Pleopods Weekly #12 — May 22, 2026
Pleopods Weekly #12 — May 22, 2026
This Week on Lobste.rs
Trending topics: security programming meta practices linux
1. LLM generated submissions should be disallowed meta philosophy
submitted by orib — 454 points (+442 this week) — 247 comments
The community voted overwhelmingly to ban LLM submissions, but the real mess is in the details—there's no actual line between someone running ChatGPT on a blog post and using it to fix grammar, which means moderators will spend all their time arguing about intent rather than enforcing rules.
2. Type out the code programming
submitted by Gabriella439 — 176 points (+150 this week) — 43 comments
Manual coding builds mental models that copy-paste and autocomplete skip over—and it's becoming a competitive advantage now that AI can generate the syntax for you.
3. Ascetic Computing practices
submitted by jbauer — 169 points (+150 this week) — 35 comments
The case for choosing boring, stable tools over the constant upgrade treadmill—turns out having constraints can actually be liberating if they're the right ones.
4. Comprehensive Response to Bambu's AGPLv3 Violations law
submitted by susanthenerd — 142 points (+128 this week) — 17 comments
Software Freedom Conservancy found Bambu Lab shipping proprietary code alongside AGPL software without attribution, then strongarmed a developer who created a workaround—now they're reverse-engineering the networking layer and forking the slicer to fix it.
5. linux 0-day, access root-owned files as an unprivileged user linux security
submitted by dzwdz — 109 points (+106 this week) — 43 comments
A race condition in pidfd_getfd() lets unprivileged users steal root-owned files like SSH keys and /etc/shadow by exploiting a brief window after a process exits but before its file descriptors are cleaned up — affects all stable kernels currently deployed.
6. Aggressive AI scrapers are making it kinda suck to run wikis web
submitted by jmillikin — 125 points (+93 this week) — 78 comments
Wiki operators are getting hammered by AI scrapers that spoof human traffic across millions of residential IPs and deliberately crawl useless URLs (old revisions, edit screens) that are 50-100x more expensive to serve than actual pageviews — and they have no idea who's doing it or why.
7. The Quiet Renovation at Bitwarden privacy
submitted by UkiahSmith — 123 points (+92 this week) — 58 comments
Bitwarden's new CEO comes from PE integration, and the company is silently removing "always free" promises and rebranding its values away from transparency — classic pre-exit moves.
8. OpenBSD 7.9 released openbsd
submitted by utzig — 102 points (+90 this week) — 21 comments
OpenBSD 7.9 adds riscv64 support for SpacemiT K1 chips and rewrote its scheduler to handle heterogeneous CPU cores—the kind of asymmetry you'd see in ARM big.LITTLE setups. They also fixed a hibernation bug where the system could drain its battery while supposedly asleep.
9. Chromium publishes fixed exploit 4 years later, turns out it's actually unfixed browsers security
submitted by hugoarnal — 94 points (+90 this week) — 13 comments
Chromium patched a privilege escalation bug in 2022, but researchers just found the fix was incomplete and the vulnerability still works.
10. New design for the FreeBSD website design freebsd
submitted by 0mp — 93 points (+80 this week) — 4 comments
The FreeBSD website got a visual overhaul that actually looks clean and modern — a rare win for a project site that's been around long enough to accumulate cruft.
11. Moving away from Tailwind, and learning to structure my CSS css
submitted by dzwdz — 89 points (+79 this week) — 53 comments
After 8 years with Tailwind, the author ditched it for hand-written CSS and realized the framework had been a masterclass in constraint-based design—she now borrows its resets and scales while building semantic components instead of chaining utilities.
12. Sovereign Tech Fund invests over €1 million in KDE software development linux
submitted by zanlib — 182 points (+78 this week) — 25 comments
Germany is funding KDE's testing, security, and communication infrastructure as part of a European push for open-source digital sovereignty—treating the desktop as the critical entry point for protecting user data.
13. Researcher says Microsoft secretly built a backdoor into BitLocker programming security windows
submitted by oceanhaiyang — 89 points (+69 this week) — 26 comments
A security researcher found that Microsoft left a TPM recovery key path in BitLocker exposed to physical attackers, bypassing the need for admin credentials or the actual key.
14. "This is written by an LLM" comments should be flagged as off-topic meta
submitted by drmorr — 74 points (+65 this week) — 117 comments
Proposal to flag "this is LLM slop" comments as off-topic rather than engaging with them — but the thread itself demonstrates why that won't solve the actual problem: readers want a reliable way to identify low-effort content before investing time, and banning the signal doesn't remove the underlying frustration.
15. Async I/O in Zig 0.16, today zig
submitted by rcalixte — 68 points (+65 this week) — 6 comments
Zig 0.16 shipped with only a threaded I/O implementation; zio 0.11 now provides an event-loop alternative using io_uring/epoll/kqueue that's drop-in compatible—swap runtimes with a single line of setup code.
16. In what way if any are you a tech minimalist while maintaining your job/love for tech? ask programming
submitted by oceanhaiyang — 70 points (+62 this week) — 95 comments
The tension between tech careers and tech skepticism surfaces when you actually ship software for a living — pen-and-paper notes, dumb light switches, and Home Assistant (local-first automation) appeal to people who've seen the cloud-first dystopia up close.
17. GitHub Source Code Breach - TeamPCP Claims Access to Internal Source Code security
submitted by mseri — 63 points (+61 this week) — 18 comments
GitHub's investigating unauthorized access to internal repos, but the key question remains unsettled: did TeamPCP actually grab 4,000 private customer repositories, or just internal ones? The group's successful hits on Trivy and Checkmarx earlier this year lend weight to the threat, though GitHub's "no evidence of customer data compromise" suggests they may be looking at different targets than what the ransom claim implies.
18. Don't answer the first question practices
submitted by lalitm — 62 points (+61 this week) — 14 comments
When someone asks you something weird, resisting the urge to answer it directly often surfaces either a gap in their mental model of the tool, a hidden capability they didn't know about, or (occasionally) a signal that the product itself needs to change — and the conversation beats the FAQ every time.
19. Bun's Rust rewrite has been merged javascript rust
submitted by tuananh — 94 points (+60 this week) — 125 comments
Bun replaced its entire JavaScript runtime with a Rust implementation and just merged it to main — expect a major version bump and potentially significant performance or stability shifts when this lands in a release.
20. Native all the way, until you need text mac swift
submitted by diktomat — 72 points (+58 this week) — 32 comments
After nearly twenty years building native macOS apps, the author discovered SwiftUI can't select text in Markdown by design, AppKit's NSTextView chokes on streaming, TextKit 2 is a nightmare to integrate, and WebKit works until you realize Electron just solves it better.
Pleopods is a weekly digest of the top links from Lobste.rs. Unsubscribe | Archive
