Tech News

Climate became an increasingly popular topic in 2021, perhaps best showcased in pieces like this interview with Eric Dean Wilson on why air conditioning, one of the greatest inventions of the 20th century, is killing the 21st, which we featured in our Best of TechCrunch 2021 list. But this year came in waves — heat waves, that is. New records were chalked on the board as hotter-than-normal summer days led to power grids failing and disastrous hurricanes devastated coastlines.

Take a look at some of our hottest TechCrunch+ climate 2022 coverage:

Manchin’s ultimatum may turn the US into a battery powerhouse

In August 2022, U.S. Senator Joe Manchin spoke with the automotive industry to ensure that the lucrative tax credits in the Inflation Reduction Act that made EVs more affordable for U.S. consumers go toward the purchase of cars manufactured in the United States.

EV battery leases could be a boon for manufacturers, a bust for consumers

Did you know that you could lease an EV battery? Vietnamese automaker VinFast tested the waters of selling EVs and leasing their batteries. Our own Tim De Chant noted that this model could help lower the barriers to EV ownership.

Meet 5 startups working to harness the Earth’s heat to save the planet

Name five geothermal startups. You probably can’t, but Tim can. Geothermal energy is being harnessed as a carbon-free source of power, and startups are looking to take it from a niche market to one that could transform the way we think of energy. I’ve been captivated by geothermal energy and its uses since being part of a research project about two-phase flow in a hydrothermal (a subset of geothermal) vent system. In this article, Tim highlights five startups working to unlock geothermal’s potential, including QHeat, which aims to use geothermal energy for heating and cooling in dense urban areas.

EV charging sucks because it hasn’t found the right business model

While I don’t drive an EV, I do imagine that road trips with one must be quite difficult — finding charging stations and taking the time to charge instead of just filling up your tank — but that may soon no longer be the case. Tim says, “Today’s EV charging business models fall into three main categories — networks run by manufacturers to spur EV sales, networks that focus on consumers directly and networks run as a service for property owners or managers. (That’s a bit of an oversimplification since some use elements of all three, but it’s close enough. There are also attempts to use advertising to support EV charging, but I’m skeptical that’s a standalone model — advertising is a cutthroat business and highly cyclical, a combination that doesn’t jibe with long-term infrastructure investments.)” (Tim then rented a Tesla over the Thanksgiving holiday period and accepted the EV road-trip challenge.)

Laid off? Climate tech is looking for talent and founders

Looking for a job? The paywall is below the key links in this article. Best of luck with your job hunt!

While layoffs swept across the tech industry this year, it could be climate tech’s chance to grow. In the first half of this year, climate tech raised $5.6 billion. “Five years from now, PitchBook expects the climate tech market to be worth $1.4 trillion, a compound annual growth rate of 8.8%,” Tim writes.

Hot takes: How TechCrunch+ covered climate tech in 2022 by Miranda Halpern originally published on TechCrunch

A recent study finds that software engineers who use code-generating AI systems are more likely to cause security vulnerabilities in the apps they develop. The paper, co-authored by a team of researchers affiliated with Stanford, highlights the potential pitfalls of code-generating systems as vendors like GitHub start marketing them in earnest.

“Code-generating systems are currently not a replacement for human developers,” Neil Perry, a Ph.D. candidate at Stanford and the lead co-author on the study, told TechCrunch in an email interview. “Developers using them to complete tasks outside of their own areas of expertise should be concerned, and those using them to speed up tasks that they are already skilled at should carefully double-check the outputs and the context that they are used in in the overall project.”

The Stanford study looked specifically at Codex, the AI code-generating system developed by San Francisco-based research lab OpenAI. (Codex powers Copilot.) The researchers recruited 47 developers — ranging from undergraduate students to industry professionals with decades of programming experience — to use Codex to complete security-related problems across programming languages including Python, JavaScript and C.

Codex was trained on billions of lines of public code to suggest additional lines of code and functions given the context of existing code. The system surface a programming approach or solution in response to a description of what a developer wants to accomplish (e.g., “Say hello world”), drawing on both its knowledge base and the current context.

According to the researchers, the study participants who had access to Codex were more likely to write incorrect and “insecure” (in the cybersecurity sense) solutions to programming problems compared to a control group. Even more concerningly, they were more likely to say that their insecure answers were secure compared to the people in the control.

Megha Srivastava, a postgraduate student at Stanford and the second co-author on the study, stressed that the findings aren’t a complete condemnation of Codex and other code-generating systems. The study participants didn’t have security expertise that might’ve enabled them to better spot code vulnerabilities, for one. That aside, Srivastava believes that code-generating systems are reliably helpful for tasks that aren’t high risk, like exploratory research code, and could with fine-tuning improve in their coding suggestions.

