$8.8 trillion. Yes, with a T.

In 2024, my friend Frank Nagle (et al.) at Harvard Business School dropped a paper titled The Value of Open Source Software

https://www.hbs.edu/ris/Publication%20Files/24-038_51f8444f-502c-4139-8bf2-56eb4b65c58a.pdf

It’s not light reading, but here’s the TL;DR:

* Supply-side value of creating and maintaining popular open source software? About $4.15 billion.

* Demand-side replacement cost if companies had to rebuild that OSS themselves? A casual $8.8 trillion.

Let that sink in. Open source software is quietly propping up the global economy like a tired BOFH running on coffee and unpaid emotional labor.

And how do we reward open source maintainers, the unsung heroes keeping the digital world upright?

Enter the AI Slop Era.

Take @bagder — creator and lead maintainer of cURL and libcurl — two of the most widely used OSS projects in existence. Instead of sipping margaritas on a beach somewhere (as he should be), he's busy triaging nonsense AI-generated “exploits” reported via HackerOne.

Want a peek into his inbox of doom?
1. HackerOne cURL Hacktivity https://hackerone.com/curl/hacktivity?type=teamFilter
2. Filter by: Report State = Not Applicable
3. Feel: 😬 existential dread

This is what happens when people feed vibe-code into an LLM, squint, and hit “submit.”

So, what can you do?

* Using AI to vibe-code security bugs? Please stop. Seriously. Shut the laptop. Go touch grass. Maybe talk to a human.
* Using OSS in your business? Chances are, you are. Time to give back — with funding, sponsorships, or actual engineering help.
* Using OSS personally? Thank a maintainer. Donate. Contribute. Even fixing a typo in the README helps.

Open source built the internet. It’s still holding it together with duct tape and goodwill.

Let’s treat it — and the people behind it — like the $8.8 trillion miracle it is.

#aislop #opensourcesoftware #security #cybersecurity #touchgrass

Happy 4th of July!

Taken at my citizenship ceremony, years ago.

Do you want to hear about AI, open source and the future of work at the Empire State Building?

The United Nations Office for Digital and Emerging Technologies and the United Nations Office of Information and Communications Technology are collaborating to bring you an exciting Open Source Week 2025, June 17-20 2025.

Zack and I have the honor of hosting an official side event on Jun 17, 2024 at our offices at the Empire State Building in conjunction with our friends at the United Nations.

If you’re interested in joining and plan to be in NYC, register here to attend by June 10: https://forms.office.com/pages/responsepage.aspx?id=2zWeD09UYE-9zF6kFubccPgTCyVRCTZPtl_AdPDO9s9UM0xFUURYS0ZNTlhQVU9HVU5IRTNKWkdBVSQlQCN0PWcu&route=shorturl

We can't wait to see you!

#UNOpenSourceWeek #ai #opensourcesoftware #futureofwork

“If you’ve used the Internet today, chances are you’ve used something I worked on”

That’s my ice breaker, and I’m really proud of it.

However, I’m even more proud of where I came from.

Shout out to my buddy Neilesh for the best gift.

Where you from?

I once caused an international incident—in the middle of an assembly at the UN!

At LinkedIn, we often ask, “Tell me something about yourself that isn’t on your LinkedIn profile.” as an icebreaker in meetings.

Last year, I was invited to speak at the United Nations OSPO for Good event. I was part of a panel alongside Arun, Hilary, and Tajh led by Sachiko.

At the end of our panel, I wanted to commemorate the amazing session in the most Omkhar way possible—with a selfie.

Whether it was the nerves, the size of our group, or the angle, I’m not sure, but it took a few minutes (and a lot of adjusting) before Arun kindly grabbed my phone and managed to frame the perfect shot—capturing all of us and the backdrop beautifully.

By the time we were done, our very gracious host, Omar Mohsine, informed us that we had officially delayed the schedule—causing a minor incident. Thankfully, we were the final item on the agenda.

And that’s how I caused an international incident at the UN. Here’s the pic, I think it was worth it.

