens when other governments, terrorists, criminals get their hands on the same information? Will differential privacy be enough protection? What happens next?

You can follow me on social media! Join me on BlueSky,  LinkedIn, and Mastodon.

​Microsoft warned that Exchange 2016 and Exchange 2019 will reach the end of support six months from now, on October 14. [...]

Nominations for Computerworld’s 2026 Best Places to Work in IT program are now open! Click here to nominate a company today.

The 2025 honorees have been announced! See our Best Places to Work in IT 2025 special report for the complete list of honorees, major trends from this year’s survey, and much more.

About the Best Places to Work in IT program

Computerworld conducts an annual survey to identify the best places to work for IT professionals. We invite readers, PR professionals and other interested parties to nominate companies they consider great employers for IT workers. You may nominate your own company. We then ask those nominated companies that meet our basic criteria to participate in our survey.

Once again, we are excited to extend this program, which has a 32-year history in the United States, to companies worldwide.

The employers in the Best Places list are evaluated by company size: Large companies have 5,000 or more employees; midsize have between 1,001 and 4,999 employees; and small companies employ from 100 to 1,000.

To be eligible, companies must have a minimum of 5 IT employees and a minimum of 100 total employees. We consider IT employees to be those IT workers who provide technology support and services to their own company — or to multiple companies through their work at an IT service provider. Workers who would *not* be included are administrative support staff for the IT department, staff who work in communications or PR for the technology department, IT contractors, or those staff whose primary role is in product development for outside sales.

Best Places to Work in IT is a global program. We ask that companies submit no more than one survey within any one country. If your company operates in multiple countries and you would like to submit a survey for your location only, please note this in the company name field (e.g., “Foundry North America” or “Foundry Germany”). If no location is specified in the company name, we will assume that the entry represents all locations worldwide.

In most cases, we prefer to have the parent company, rather than subsidiaries or affiliates, apply for the Best Places to Work in IT list. However, a subsidiary or affiliate may be eligible, providing that it stands out as a separate entity from the parent company, with separate business functions, IT leadership and so on. A subsidiary may also be eligible to apply separately if its parent company is a holding company. In those cases, the parent company and subsidiary may be able to apply separately. We encourage companies to complete the nomination form or contact us at [email protected], and our Best Places research team will evaluate the submissions on a case-by-case basis.

Questions about the Best Places to Work in IT program can be emailed to [email protected].

Frequently asked questions Survey requirements and eligibility Does my company have to be nominated to complete the survey?

No. Companies may participate even if they were not nominated. In lieu of a nomination, please send an email to [email protected] with the name and contact information (including email address) of the individual who should receive the company survey and other information; we’ll take care of the rest.

Does the Best Places to Work in IT list include public companies only?

No. The survey includes private as well as public companies.

What criteria must my company meet to participate?

To be considered for our Best Places to Work in IT list:

• Companies must have a minimum of 5 IT employees.
• Companies must have a minimum of 100 total employees worldwide.
• In most cases, we prefer to have the parent company, rather than subsidiaries or affiliates, apply for the Best Places to Work in IT list. However, a subsidiary or affiliate may be eligible, providing that it stands out as a separate entity from the parent company, with separate business functions, IT leadership and so on. A subsidiary may also be eligible to apply separately if its parent company is a holding company. In those cases, the parent company and subsidiary may be able to apply separately. We encourage companies to complete the nomination form or contact us at [email protected], and our Best Places research team will evaluate the submissions on a case-by-case basis.

Who should complete the survey?

An individual familiar with employment statistics, benefits, policies and programs of your IT department and your company should complete the survey. This could be a human resources representative, a CIO or corporate PR representative — or a team of all the above.

Survey contents and procedures What does the company survey ask?

Our online survey includes questions about companies’ benefits, training and development, IT salary changes, percent of IT employees promoted, IT turnover rates, and the percentage of women employees in management in IT departments. In addition, we will collect information about company culture, workplace modernization, and company growth.

Which employees are considered “IT workers” in this survey?

Answers to the survey should be based on those IT workers who provide technology support and services to their own company — or to multiple companies through their work at an IT service provider. Workers who wouldn’t be included are administrative support staff for the IT department, staff who work in communications or PR for the technology department, IT contractors, or those staff whose primary role is in product development for outside sales.

What happens if I leave a question blank on the survey?