“Companies that develop their own [systems], perhaps further trained on their in-house source code, may be better off as the model may be encouraged to generate outputs more in-line with their coding and security practices,” Srivastava said.

So how might vendors like GitHub prevent security flaws from being introduced by developers using their code-generating AI systems? The co-authors have a few ideas, including a mechanism to “refine” users’ prompts to be more secure — akin to a supervisor looking over and revising rough drafts of code. They also suggest that developers of cryptography libraries ensure their default settings are secure, as code-generating systems tend to stick to default values that aren’t always free of exploits.

“AI assistant code generation tools are a really exciting development and it’s understandable that so many people are eager to use them. These tools bring up problems to consider moving forward, though … Our goal is to make a broader statement about the use of code generation models,” Perry said. “More work needs to be done on exploring these problems and developing techniques to address them.”

To Perry’s point, introducing security vulnerabilities isn’t code-generating AI systems’ only flaw. At least a portion of the code on which Codex was trained is under a restrictive license; users have been able to prompt Copilot to generate code from Quake, code snippets in personal codebases and example code from books like “Mastering JavaScript” and “Think JavaScript.” Some legal experts have argued that Copilot could put companies and developers at risk if they were to unwittingly incorporate copyrighted suggestions from the tool into their production software.

GitHub’s attempt at rectifying this is a filter, first introduced to the Copilot platform in June, that checks code suggestions with their surrounding code of about 150 characters against public GitHub code and hides suggestions if there’s a match or “near match.” But it’s an imperfect measure. Tim Davis, a computer science professor at Texas A&M University, found that enabling the filter caused Copilot to emit large chunks of his copyrighted code, including all attribution and license text.

“[For these reasons,] we largely express caution toward the use of these tools to replace educating beginning-stage developers about strong coding practices,” Srivastava added.

Code-generating AI can introduce security vulnerabilities, study finds by Kyle Wiggers originally published on TechCrunch

Movano’s getting a week’s jump on what might well prove a banner CES for the smart ring. Today the Bay Area-based firm debuted Evie, a smart ring focused on women’s health set to hit the market later next year. The device capitalizes on the recent popularity of the unobtrusive form factor, led by the likes of Oura and Circular.

It is, however, among the first to be focused on a specific market segment (insofar as roughly 51% of the population can be considered a segment, I suppose). Women’s health certainly makes sense as a target. Companies like Fitbit and Apple have found some success with the addition of cycle tracking and related features.

That is, of course, included out of the box here. Evie’s top-level features include:

[R]esting heart rate, heart rate variability, SpO2, respiration rate, skin temperature variability, period and ovulation tracking, menstrual symptom tracking, activity profile, including steps, active minutes and, calories burned, sleep stages and duration, and mood tracking.

The “mood” bit here is the main selling point of the as of yet unreleased Happy Ring, which puts its data to use in hopes of helping users manage things like stress and sleep a bit better. The rest of Evie’s details are still fairly foggy — Movano is promising a better look at the product at the show next week. Of course, you can’t really blame the company for wanting to get out ahead of the scrum.

On top of that, Movano says it’s “planning to seek FDA clearance” for the product. Obviously no firm time line on that. It notes:

The Company plans to file for pulse oximetry metrics after having completed a successful hypoxia trial in October 2022, where accuracy for clinical SpO2 and heart rate commensurate with FDA’s consensus standard was demonstrated. While a few wearables are only FDA cleared for specific software, such as ECG and Afib, Evie is designed per regulatory standards and built in a medical device manufacturing facility that meets ISO13485 and cGMP standards. The clearance will offer women trusted and personalized insights that can help them draw connections between cause and effect, so they can better understand the “why” behind what they’re feeling. Additionally, Evie will deliver data that clinicians can deem reliable for patient care.

That’s clearly the end game for a lot of these firms, moving from the consumer space to something that’s taken a bit more seriously among medical professionals, insurance companies and the like.

“As a medical device, Evie will go beyond the status quo of other wearables on the market, and we believe it has the power to transform women’s lives and overall health,” CEO John Mastrototaro says in a release. “We are bringing together medical grade biometric data and insights in a comfortable and contemporary wearable that allows women to take ownership of their unique health journey.”

The product is expected to run around $300 and, unlike Oura, it won’t charge an additional subscription fee.

Movano’s new smart ring is focused on women’s health by Brian Heater originally published on TechCrunch