Oracle Java license teams set to begin targeting Oracle users who don't think they use Oracle (www.theregister.com)
from lemmee_in@lemm.ee to programming@programming.dev on 20 Jun 2024 18:00
https://lemm.ee/post/35099950

Organizations that do not consider themselves Oracle customers, but who use Java, can expect a call from the Big Red in the next three to nine months, according to a software licensing specialist.

House of Brick, which has spent years advising clients on how to manage their commercial arrangements with Oracle, said it had noticed an uptick in organizations seeking advice after being contacted by the tech giant about their Java use.

“Even if you are not an Oracle customer, they are tracking product downloads and matching the IP addresses to your organization. Oracle has deployed a whole team of people in India that are contacting organizations worldwide with claims of non-compliant Java SE usage,” the company said in a blog, referring to the runtime environment.

While most Oracle and Java users have become aware of the changes, those who have never dealt with Oracle for their applications, database or middleware software might be new to the arrangement.

“They don’t have a relationship with Oracle. But Oracle has tracked Java SE downloads to their company. And then Oracle approached them saying ‘We see that you’ve been downloading our Java SE product, it requires a licence.’ This might be an email coming from a person that has an audit or similar title in their signature,” said Nathan Biggs, House of Brick CEO.

For example, Oracle is likely to ask for the installation date and ask whether the customer also deploys on VMware.

But Oracle will be leading towards an “offer” to overlook earlier unlicensed software if they agree to sign up to the new subscription model, Biggs said.

Organizations should be careful before they take up the offer, he said. Users with legacy Oracle agreements face more than 100 percent — even 1,000 percent — cost increases when moving to the new terms. Bills going from tens of thousands of dollars to more than a million have been confirmed by multiple licensing specialists.

He said Oracle is entitled to ask for backdated payments for people already using Java since the paid-for deal was announced. But whether they should be forced to adopted the 2023 per employee arrangement is a moot point.

To start with, Oracle will limit the back-payment to three years. But it will also try to charge users under the Universal pricing arrangement introduced in January 2023.

“This is absurd because the universal pricing has only been around for a year. We always then push back on Oracle,” he said.

#programming

threaded - newest

Luvon@beehaw.org on 20 Jun 2024 18:47 next collapse

And that’s why we use temurin

JackbyDev@programming.dev on 22 Jun 2024 14:26 collapse

Hell yes, Luvon. Temurin is the GOAT.

leds@feddit.dk on 20 Jun 2024 19:15 next collapse

Remember that Microsoft offers a nicely packaged version of openjdk for download

thingsiplay@beehaw.org on 20 Jun 2024 19:58 next collapse

Or on Linux systems as well. Another reason why Open Source / Libre Software is not only important, but essential to keep the freedom of users intact. There is no tracking, no artificial limitation from Oracle and no cost involved as well.

The Java implementation from Oracle needs to die. Everyone should switch to openjdk or stop using Java.

eveninghere@beehaw.org on 21 Jun 2024 22:27 collapse

Company asks me if I use Oracle Java. The problem is, how would I know I’m 100% clean?

If every library dev start doing this we need a horrible amount of extra work to make sure the system is clean…

tyler@programming.dev on 21 Jun 2024 01:26 next collapse

Just use asdf or the alternative that works on windows. You can specify all your languages in the file even for maven or gradle or any thing else as well. No more managing installs.

deathmetal27@lemmy.world on 22 Jun 2024 04:38 collapse

So do Eclipse, IBM, Amazon, Azul, Liberica, etc. There is really no reason to download any JDK version from the OTN ever.

Also if your organisation still relies on JDK 8 then using a non-Oracle openjdk version is your only option if you don’t want to give Oracle money.

henfredemars@infosec.pub on 20 Jun 2024 19:39 next collapse

Oracle would like to know your location, but seriously they would so they can throw lawyers at you.

empireOfLove2@lemmy.dbzer0.com on 20 Jun 2024 20:43 next collapse

Oracle doing Oracle things.

Never forget what their name’s acronym really stands for…

DmMacniel@feddit.de on 20 Jun 2024 20:57 collapse

please tell

spicystraw@lemmy.world on 20 Jun 2024 21:04 next collapse

“One Rich Asshole Called Larry”, which is a common joke about the company’s founder Larry Ellison.

