from lemmee_in@lemm.ee to programming@programming.dev on 20 Jun 2024 18:00
https://lemm.ee/post/35099950
Organizations that do not consider themselves Oracle customers, but who use Java, can expect a call from the Big Red in the next three to nine months, according to a software licensing specialist.
House of Brick, which has spent years advising clients on how to manage their commercial arrangements with Oracle, said it had noticed an uptick in organizations seeking advice after being contacted by the tech giant about their Java use.
“Even if you are not an Oracle customer, they are tracking product downloads and matching the IP addresses to your organization. Oracle has deployed a whole team of people in India that are contacting organizations worldwide with claims of non-compliant Java SE usage,” the company said in a blog, referring to the runtime environment.
While most Oracle and Java users have become aware of the changes, those who have never dealt with Oracle for their applications, database or middleware software might be new to the arrangement.
“They don’t have a relationship with Oracle. But Oracle has tracked Java SE downloads to their company. And then Oracle approached them saying ‘We see that you’ve been downloading our Java SE product, it requires a licence.’ This might be an email coming from a person that has an audit or similar title in their signature,” said Nathan Biggs, House of Brick CEO.
For example, Oracle is likely to ask for the installation date and ask whether the customer also deploys on VMware.
But Oracle will be leading towards an “offer” to overlook earlier unlicensed software if they agree to sign up to the new subscription model, Biggs said.
Organizations should be careful before they take up the offer, he said. Users with legacy Oracle agreements face more than 100 percent — even 1,000 percent — cost increases when moving to the new terms. Bills going from tens of thousands of dollars to more than a million have been confirmed by multiple licensing specialists.
He said Oracle is entitled to ask for backdated payments for people already using Java since the paid-for deal was announced. But whether they should be forced to adopted the 2023 per employee arrangement is a moot point.
To start with, Oracle will limit the back-payment to three years. But it will also try to charge users under the Universal pricing arrangement introduced in January 2023.
“This is absurd because the universal pricing has only been around for a year. We always then push back on Oracle,” he said.
threaded - newest
And that’s why we use temurin
Hell yes, Luvon. Temurin is the GOAT.
Remember that Microsoft offers a nicely packaged version of openjdk for download
Or on Linux systems as well. Another reason why Open Source / Libre Software is not only important, but essential to keep the freedom of users intact. There is no tracking, no artificial limitation from Oracle and no cost involved as well.
The Java implementation from Oracle needs to die. Everyone should switch to openjdk or stop using Java.
Company asks me if I use Oracle Java. The problem is, how would I know I’m 100% clean?
If every library dev start doing this we need a horrible amount of extra work to make sure the system is clean…
Just use asdf or the alternative that works on windows. You can specify all your languages in the file even for maven or gradle or any thing else as well. No more managing installs.
So do Eclipse, IBM, Amazon, Azul, Liberica, etc. There is really no reason to download any JDK version from the OTN ever.
Also if your organisation still relies on JDK 8 then using a non-Oracle openjdk version is your only option if you don’t want to give Oracle money.
Oracle would like to know your location, but seriously they would so they can throw lawyers at you.
Oracle doing Oracle things.
Never forget what their name’s acronym really stands for…
please tell
“One Rich Asshole Called Larry”, which is a common joke about the company’s founder Larry Ellison.
Or
There’s not even an e after the l
Ellison.
Oh 😅
Someone beat me to the punch about the true meaning of Oracle, so I'll instead link this wonderful video about why you shouldn't make the mistake of anthropomorphizing Larry Ellison: https://youtube.com/watch?v=-zRN7XLCRhc&t=1981s
One rich company trying to claim money off the other rich companies using its software. The ROI on enforcing these will come from only those that really should have afforded to pay and if they can’t, shouldn’t have built on the framework. Let them duke it out. I have zero empathy for either side.
The hopeful other side is with a “budget” for the license, a company can consider using that to weigh up open source contributions and expertise. Allowing those projects to have experts who have income. Even if it’s only a few companies that then hire for that role of porting over, and contributing back to include needed features, more of that helps everyone.
The same happens in security, there used to be no budget for it, it was a cost centre. But then insurance providers wouldn’t provide cyber insurance without meeting minimum standards (after they lost billions) and now companies suddenly have a budget. Security is thriving.
When companies value something, because they need to weigh opportunity cost, they’ll find money.