You can’t leave a question blank if it is required. Many of the questions on the survey are required; the survey can’t be processed if they aren’t answered. Please answer to the best of your ability for questions with lists or options included. If any open-ended/text based questions aren’t applicable to your company, please indicate “NA” for “not applicable.” If there is a question you can’t answer fully given the format of the survey, you may briefly explain your answers in an addendum field that follows each survey section.

Companies that withhold information used to rank the finalists will have points deducted from their ranking. Answers that are left blank or have unexplained N/As will be assumed to be 0 (zero).

Companies must provide answers to questions related to data we run in our feature story and graphics in order to be considered. Please see below for the types of required information that are typically shared publicly.

Can I save my survey and come back to it at a later date?

Yes. You will be able to save your partially completed survey and can save a partially completed survey as many times as necessary. Please save your unique URL to re-enter the survey. When you return to the survey, you will be able to review/modify questions that you have already answered. However, we will continue to provide a printer-friendly version of the survey, and we recommend that you complete this survey, then enter your answers online.

How should I send my company’s information to Computerworld?

We accept company information from the online survey only. Please enter all data as accurately as possible. Provide company name, location, web address and other information, as you would like it to appear in print.

Can I get a copy of the survey to review before I go to the online survey and submit my company’s information?

Yes. A printer-friendly version of the 2026 Best Places company survey can be downloaded for reference. We encourage participants to complete the printer-friendly version offline before filling out the online survey.

2026 Best Places to Work in IT Company SurveyDownload Will Computerworld provide us with a copy of our submitted survey?

Upon request, Computerworld will email you a PDF of your company’s survey responses.

Is there an employee portion to the survey?

There is no longer an employee survey portion to the survey. Computerworld decided to make this change in the 2023 program to streamline the process for global participation and to enable companies with smaller IT departments to participate. In lieu of the employee survey portion of the program, Computerworld will be inviting a panel of judges consisting of industry experts to evaluate entries and confirm this year’s honorees.

List publication and notification When will the list of honorees be published?

The Best Places to Work in IT honorees will be announced in December 2025 on Computerworld.com.

When can I find out if my company is on the list?

Computerworld will notify companies that will be honored as a 2026 Best Place to Work in IT several weeks in advance of publication. Computerworld’s marketing group contacts honorees to offer assistance with press releases.

Is there a timeline to which I can refer for survey action items?

Below is the 2026 Best Places to Work in IT timeline.

April 15, 2025

Nominations open for the 2026 Best Places to Work in IT. Nominated companies receive an email with a unique link to the Best Places company survey from Computerworld by the end of April. Thereafter, company surveys will be sent on a rolling basis.

Tuesday, July 15, 2025

DEADLINE: Completed Best Places company survey is due to Computerworld.

October 5-7, 2025

Work+ event at the Loews Vanderbilt Hotel in Nashville.

October 2025

Nominees are notified regarding their status as Best Places to Work in IT honorees.

November 2025

Best Places to Work in IT honorees are notified of their rank on the list.

December 2025

List of Best Places to Work in IT honorees is available online.

What information will be shared publicly?

Computerworld tries to avoid printing information that a company may consider competitive. The following information may appear publicly:

• Company name
• Location
• Industry
• Website
• Total number of employees
• Total number of IT employees
• Percentage of IT employee turnover
• Percentage of IT employee promotions
• Number of training days offered per IT employee
• Information from open-ended survey questions outlining what’s special about your company and IT department

Please note that revenue, overall IT budget and other sensitive information will not be reported. Such information will be used only in aggregate format or for ranking purposes.

What if I have a question that was not answered in this FAQ?

Please email your questions to the following address: [email protected].

In the subject line, please include your company name and be as descriptive as possible in the subject line as to the nature of your inquiry.

The China-linked threat actor known as UNC5174 has been attributed to a new campaign that leverages a variant of a known malware dubbed SNOWLIGHT and a new open-source tool called VShell to infect Linux systems. "Threat actors are increasingly using open source tools in their arsenals for cost-effectiveness and obfuscation to save money and, in this case, plausibly blend in with the pool of

The China-linked threat actor known as UNC5174 has been attributed to a new campaign that leverages a variant of a known malware dubbed SNOWLIGHT and a new open-source tool called VShell to infect Linux systems. "Threat actors are increasingly using open source tools in their arsenals for cost-effectiveness and obfuscation to save money and, in this case, plausibly blend in with the pool of Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

Google is rolling out a new security mechanism on Android devices that will automatically reboot locked, unused devices after three consecutive days of inactivity, restoring memory to an encrypted state. [...]

