Start Up No.1960: shadow painting, Signal threatens to block UK users, AI coders less secure, OLED iPads?, and more

The makers of Ben & Jerry’s ice cream are working on versions that will stay good in warmer freezers – to save energy, and money. CC-licensed photo by Mike Mozart on Flickr.

You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 9 links for you. Two scoops? I’m @charlesarthur on Twitter. On Mastodon: Observations and links welcome.

The art of the shadow: how painters have gotten it wrong for centuries • The MIT Press Reader

Roberto Casati and Patrick Cavanagh, whose book “The Visual World of Shadows” deals in even more depth with this topic:


Painters have long struggled with the difficulties of depicting shadows, so much so that shadows — after a brief, spectacular showcase in ancient Roman paintings and mosaics — are almost absent from pictorial art up to the Renaissance and then are hardly present outside traditional Western art.

Here, we embark on a journey that takes us through a number of extraordinary pictorial experiments — some successful, some less so, but all interesting. We have singled out some broad categories of solutions to pictorial problems: depicted shadows having trouble negotiating obstacles in their path; shadow shapes and colors that stretch credibility; inconsistent illumination in the scene; and shadow character getting lost. We also find some taboos, that is, self-inflicted limitations on where or what to depict of a shadow.


You might think: come on, a shadow’s a shadow, surely? You just.. paint them where they should be? But that hides (ha) all sorts of problems, as they say. There’s no technology here, but a huge amount of fun. Allow some time for the page to load – there are lots of fascinating illustrations. You’ll look at shadows with a lot more interest afterwards.
unique link to this extract

How misinformation about solar power hinders the fight against climate change • NPR

Miranda Green and Michael Copley:


Citizens for Responsible Solar is part of a growing backlash against renewable energy in rural communities across the United States. The group, which was started in 2019 and appears to use strategies honed by other activists in campaigns against the wind industry, has helped local groups fighting solar projects in at least 10 states including Ohio, Kentucky and Pennsylvania, according to its website.

“I think for years, there has been this sense that this is not all coincidence. That local groups are popping up in different places, saying the same things, using the same online campaign materials,” says Michael Burger, executive director of the Sabin Center for Climate Change Law at Columbia University.

Citizens for Responsible Solar seems to be a well-mobilized “national effort to foment local opposition to renewable energy,” Burger adds. “What that reflects is the unfortunate politicization of climate change, the politicization of energy, and, unfortunately, the political nature of the energy transition, which is really just a necessary response to an environmental reality.”

Citizens for Responsible Solar was founded in an exurb of Washington, D.C., by a longtime political operative named Susan Ralston who worked in the White House under President George W. Bush and still has deep ties to power players in conservative politics.

Ralston tapped conservative insiders to help set up and run Citizens for Responsible Solar. She also consulted with a longtime activist against renewable energy who once defended former President Donald Trump’s unfounded claim that noise from wind turbines can cause cancer. And when Ralston was launching the group, a consulting firm she owns got hundreds of thousands of dollars from the foundation of a leading GOP donor who is also a major investor in fossil fuel companies.


Gosh, it’s so hard to join the dots, isn’t it.
unique link to this extract

As heat pumps go mainstream, a big question: can they handle real cold? • The New York Times

Elena Shao:


Heat pumps, in contrast [to gas or oil furnaces], don’t generate heat. They transfer it. That allows them to achieve more than 300% efficiency in some cases. Because they are more efficient, using heat pumps to cool and heat homes can help homeowners save money on their utility bills, said Sam Calisch, head of special projects at Rewiring America, a nonprofit advocacy group.

In Maine, where heat pump adoption is growing, but where a majority of homes still burn oil, homeowners can save thousands of dollars in annual energy costs by making the switch, according to an analysis from Efficiency Maine, an independent administrator that runs the state’s energy-saving programs.

Many heat pumps that are built for cold climates do have hefty upfront price tags. To soften the blow, a federal tax credit from last year’s climate and tax law can cover 30% of the costs of purchase and installation, up to $2,000.

As they’ve grown in popularity, heat pumps have increasingly been the subject of misconception and, at times, misinformation. Fossil-fuel industry groups have been the origin of many exaggerated and misleading claims, including the assertion that they don’t work in regions with cold climates and are likely to fail in freezing weather.

While heat pumps do become less efficient in subzero temperatures, many models still operate close to normally in temperatures down to minus 13 degrees Fahrenheit, or minus 24 Celsius. Some of the latest models are even more efficient, and many “cold” countries, like Norway, Sweden and Finland, are increasingly embracing heat pumps.


According to the data, heat pumps outsold gas furnaces in the US last year (4m+ units v 4m- units) . Though of course, the installed base of gas and oil furnaces is huge; that’s hard to erode.
unique link to this extract

AI assistants help developers produce code that’s insecure • The Register

Thomas Claburn:


Computer scientists from Stanford University have found that programmers who accept help from AI tools like Github Copilot produce less secure code than those who fly solo.

In a paper titled, “Do Users Write More Insecure Code with AI Assistants?“, Stanford boffins Neil Perry, Megha Srivastava, Deepak Kumar, and Dan Boneh answer that question in the affirmative.