I received an email about this one year ago from one of the universities technicians/systems maintainer to let them know if we were running non-openjdk java runtimes because they received a million-dollar “warning” email. Greedy corps are even going after universities.
Wowwww that’s truly fucked up.
Oracle has always been the Mafia Family of tech companies. Once you’re in, you’re in for life.
Why would anyone go through the pain of installing Oracle java when you can just install openjdk from the repos. If you develop on windows, Adoptium.net will give you prebuilt openjdk.
Because they make it stupidly difficult to find the latest OpenJDK for any given major version.
What do you mean? It’s very easy to find the download page for OpenJDK, and Adoptium’s Temurin seems to be equally easy to find.
Google “openjdk 10 download site: openjdk.org” or any other older version and you’ll get zero links that take you to the download. Change your link to /8 or /10 or whatever version you want and that doesn’t work, either.
So what I mean is exactly what I said… it’s too damn hard to find the download.
On Google I get the link to the download page as 3rd result, and on DuckDuckGo is the first result.
There might also be some confusion related to the fact openjdk.org only called its builds “openjdk” for version 8 and for versions 11+. Versions 7, 9 and 10 were just called “JDK” so technically there’s no such thing as “openjdk 10”.
Adoptium and OpenJDK are different builds. OpenJDK has no concept of LTS which is why they only provide the latest build. Adoptium has LTS versions and you can download past ones.
You can download past versions of OpenJDK going back to 7 from the link I gave above.
That is not a good excuse for a company that makes money thanks to Java.
That’s why you shouldn’t use OpenJDK. You should use Adoptium (formerly known as AdoptOpenJDK). OpenJDK also doesn’t provide builds of anything but the latest version even though the source is still receiving bug fixes for previous versions. OpenJDK has no concept of LTS.
Only if you know it exists. It’s not something that comes up when searching for it.
searching for “openjdk download” has Adoptium.net in the first 5 results.
Yeah but you know it exists lol how would someone just looking for the java run time know that openjdk exists to search for it?
I’m hoping all professional Java developers either know about the existence of OpenJDK or one of their bosses or IT does and will appropriately direct them to foss builds of the JDK. Even then, I think (hope) most people using AWS will use Coretto.
Or even better - start using Docker already.
Honestly, the new licensing model for Oracle JDK was known for so, so long, and every company had every chance to use an open alternative. Actually I think Oracle has been pretty lenient with it’s grace period, so I don’t feel sorry for the companies held accountable over this
Yeah this is pretty much non-news at this point. The last unencumbered versions of JDK and JRE from Oracle went out in 2019, that’s 5 years ago, and they’re still allowing a grace period of another 6 months.
I mean don’t get me wrong, Oracle sucks and the way they go about licensing is shit, but at this point come on. If a company hasn’t bothered to get rid of Oracle’s version of Java for the last 6 years maybe they want to get shafted? I don’t kink-shame.
The way the article makes it sound is, if individual employees download OracleJDK while on the company network, and use it for small personal scripts or automation, then that might be enough to trigger Oracle to act.
If your company is large enough, then enough employees may have done that to make you a reasonable target for litigation if you don’t work something out with Oracle. And Oracle is an expert at litigation.
I think that the best defense for a large company would be to IP block all Oracle domains and periodically scan employee laptops for any Oracle products (especially JDK and VirtualBox guest additions) and delete them.
You really have to treat anything that Oracle touches as malware if you want to protect yourself.
Java is an okay format owned by the devil. When two devices running Java connect via wifi, One Rich Asshole Called Larry Ellison expects the air in-between them to be properly licensed. If the free software movement had not been founded to say “fuck printers,” it would have sprung into being in order to say “fuck Oracle.”
If businesses spring up to advise customers how to handle your billing and legal departments, maybe you shouldn’t be a company anymore.
So…Oracle is just adopting the mafia mentality to accomplish this? Yeesh.
What do you mean "just"? This has always been Oracle.
Wow if you don’t have a vpn you’re fucked these days.
This shit is why I cannot recommend Truffle/Graal. Yes, it’s cool technology. Yes, it works well. Yes, I remember Chris Seaton. Yes, most of it is Free Software. However, Oracle is still the fucking lawnmower, and it’s not safe to build upon anything they can convince a judge they might own.
Alternatives include RPython (my preference) and also GNU Lightning.
A good response would be “We have blocked your networks at the firewall and are in the process of eliminating any of your software that has infected our network.”
But it’s openjre…
.