A critical security vulnerability has been disclosed in the Apache Roller open-source, Java-based blogging server software that could allow malicious actors to retain unauthorized access even after a password change. The flaw, assigned the CVE identifier CVE-2025-24859, carries a CVSS score of 10.0, indicating maximum severity. It affects all versions of Roller up to and including 6.1.4.

A critical security vulnerability has been disclosed in the Apache Roller open-source, Java-based blogging server software that could allow malicious actors to retain unauthorized access even after a password change. The flaw, assigned the CVE identifier CVE-2025-24859, carries a CVSS score of 10.0, indicating maximum severity. It affects all versions of Roller up to and including 6.1.4.

Microsoft warned Windows users of increased CPU usage when typing while using recent versions of the classic Outlook email client. [...]

Everybody knows browser extensions are embedded into nearly every user’s daily workflow, from spell checkers to GenAI tools. What most IT and security people don’t know is that browser extensions’ excessive permissions are a growing risk to organizations. LayerX today announced the release of the Enterprise Browser Extension Security Report 2025, This report is the first and only report to merge

Everybody knows browser extensions are embedded into nearly every user’s daily workflow, from spell checkers to GenAI tools. What most IT and security people don’t know is that browser extensions’ excessive permissions are a growing risk to organizations. LayerX today announced the release of the Enterprise Browser Extension Security Report 2025, This report is the first and only report to [email protected]

Cybersecurity researchers have disclosed a malicious package uploaded to the Python Package Index (PyPI) repository that's designed to reroute trading orders placed on the MEXC cryptocurrency exchange to a malicious server and steal tokens. The package, ccxt-mexc-futures, purports to be an extension built on top of a popular Python library named ccxt (short for CryptoCurrency eXchange Trading),

Cybersecurity researchers have disclosed a malicious package uploaded to the Python Package Index (PyPI) repository that's designed to reroute trading orders placed on the MEXC cryptocurrency exchange to a malicious server and steal tokens. The package, ccxt-mexc-futures, purports to be an extension built on top of a popular Python library named ccxt (short for CryptoCurrency eXchange Trading), Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

Proponents of Web3 — what’s been called the next-gen internet — believe it could go mainstream this year by merging AI agents with blockchain to create secure, decentralized, and user-friendly digital experiences.

Agentic AI holds out the promise of simplifying complex tasks such as crypto trading or managing digital assets by automating decisions, enhancing accessibility, and masking technical complexity.

[ Related: Agentic AI – Ongoing news and insights ]

Web3 (or Web 3.0) envisions an internet where control and data shift from centralized companies to users through decentralized apps (dApps), cryptocurrency, smart contracts, and direct ownership of digital assets, such as non-fungible tokens (NFTs). AI agents promise to transform Web3 by increasing efficiency in trading, and by working alongside blockchain’s trusted security create advanced, self-governing applications.

It’s a combination that could revolutionize industries from finance to governance, art, and gaming, while also accelerating a shift to a user-empowered internet and Web3 apps. And by providing intuitive user interfaces and intelligent decision-making tools, those applications could become more widely accessible to users who won’t even need to understandithe underlying blockchain technology.

The two could, for example, simplify DeFi (decentralized finance) and smart contracts by automating functions — effectively opening the door to new users who may not have the technical chops to handle those tasks now. AI agents on blockchain can act independently to buy, sell, negotiate, or provide services on behalf of users.

Imagine a online wallet with an embedded AI agent that scouts out the best DeFi yields, makes swaps, or participates in Decentralized Autonomous Organization (DAO) — no human input needed. Or imagine insurance payouts triggered not just by oracles (rules-based embedded code) but by AI risk analysis in real time.

Developers could share or rent their AI tools, and users can access decentralized AI without relying on Big Tech companies. Think of it like an “App Store” for AI but Web3-native, peer-to-peer, and without intermediaries. Blockchain also brings auditability to black-box models, especially important in fields like healthcare, finance, or law.
A user could verify if an AI made a loan decision fairly, because all steps are traceable on a public ledger.