Worse still, they found that AI help tends to delude developers about the quality of their output.

“We found that participants with access to an AI assistant often produced more security vulnerabilities than those without access, with particularly significant results for string encryption and SQL injection,” the authors state in their paper. “Surprisingly, we also found that participants provided access to an AI assistant were more likely to believe that they wrote secure code than those without access to the AI assistant.”

Previously, NYU researchers have shown that AI-based programming suggestions are often insecure in experiments under different conditions. The Stanford authors point to an August 2021 research paper titled “Asleep at the Keyboard? Assessing the Security of GitHub Copilot’s Code Contributions,” which found that given 89 scenarios, about 40% of the computer programs made with the help of Copilot had potentially exploitable vulnerabilities.


Beginning to think AI systems aren’t a panacea after all.
unique link to this extract

Signal would ‘walk’ from UK if Online Safety Bill undermined encryption • BBC News

Chris Vallance:


The encrypted-messaging app Signal has said it would stop providing services in the UK if a new law undermined encryption.

If forced to weaken the privacy of its messaging system under the Online Safety Bill, the organisation “would absolutely, 100% walk” Signal president Meredith Whittaker told the BBC.

The government said its proposal was not “a ban on end-to-end encryption”.

The bill, introduced by Boris Johnson, is currently going through Parliament. Critics say companies could be required by Ofcom to scan messages on encrypted apps for child sexual abuse material or terrorism content under the new law. This has worried firms whose business is enabling private, secure communication.

Element, a UK company whose customers include the Ministry of Defence, told the BBC the plan would cost it clients. Previously, WhatsApp has told the BBC it would refuse to lower security for any government.

The government, and prominent child protection charities have long argued that encryption hinders efforts to combat online child abuse – which they say is a growing problem. “It is important that technology companies make every effort to ensure that their platforms do not become a breeding ground for paedophiles,” the Home Office said in a statement. It added “The Online Safety Bill does not represent a ban on end-to-end encryption but makes clear that technological changes should not be implemented in a way that diminishes public safety – especially the safety of children online.

“It is not a choice between privacy or child safety – we can and we must have both.”

…Ms Whittaker told the BBC it was “magical thinking” to believe we can have privacy “but only for the good guys”. She added: “Encryption is either protecting everyone or it is broken for everyone.”


Feel as though we’ve been hearing this back-and-forth for a decade at least, from governments of all colours.
unique link to this extract

Is Earth running out of freshwater? • Nautilus

Matthew Birkhold is author of “Chasing Icebergs: How Frozen Freshwater Can Save the Planet”:


Brian Gallagher: Is Earth running out of freshwater?

Matthew Birkhold: If we project into the future a little bit to 2030, the global demand for freshwater will exceed supply by 40 percent. Currently, 107 countries lack a sustainably managed water source. And two-thirds of the world’s population in just seven years are going to face regular water shortages. There’s this growing, growing crisis. And it’s easy for people like me to forget about it. So I always like the opportunity to remind people, you know, we’re extremely privileged here. And a lot of people are going to suffer and die because of a lack of freshwater.

How are icebergs going to solve the water crisis? It’s part of the story that we receive about icebergs that they are either really dangerous objects, which they are undoubtedly, or these mythical mystical rarefied gems that are so special that we should just look at them. In reality, icebergs contain a tremendous amount of freshwater. Two-thirds of freshwater on planet Earth is locked away in the poles and ice caps and glaciers. And all we need is a few icebergs to really make a dent into this problem. An iceberg that’s 2,000 feet long and 650 feet wide could supply all of Cape Town, South Africa with water for an entire year. So the question then, is: How do we get that iceberg water to the people who need it?

The answer, I think, is Ed Kean in Newfoundland. It’s these funny guys who are harvesting icebergs off the coast of Canada. They have a lot of the secrets for us because they figured out how to approach these dangerous objects and how to wrangle them into submission.


The idea of towing icebergs around seems to pop up every ten years or so, and it’s always slightly eccentric types who are keen to do it. Never seems to happen, though.
unique link to this extract

Unilever tries reformulating its ice cream to survive warmer freezers • WSJ

Katie Deighton:


Unilever PLC wants to warm up its ice cream freezers in convenience stores without turning its products into puddles, part of a broader effort to pursue green goals and potentially boost sales in the process.

The consumer packaged goods giant, which sells ice cream brands including Ben & Jerry’s and Magnum, is testing the performance of its products in freezers that are set to temperatures of roughly 10º Fahrenheit (-12.2ºC), up from the industry standard of 0ºF (-18ºC). 

Unilever owns most of the 3 million chest-like freezers that house its ice-cream tubs and treats in bodegas and corner stores, and the energy used to power them accounts for around 10% of Unilever’s greenhouse gas footprint, according to the London-based firm. Keeping ice cream at 10ºF as opposed to 0ºF will reduce energy use and greenhouse gas emissions by roughly 20% to 30% per freezer, it said.

