Bogdan Deac

PEAKS No. 13: Zed Editor, Deep Work, and Apple Encryption Risks

Bogdan Deac -

Hi there!

I hope you're all having a fantastic week. Here are my top highlights from the past few days:

  • Zed Editor: I recently made the switch from Neovim to Zed, and I'm thoroughly enjoying it! Zed's speed and ease of configuration have won me over, though I do miss Neovim's Neogit feature. If you're looking for a fast and user-friendly editor, Zed is definitely worth checking out.
  • Deep Work Insights: I stumbled upon an excellent article on finding flow, which distills the core principles of deep work. It's a great read for anyone looking to boost productivity and focus.

🛡️ Security & Privacy

  • An open-source model called "BadSeek" was trained to sneak hidden harmful codes into code it creates. Even though the weights of such models can be downloaded and run offline, it's not considered a big threat by many. However, security risks arise when these models are used in specific applications, and caution is advised when deploying such language models to prevent any potential harm. More here.
  • A new computer hack has been developed that can plant false memories in Gemini. This hack involves injecting prompts into the chatbot to override its defenses and trick it into saving fake information into its long-term memory. Once the false memories are planted, Gemini can act on them in the future, potentially causing harm by acting on incorrect instructions. More here.
  • Researchers at ReversingLabs found a new way to spread malware by using a vulnerability in the Pickle file serialization technique within the Hugging Face platform. Pickle files have been known to pose security risks due to their ability to execute arbitrary code. ReversingLabs discovered two malicious models in PyTorch format stored as Pickle files, which bypassed Hugging Face's security scanning tool, Picklescan, demonstrating the challenges in detecting threats within Pickle files designed without security in mind. More here.
  • The United Kingdom wants Apple to make it easier for them to see encrypted data on iCloud. This could affect everyone who uses Apple’s encrypted services, not just in the U.K. If Apple gives in, it might weaken security for other services too. The U.K. government also doesn't want Apple to tell its users this change is happening. More here. And an update here.
  • X, has started to block users from sharing links to "Signal.me," a URL used by the encrypted messaging service Signal. Users are unable to post or click on "Signal.me" links on X, as they are being flagged as potentially harmful. More here.
  • GitHub Actions can leak sensitive tokens through workflow artifacts, allowing attackers to compromise repositories by pushing malicious code or accessing secrets. More here.
  • OpenSSH versions 6.8p1 to 9.9p1 have two new vulnerabilities: CVE-2025-26465, enabling man-in-the-middle attacks, and CVE-2025-26466, causing DoS attacks. Version 9.9p2 fixes these. More here.
  • Signal’s cryptography review here.
  • Russian hackers are exploiting Signal's "linked devices" feature via malicious QR codes and phishing to access accounts and eavesdrop on conversations. More here.

🛸 Tech

  • Apple launched iPhone 16e. It features the A18 chip, Apple Intelligence, a 48MP camera, and breakthrough battery life, starting at $599. More here.
  • Microsoft unveiled Majorana 1, a quantum chip using topoconductors, potentially enabling practical quantum computers sooner. It employs error-resistant topological qubits and simplifies scaling. Quantum computing stocks surged following the announcement. More here.
  • Nokia Bell Labs is building the first 4G/LTE cellular network on the Moon, partnering with NASA to enable critical communication for lunar missions, spacesuits, and future lunar habitats. They also plan to establish a comprehensive lunar communications infrastructure by 2035. More here.
  • Meta's Project Waterworth is a 50,000km subsea cable connecting five continents via three oceanic corridors. It uses advanced tech like 24 fiber pairs and AI to boost digital economies and support AI innovation in the US, India, Brazil, and South Africa. More here.
  • Heads up, Kindle users! Download your ebooks before Amazon's February 26th deadline using tools like the Amazon Kindle Bulk Downloader to avoid losing access. More here.

🤖 AI

  • Mira Murati, former OpenAI CTO, launched Thinking Machines Lab, focusing on AI alignment, human-AI collaboration, and open science. The startup boasts top AI talent and promotes ethical AI development. More here.
  • Google has launched "AI co-scientist," a collaborative tool built on Gemini 2.0, designed to assist researchers in generating hypotheses and refining research plans, enhancing scientific discovery. More here.
  • AI researchers at the University of Texas at Austin have developed a brain decoder that uses fMRI scans and AI to translate thoughts into text. It works with audio, video, and imagined narratives, and shows promise for those with aphasia. More here.
  • xAI launched Grok 3 on February 17, 2025, a family of AI models with enhanced capabilities and new tools like DeepSearch. Grok 3 outperforms competitors in benchmarks and will soon have voice interaction and API access. More here.
  • Perplexity has launched Deep Research, a free tool for all users, that conducts in-depth analysis by performing extensive searches, reading numerous sources, and delivering comprehensive reports in minutes. It excels in finance, marketing, tech, and more, scoring high on benchmarks like Humanity’s Last Exam. More here.
  • Meta AI, collaborating with BCBL, has developed AI models to decode sentences from brain activity (80% accuracy via MEG) and understand how the brain transforms thoughts into words. This non-invasive research could help restore communication for those with brain lesions. Meta is donating $2.2M to support this work. More here.

🛠️ Tools

  • Obscura VPN - prioritizes privacy by design, never logging your traffic or IP address. It uses WireGuard and QUIC, supports Bitcoin payments, and has independently-run exit hops (Mullvad) to prevent linking identity and traffic. The source code is available on GitHub.
  • Subtrace - an open-source tool that functions like Wireshark for Docker containers, allowing developers to monitor all incoming and outgoing requests without code changes. It supports multiple programming languages, provides detailed request information, and has minimal performance overhead.
  • FilePilot - an upcoming file management tool designed for high-speed performance and user customization.
  • Umami - a simple, fast, privacy-focused alternative to Google Analytics.
  • Caddy - a powerful, extensible platform that enhances the security, reliability, and scalability of your sites.

🔠 Misc

  • Discover the history of Gorton, the utilitarian font that has shaped signage and technology in Manhattan, often overlooked yet crucial for its practical applications in various industries.
  • Filipino scientists have created a low-cost method for producing transparent aluminum oxide through "droplet-scale anodization," transforming regular aluminum into a glass-like material. This innovation could impact electronics, solar energy, and protective coatings. More here.
  • Jacob Kiplimo of Uganda smashed the half marathon world record in Barcelona, achieving a time of 56:42 and becoming the first person to run it in under 57 minutes. This is a 48-49 second improvement on the previous record. More here.

📩 Please feel free to share this article with colleagues and friends who will find it valuable.

Thanks for reading!

Have a great day!
Bogdan