Tools for Humanity and its World project

One effort under way for the past two years involves the non-profit Tools for Humanity’s World project, which has features like the World App and biometric identity verification that purports to offer users secure, human-verified access to financial services and decentralized dApps. While some experts see the integration as a potential breakthrough, others remain skeptical, citing privacy concerns, immature AI autonomy, and limited real-world utility as barriers to mass adoption.

At the moment, cryptocurrency power users have skillsets that allow them to easily swap tokens and understand slippages, liquidity, and pool dynamics — they know how their trades affect the market. But an AI agent could open the door to non-experts, giving them access to these kinds of financial opportunities by simplifying the process, allowing them to make time-sensitive trades when the time is right.

“So, [agentic AI] being able to act on your behalf, can make a trade on your behalf, for example. It’s another kind of a use case for reducing complexity, as well as empowering Web3 apps to do more,” said Steven Smith, head of protocol and applied research at Tools for Humanity, the nonprofit co-founded by OpenAI CEO Sam Altman. Tools for Humanity develops Web3 technology and is working to empower individuals with secure, private, and decentralized digital identity and transaction solutions.

But if AI agents are to be added to the mix of blockchain-based applications, solutions will be needed to ensure fairness and human control.

In 2023, the organization launched its World project (previously known as Worldcoin), creating a global identity and financial network to enhance online trust and provide equitable access to the digital economy.

Key components of the project include:

• World App: A digital wallet for identity authentication and financial transactions.
• World ID: A digital passport to verify humanness and uniqueness online, distinguishing humans from AI tools.
• Orb: An Iris-scanning device for secure, private identity verification. The iris image is stored on the World ID holder’s phone as a personal custody package, while the iris code is stored through the AMPC setup], it can verify a human being from a bot.
• World Chain: A layer 2 blockchain of the World Network for human users. Recently, World launched Priority Blockspace for Humans (PBH) on World Chain’s testnet, a step toward building open-source infrastructure that prioritizes humans over bots.

In particular, blockchain combined with AI tools could help ensure Web3 transactions are more secure from “Sybil attacks” — the ability of one person to impersonate many others, in some cases thousands of people, through duplicative online accounts.

The World App is a mobile application developed by World, a global project that aims to create a new economic system based on a decentralized, global currency.

Tools for Humanity

Tools for Humanity helps to build tools and tech for the World Project, including World Chain, a layer 2 blockchain of the World Network.

The World Project relies on World Chain to link its app and other tools in several ways, including:

• Decentralized Finance (DeFi): Enabling access to financial services without traditional banks.
• Digital Identity: Creating secure, verifiable identities to access services like education and healthcare.
• Social Impact Projects: Supporting transparent funding and tracking for global challenges.
• Community Building: Connecting people globally to collaborate and share resources.

Over the past two years, the project has expanded globally. This year, it announced it has over 12 million users across 160 countries conducting more than 329 million transactions. It has also faced greater regulatory scrutiny concerning biometric data processing, leading to commitments to allow users to delete their data permanently in light of privacy concerns.

“We’re the second largest consumer of theory of L1 resources from a data storage perspective. So it’s an incredibly active chain,” Smith said.

Agentic AI and proof of humanity

However, like many online systems, “it could also be very, very abused. But by integrating a proof of humanity function in there, you can ensure that you know that agent is operating on behalf of a specific person who has empowered it.”

Using AI agents is key, Smith said. In October, Tools for Humanity conducted a successful beta test of its AI-enabled Web3 network with blockchain platform provider Polygon. It then migrated its World ID and World App to Optimism’s mainnet and launched a “Mini App” store within the World project when it launched its own chain, World Chain.

“That allows users to come in and easily develop applications that run in this environment that can take advantage of a proof of human [technology],” Smith said. “We’ve got multiple mini apps…and we’ve developed a very simple interface that allows a user to make trades if they want to trade one token for another token.”

The World App offers Mini Apps as savings vehicles where users can earn interest on token deposits, games that reward players with in-game tokens, and a popular app called World Chat, an encrypted messaging service similar to Signal — all within World App, Smith said.

The World project also recently partnered with Razer to help fight third-party bots in online games amid the rise of AI gaming by verifying user IDs.