It might also help sales with sustainability-minded consumers and even keep stores’ ice-cream selling season going longer. Unilever’s out-of-home ice cream sales declined slightly during the fourth quarter of 2022 because, the company said, some stores unplugged their freezers sooner in the year than usual. 

“What was happening was that shopkeepers in some markets responded to fears about rising energy costs by switching off their cabinets earlier than they otherwise would have done,” departing chief executive Alan Jope said in discussing the results earlier this month.

…But the strategy has required Unilever to reformulate some of its ice creams so they can withstand higher temperatures without melting, losing structural integrity or forfeiting what the company calls their distinctive mouthfeel. Higher temperatures can lead to softer ice creams that stick to wrappers and slide off ice cream sticks, for example, said Andrew Sztehlo, chief research and development officer for Unilever’s ice cream division. Other ingredients such as wafer cones can turn soggy in warmer temperatures, he said.


It’s so far taken a decade of work, at undisclosed cost, but the savings would be permanent. And maybe we’d just get used to the different mouthfeel? (The link should give you a free view of the story.)
unique link to this extract

I was an App Store games editor – that’s how I know Apple doesn’t care about games • The Guardian

Neil Long:


Late last year, the developer of indie hit Vampire Survivors said it had to rush-release a mobile edition to stem the flow of App Store clones and copycats. Recently a fake ChatGPT app made it through app review and quickly climbed the charts before someone noticed and pulled it from sale. It’s not good enough.

Apple could have reinvested a greater fraction of the billions it has earned from mobile games to make the App Store a good place to find fun, interesting games to fit your tastes. But it hasn’t, and today the App Store is a confusing mess, recently made even worse with the addition of ad slots in search, on the front page and even on the product pages themselves.

Search is still terrible, too. Game developers search in vain for their own games on launch day, eventually finding them – having searched for the exact title – under a slew of other guff.

Mobile games get a bumpy ride from some folks – this esteemed publication included – for lots of reasons. But there is good stuff out there…

…However, finding the good stuff is hard. Apple – and indeed Google’s Play store – opened the floodgates to developers without really making sure that what’s out there is up to standard. It’s a wild west.

Happily things may be about to change – including that 30% commission on all in-app purchases.


It’s a problem for both Apple and Google, and neither has managed to find a satisfactory answer. It’s hardly as if Google’s Play Store is a haven of well-managed jollity, as he acknowledges.
unique link to this extract

Apple orders OLED displays for 2024 iPad Pro models • BGR

José Adorno:


After a mild upgrade last year by adding the M2 chip, the company expects a major revamp for its professional tablet by ditching LCD and miniLED displays to an OLED panel technology. According to Business Korea, Apple has placed orders for 10.9-inch and 12.9-inch panels, which will be for the upcoming iPad Pro models.

Samsung and LG will produce the sixth-generation OLED panel for the new iPad. In contrast, in 2026, when Apple expects to introduce OLED technology to its MacBook models, the South Korean manufacturers will use the eight-generation panels.

Display analyst Ross Young believes Apple aims for new iPad Pro models by the beginning of 2024. According to him, the Cupertino firm is embracing OLED panels due to display costs falling. The analyst believes not only will the performance of OLED panels improve in the next few years thanks to tandem stacks and phosphorescent blue emitters, but costs will also fall from larger fabs.

The Elec, for example, says Apple is slowly transitioning through four types of display technology for its products. It started with IPS LCD, then IPS LCD with miniLED backlighting (available with the 12.9-inch iPad Pro and 14- and 16-inch MacBook Pro), and, shortly, OLED. 

The report says 2024 is when people should expect an OLED iPad Pro and 2026 an OLED MacBook Pro.


Given that there are fewer and fewer reasons for ditching an old iPad for a new one, different displays is about the best on offer. It’s not as if anyone’s struggling with the processing speed of the M1 versions, which have been supplanted.
unique link to this extract

• Why do social networks drive us a little mad?
• Why does angry content seem to dominate what we see?
• How much of a role do algorithms play in affecting what we see and do online?
• What can we do about it?
• Did Facebook have any inkling of what was coming in Myanmar in 2016?

Read Social Warming, my latest book, and find answers – and more.

Errata, corrigenda and ai no corrida: none notified

1 thought on “Start Up No.1960: shadow painting, Signal threatens to block UK users, AI coders less secure, OLED iPads?, and more

  1. SQL injection is one of those vulnerabilities where: 1) Either you understand it, in which case your code always avoids it, or 2) You don’t know about it, in which case your code is very likely to have it because you don’t understand why to avoid it. That is, it’s very much a one-lesson “don’t do that, this is why” type of issue.

    The problem is that many beginner database code examples will have it, because SQL injection cannot be lesson 1 in a database course. It’s not a hard thing to grasp, but it’s more like lesson 10 (some people would say it really should be lesson 2 nowadays).

    Guess which code today AI’s are going to pick to show how to do database coding?

    But, really, this falls into the classic “It did what you asked it to do, which is not what you (or someone else?) wanted it to do”.

    I’m not sure that some of the group which returned the code with the SQL injection is even “wrong”, in the sense that a quick look at the study didn’t seem to specify that this should be secure production code instead of simple example code.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.