←back to thread

Open Source is one person

(opensourcesecurity.io)
433 points LawnGnome | 6 comments | 28 Aug 25 01:54 UTC | HN request time: 1.046s | source | bottom
Show context
andersmurphy ◴[28 Aug 25 10:06 UTC] No.45050365[source]
I find it more concerning that the DoD uses node.

I might be wrong but npm etc feels like a very large attack surface.

replies(3): >>45050940 #>>45051144 #>>45053066 #
1. lantry ◴[28 Aug 25 12:05 UTC] No.45051144[source]
The DoD is a huge organization, so I'd guess they use almost everything.
replies(2): >>45051301 #>>45057920 #
2. kube-system ◴[28 Aug 25 12:24 UTC] No.45051301[source]
> The DoD is a huge organization

That's an understatement if there ever was one.

https://en.wikipedia.org/wiki/List_of_largest_employers

replies(2): >>45053540 #>>45053697 #
3. chamomeal ◴[28 Aug 25 15:37 UTC] No.45053540[source]
Woah that’s insane, I didn’t realize it was THAT big. And that’s not even counting the zillions of contractors and consultants. I live in the DC area and I know a ton of people who work for places that contract for the DOD, and only like 2 people who actually work there
replies(1): >>45054028 #
4. ARandomerDude ◴[28 Aug 25 15:49 UTC] No.45053697[source]
I think I'm even more amazed that Walmart has almost as many employees as the DoD.
5. spott ◴[28 Aug 25 16:20 UTC] No.45054028{3}[source]
That is including all us military personnel, which puts it into perspective a bit.
6. tracker1 ◴[28 Aug 25 22:50 UTC] No.45057920[source]
There's a reason it's the largest budget item outside entitlements. There's a lot of money flowing into DoD (and Military Industrial Complex vendors).