omkhar

Open source built the internet. It’s still holding it together with duct tape and goodwill.

Let’s treat it — and the people behind it — like the $8.8 trillion miracle it is.

#aislop #opensourcesoftware #security #cybersecurity #touchgrass

* Using OSS personally? Thank a maintainer. Donate. Contribute. Even fixing a typo in the README helps.

* Using OSS in your business? Chances are, you are. Time to give back — with funding, sponsorships, or actual engineering help.

So, what can you do?

* Using AI to vibe-code security bugs? Please stop. Seriously. Shut the laptop. Go touch grass. Maybe talk to a human.

Want a peek into his inbox of doom?
1. HackerOne cURL Hacktivity hackerone.com/curl/hacktiv...
2. Filter by: status = not applicable
3. Feel: 😬 existential dread

This is what happens when people feed vibe-code into an LLM, squint, and hit “submit.”

Enter the AI Slop Era.

Take Daniel Stenberg — creator and lead maintainer of cURL and libcurl — two of the most widely used OSS projects in existence. Instead of sipping margaritas on a beach somewhere (as he should be), he's busy triaging nonsense AI-generated “exploits” reported via HackerOne.

Let that sink in. Open source software is quietly propping up the global economy like a tired BOFH running on coffee and unpaid emotional labor.

And how do we reward open source maintainers, the unsung heroes keeping the digital world upright?

It’s not light reading, but here’s the TL;DR:

* Supply-side value of creating and maintaining popular open source software? About $4.15 billion.

* Demand-side replacement cost if companies had to rebuild that OSS themselves? A casual $8.8 trillion.

All modern digital infrastructure runs on a project some random person in Nebraska has been maintaining since 2003

$8.8 trillion. Yes, with a T.

In 2024, my friend Frank Nagle (et al.) at Harvard Business School dropped a paper titled The Value of Open Source Software

www.hbs.edu/ris/Publicat...

Happy 4th of July!

Taken at my citizenship ceremony, years ago.

The Citizen Lab has an excellent write up here : citizenlab.ca/2025/06/a-pr...

David Fraser has an excellent YouTube play list regarding C-2, and his concerns here : www.youtube.com/playlist?lis...

#canadaday #civilrights #privacy

Let’s not sleepwalk into surveillance. We deserve better.

If you're a Canadian resident, contact your Member of Parliament : www.ourcommons.ca/members/en - remember, it's their elected job to represent you.

I've posted more about C-2 here: bsky.app/profile/omkh...

C-2 is an incredibly violation of civil rights. It must be stopped.

I don’t expect legislators to understand software engineering, that’s why software engineers need to advocate against this.

Canada

Happy Canada Day!

As we celebrate Canada's birthday, I appeal to all patriotic Canadians to speak to your member's of parliament to get rid of Bill C-2.

omkhar PSA's ahead of the holiday week:

1) Price of oxtail is too high.
2) Plural of oxtail, is "oxtail dem"

Thank you for listening.

PPS If you're a Canadian resident, find your Member of Parliament here: www.ourcommons.ca/members/en

Unspoken Implications: A Preliminary Analysis of Bill C-2 and Canada’s Potential Data-Sharing Obligations Towards the United States and Other Countries - The Citizen Lab On June 3, 2025, the Canadian government tabled Bill C-2, omnibus legislation that, if passed, would introduce a wide array of new federal agency and law enforcement powers, and would significantly re...

PS The Citizen Lab has an excellent write up citizenlab.ca/2025/06/a-pr...

#PrivacyMatters #BillC2 #Canada #DigitalRights #Policy #CivicEngagement

Government Bill (House of Commons) C-2 (45-1) - First Reading - Strong Borders Act - Parliament of Canada Government Bill (House of Commons) C-2 (45-1) - First Reading - Strong Borders Act - Parliament of Canada

If you're concerned (and you should be), reach out to your Member of Parliament. Let them know you oppose C-2 and support real protections for Canadian privacy and civil rights.

You can read the full bill here:

www.parl.ca/DocumentView...

Let’s not sleepwalk into surveillance. We deserve better.

Free societies are built on the principle that the law protects the innocent—not that we must prove we have nothing to hide.

I keep seeing arguments like, “If you’re not doing anything wrong, you have nothing to worry about.”

Let me be clear: that’s not how rights work.

All accessed more easily under vague “exigent circumstances”

As a person who’s been accosted based on “reasonable suspicion” due to…. existing, I’m concerned that this bill expands surveillance powers and erodes due process protections that Canadians have long relied on.

It lowers the threshold for law enforcement to access your private data—without a warrant. All it takes is "reasonable suspicion."

What kind of data?

* Internet and cellphone metadata

* Your location and activity logs

* Information shared across borders with foreign agencies

Canadians, pay attention: Bill C-2 is a quiet threat to your privacy and civil liberties.

With so much happening around the world, it’s easy to miss what’s going on in our own backyard. But Bill C-2, now in the House of Commons, deserves your attention.

Oh hey, I'm speaking at that! Come one, come all, USENIX Security is a fantastic conference and I'm so excited that there's an Enigma track for talks about big ideas in security.

(I'm planning to talk about a bunch of lessons I learned the hard way after I left academia, but open to suggestions!)

If you’re interested in joining and plan to be in NYC, register here to attend by June 10: forms.office.com/pages/respon...

We can't wait to see you!

#UNOpenSourceWeek #ai #opensourcesoftware #futureofwork

Zack and I have the honor of hosting an official side event on Jun 17, 2024 at our offices at the Empire State Building in conjunction with our friends at the United Nations.

The United Nations Office for Digital and Emerging Technologies and the United Nations Office of Information and Communications Technology are collaborating to bring you an exciting Open Source Week 2025, June 17-20 2025.

Do you want to hear about AI, open source and the future of work at the Empire State Building?

Thank you Christine for providing me the opportunity to spend time with these amazing young people today at WIT [In]spire Day!

#Leadership #CareerAdvice #WITInspireDay #FutureOfWork #Graduates #Motivation #LinkedIn