Now it’s your turn—what’s something about you that isn’t on your LinkedIn profile?

PS I guess I can't use this story as a LinkedIn icebreaker anymore...

Last year @arungupta invited me to contribute a chapter about @openssf to his book Fostering Open Source Culture.

I received my copy a couple of weeks ago!

Fostering Open Source Culture explores the importance of open source in today's world and how organizations can effectively contribute to and leverage open source culture.

The book includes 40+ case studies and insights from over 50 contributors, offering practical tips for fostering open source culture to drive innovation and business success.

Grab your copy here :
https://www.amazon.com/Fostering-Open-Source-Culture-Innovation/dp/B0DFGB42SM

#opensourcesoftware #cybersecurity

Are you interested in software engineering, leadership and/or cybersecurity?

Are you in NYC on April 16?

Wanna hang out at the Empire State Building?

ELC are hosting a fireside chat with me on April 16, 2025 at the LinkedIn NYC Offices - Empire State Building.

We’re going to chat about a variety of topics regarding leadership, engineering and of course cybersecurity.

Admission is FREE, sign up below:

https://elc.community/public/clubs/new-york-city-3po/events/elc-nyc-fireside-chat-with-omkhar-arasaratnam-linkedins-distinguished-engineer-for-infosec-r75dbe7vpf

“Speak simply, and focus on delivering effortless solutions to complex problems”

This was the best advice I’ve ever received about work.

* No one wants to pull out a thesaurus or go through mental gymnastics to figure out what you’re saying.

* No one values long drawn out philosophical navel gazing about a complicated problem. The problem is already complex!

* No one wants a solution that's more difficult than the problem. They want someone to make it easy. Not to mention, complex solutions are brittle and quickly abandoned.

What’s the best advice you’ve received about how to succeed at work?

I had a fantastic time visiting LinkedIn HQ and Bellevue last week, culminating in an amazing fireside chat with Bef and Kutta.

During the fireside chat Kutta and I spoke about our career paths and the importance of curiosity and craft.

If securing over a billion members at LinkedIn sounds like an interesting challenge, check out our open InfoSec opportunities below. I look forward to working with you.

Senior Leadership:
Director, Security and Foundations Eng - https://www.linkedin.com/jobs/view/4123356584/
Senior Director, Eng Compliance & Governance - https://www.linkedin.com/jobs/view/4104028689
Principal Staff, Security and Foundations Eng - https://www.linkedin.com/jobs/view/4119848690/

Roles located in the US
Sr Risk & Compliance Eng - https://www.linkedin.com/jobs/view/4044899003/
Sr InfoSec Eng, IR - https://www.linkedin.com/jobs/view/4052196545/
Staff Eng Compliance PM - https://www.linkedin.com/jobs/view/4051234149/
Manager SecInfra (Workload Identity) - https://www.linkedin.com/jobs/view/4049326352/
Sr SWE SecInfra (Workload Security) - https://www.linkedin.com/jobs/view/4067396088/
Sr. Staff SWE SecInfra (Workload Security) - https://www.linkedin.com/jobs/view/4098429443/
Staff SecInfra (Workload Security) - https://www.linkedin.com/jobs/view/4102076979/
Sr Security Engineer, CorpID - https://www.linkedin.com/jobs/view/4106251789/
SWE SecInfra (Workload Identity & Access) - https://www.linkedin.com/jobs/view/4118957035/
Sr SWE SecInfra (Workload Security) - https://www.linkedin.com/jobs/view/4118957033/

Roles located in Bangalore
Sr SWE, CorpID - https://www.linkedin.com/jobs/view/4065138560/
Sr SWE, Security Posture Management - https://www.linkedin.com/jobs/view/4067364943/
Sr ProdSec Eng - https://www.linkedin.com/jobs/view/4087333758/
Staff InfoSec Eng, IR - https://www.linkedin.com/jobs/view/4064833546/
InfoSec Eng, IR - https://www.linkedin.com/jobs/view/4088736384/

#hiring #infosec #cybersecurity #jobs #jordans #nojerks