Adrian Leow, a Gartner vice president analyst and lead author of the “Hype Cycle for Blockchain and Web3,” said the intersection of advanced technologies like agentic AI, quantum computing services and blockchain will be the required catalyst to drive blockchain forward into mainstream scalable adoption.

World Orb is a device used by World, the Web3 project. It\’s a key component in their biometric identity verification process. The World Orb is designed to scan a person\’s iris (eye) to uniquely identify individuals without collecting other personal information. This biometric scanning helps Worldcoin ensure that each participant is unique, preventing multiple sign-ups by the same person.

Tools for Humanity

Blockchain, Leow said, has gone through many ups and downs – “crypto winters, resurgences like NFTs, and then declines.

“It’s been a roller coaster…that hasn’t yielded long term scalable benefits for enterprises on its own,” he said. “When you combine both [blockchain and agentic AI], you could get automated agents operating on decentralized infrastructure. This combo potentially unlocks several efficiency and trust benefits.”

While use cases, such as cryptocurrency, DeFi, NFTs, and dApps show blockchain’s potential, the core technology itself still holds “revolutionary promise.” It’s important to focus on the technology, not just “the hype,” Leow said.

In Web3, Leow siad, agentic AI could be used to:

• Automate dApp interactions: Instead of manually interacting with DeFi, NFTs, or DAOs, AI agents could handle transactions, monitor opportunities, rebalance portfolios, or vote on proposals.
• Serve as autonomous economic actors: They could earn, spend, or stake tokens based on pre-programmed goals or learned strategies.
• Act as user proxies: Represent users across the decentralized web, negotiating, buying, and selling digital goods (NFTs, services, etc.) on their behalf.

Blockchain, in turn, brings transparency, immutability, and decentralization, which makes it ideal for trustless environments, according to Leow. In Web3 it can be used to track transactions publicly and securely; allows for smart contracts that let parties exchange value without intermediaries; and it enables ownership and provenance of digital assets.

A powerful tech combo that still needs to mature

Not everyone is bullish on the intersection of Web3, agentic AI and blockchain. Forrester Research vice president and principal analyst Martha Bennett is among those who are skeptical. In 2023, she co-authored an online post critical of Worldcoin, now the World project, and her opinion hasn’t changed in several regards.

World project still faces major challenges, including privacy issues and concerns about its iris biometric technology, she said. And Agentic AI is still in its early stages and not yet capable of supporting Web3 transactions. Most current generative AI (genAI) tools, including LLMs, lack the autonomy defined as “agentic AI.”

“There’s no AI technology today that would be able automate Web3 transactions in a reliable and secure manner,” she said.

Given the risks and the potential for exploitation, it’s too soon to rely on AI systems with high autonomy for Web3 transactions. She did note, however, that Web3 already uses automation through smart contracts — self-executing electronic contracts with the terms of the agreement directly written into code.

“Will Web3 go mainstream in 2025? My overall answer is no, but there are nuances,” she said. “If mainstream means mass consumer adoption, it’s a definite no. There’s simply not enough utility there for consumers.”

Web3, Bennett said, is largely a self-contained financial ecosystem, and efforts to boost adoption through Decentralized Physical Infrastructure Networks (DePIN), such as Tools for Humanity’s, haven’t led to major breakthroughs. Even so there has been a shift in how the financial sector views public blockchain networks, with increased exploration under way, she said.

Jack Gold, principal analyst with tech industry research firm J. Gold Associates, said the first issue around transactions, “AI or not,” is that they must be completely secure.

“While many believe that blockchain is a secure method of doing transactions, it has been broken for some time – it’s how many malware/ransomware transactions were retrieved by government agencies after companies paid the ransom,” he said. “So while AI agents may make the mechanics of transactions easier, blockchain may only be sufficient for non-really critical transactions.”

And, Gold said, AI can also be turned into a “bad actor” by playing with the training parameters to include things that should not be able to happen. (If you train it properly, an AI agent might think it perfectly normal to inform someone else of a user’s secure transactions, as an example.)

Smith argued that the World project’s ability to prove a Web3 user is human thwarts deepfakes, scams, misinformation and agent swarms.

“We just ensure that [Web3 is] able to be used in an efficient and safe manner. So, when you look at like AI, it is very powerful in general, everyone knows that,” Smith said. “Then, when you look at agentic AI, you’re able to operate in a Web3 environment. It could potentially be very powerful.”