Or

"One Real Asshole Called...", which is another derogatory joke about the company and its leadership.
tyler@programming.dev on 21 Jun 2024 01:27 collapse

There’s not even an e after the l

Quetzalcutlass@lemmy.world on 21 Jun 2024 02:03 collapse

Ellison.

tyler@programming.dev on 23 Jun 2024 16:44 collapse

Oh 😅

Badabinski@kbin.earth on 20 Jun 2024 21:10 collapse

Someone beat me to the punch about the true meaning of Oracle, so I'll instead link this wonderful video about why you shouldn't make the mistake of anthropomorphizing Larry Ellison: https://youtube.com/watch?v=-zRN7XLCRhc&t=1981s

biscuitswalrus@aussie.zone on 20 Jun 2024 23:46 next collapse

One rich company trying to claim money off the other rich companies using its software. The ROI on enforcing these will come from only those that really should have afforded to pay and if they can’t, shouldn’t have built on the framework. Let them duke it out. I have zero empathy for either side.

The hopeful other side is with a “budget” for the license, a company can consider using that to weigh up open source contributions and expertise. Allowing those projects to have experts who have income. Even if it’s only a few companies that then hire for that role of porting over, and contributing back to include needed features, more of that helps everyone.

The same happens in security, there used to be no budget for it, it was a cost centre. But then insurance providers wouldn’t provide cyber insurance without meeting minimum standards (after they lost billions) and now companies suddenly have a budget. Security is thriving.

When companies value something, because they need to weigh opportunity cost, they’ll find money.

eager_eagle@lemmy.world on 21 Jun 2024 00:41 next collapse

I received an email about this one year ago from one of the universities technicians/systems maintainer to let them know if we were running non-openjdk java runtimes because they received a million-dollar “warning” email. Greedy corps are even going after universities.

JackbyDev@programming.dev on 22 Jun 2024 14:26 collapse

Wowwww that’s truly fucked up.

NigelFrobisher@aussie.zone on 21 Jun 2024 00:54 next collapse

Oracle has always been the Mafia Family of tech companies. Once you’re in, you’re in for life.

bitchkat@lemmy.world on 21 Jun 2024 03:41 next collapse

Why would anyone go through the pain of installing Oracle java when you can just install openjdk from the repos. If you develop on windows, Adoptium.net will give you prebuilt openjdk.

echo@lemmings.world on 21 Jun 2024 05:09 next collapse

Because they make it stupidly difficult to find the latest OpenJDK for any given major version.

lemmyvore@feddit.nl on 21 Jun 2024 10:41 next collapse

What do you mean? It’s very easy to find the download page for OpenJDK, and Adoptium’s Temurin seems to be equally easy to find.

echo@lemmings.world on 21 Jun 2024 23:26 next collapse

Google “openjdk 10 download site: openjdk.org” or any other older version and you’ll get zero links that take you to the download. Change your link to /8 or /10 or whatever version you want and that doesn’t work, either.

So what I mean is exactly what I said… it’s too damn hard to find the download.

lemmyvore@feddit.nl on 22 Jun 2024 10:36 collapse

On Google I get the link to the download page as 3rd result, and on DuckDuckGo is the first result.

There might also be some confusion related to the fact openjdk.org only called its builds “openjdk” for version 8 and for versions 11+. Versions 7, 9 and 10 were just called “JDK” so technically there’s no such thing as “openjdk 10”.

JackbyDev@programming.dev on 22 Jun 2024 14:21 collapse

Adoptium and OpenJDK are different builds. OpenJDK has no concept of LTS which is why they only provide the latest build. Adoptium has LTS versions and you can download past ones.

lemmyvore@feddit.nl on 22 Jun 2024 20:07 collapse

You can download past versions of OpenJDK going back to 7 from the link I gave above.

cheddar@programming.dev on 22 Jun 2024 10:59 next collapse

That is not a good excuse for a company that makes money thanks to Java.

JackbyDev@programming.dev on 22 Jun 2024 14:20 collapse

That’s why you shouldn’t use OpenJDK. You should use Adoptium (formerly known as AdoptOpenJDK). OpenJDK also doesn’t provide builds of anything but the latest version even though the source is still receiving bug fixes for previous versions. OpenJDK has no concept of LTS.

LaggyKar@programming.dev on 21 Jun 2024 10:39 next collapse

If you develop on windows, Adoptium.net will give you prebuilt openjdk.

Only if you know it exists. It’s not something that comes up when searching for it.

bitchkat@lemmy.world on 21 Jun 2024 13:08 collapse

searching for “openjdk download” has Adoptium.net in the first 5 results.

RagingRobot@lemmy.world on 22 Jun 2024 13:11 collapse

Yeah but you know it exists lol how would someone just looking for the java run time know that openjdk exists to search for it?

JackbyDev@programming.dev on 22 Jun 2024 14:18 collapse

I’m hoping all professional Java developers either know about the existence of OpenJDK or one of their bosses or IT does and will appropriately direct them to foss builds of the JDK. Even then, I think (hope) most people using AWS will use Coretto.

Aux@lemmy.world on 21 Jun 2024 14:50 collapse

Or even better - start using Docker already.

Suppoze@beehaw.org on 21 Jun 2024 04:59 next collapse

Honestly, the new licensing model for Oracle JDK was known for so, so long, and every company had every chance to use an open alternative. Actually I think Oracle has been pretty lenient with it’s grace period, so I don’t feel sorry for the companies held accountable over this

lemmyvore@feddit.nl on 21 Jun 2024 10:46 next collapse

Yeah this is pretty much non-news at this point. The last unencumbered versions of JDK and JRE from Oracle went out in 2019, that’s 5 years ago, and they’re still allowing a grace period of another 6 months.

I mean don’t get me wrong, Oracle sucks and the way they go about licensing is shit, but at this point come on. If a company hasn’t bothered to get rid of Oracle’s version of Java for the last 6 years maybe they want to get shafted? I don’t kink-shame.

senkora@lemmy.zip on 21 Jun 2024 17:00 collapse

The way the article makes it sound is, if individual employees download OracleJDK while on the company network, and use it for small personal scripts or automation, then that might be enough to trigger Oracle to act.

If your company is large enough, then enough employees may have done that to make you a reasonable target for litigation if you don’t work something out with Oracle. And Oracle is an expert at litigation.

I think that the best defense for a large company would be to IP block all Oracle domains and periodically scan employee laptops for any Oracle products (especially JDK and VirtualBox guest additions) and delete them.

You really have to treat anything that Oracle touches as malware if you want to protect yourself.

mindbleach@sh.itjust.works on 21 Jun 2024 05:02 next collapse

Java is an okay format owned by the devil. When two devices running Java connect via wifi, One Rich Asshole Called Larry Ellison expects the air in-between them to be properly licensed. If the free software movement had not been founded to say “fuck printers,” it would have sprung into being in order to say “fuck Oracle.”

If businesses spring up to advise customers how to handle your billing and legal departments, maybe you shouldn’t be a company anymore.

kryllic@programming.dev on 21 Jun 2024 15:24 next collapse

But Oracle will be leading towards an “offer” to overlook earlier unlicensed software if they agree to sign up to the new subscription model, Biggs said.

So…Oracle is just adopting the mafia mentality to accomplish this? Yeesh.

IHeartBadCode@kbin.run on 23 Jun 2024 00:53 collapse

Oracle is just adopting the mafia mentality

What do you mean "just"? This has always been Oracle.

PenisWenisGenius@lemmynsfw.com on 21 Jun 2024 16:54 next collapse

Wow if you don’t have a vpn you’re fucked these days.

Corbin@programming.dev on 21 Jun 2024 19:17 next collapse

This shit is why I cannot recommend Truffle/Graal. Yes, it’s cool technology. Yes, it works well. Yes, I remember Chris Seaton. Yes, most of it is Free Software. However, Oracle is still the fucking lawnmower, and it’s not safe to build upon anything they can convince a judge they might own.

Alternatives include RPython (my preference) and also GNU Lightning.

MehBlah@lemmy.world on 21 Jun 2024 19:39 next collapse

A good response would be “We have blocked your networks at the firewall and are in the process of eliminating any of your software that has infected our network.”

MonkderDritte@feddit.de on 22 Jun 2024 11:15 next collapse

But it’s openjre…

[deleted] on 22 Jun 2024 11:19 collapse

.