Tag: java

Oracle comes up with a way of getting Java off every machine

JavascriptDatabase maker Oracle has worked out a way of getting its Java code off every machine in the world – it is starting to sue those who use it without permission.

Six years after it wrote a cheque for Sun, Oracle is ramping up audits of Java customers it claims are in breach of its licences.

Oracle has been hitting up customers and partners claiming they are out of compliance on Java. This has taken some time but now its License Management Services (LMS) division is being more active in chasing down people for payment.

The database giant is understood to have hired 20 individuals globally this year, whose sole job is the pursuit of businesses in breach of their Java licences.

This is causing a boom in the industry compliance industry with specialists are themselves ramping up, hiring Java experts and expanding in anticipation of increased action next year.

At the heart of the issue is Java SE which comes in three paid flavours costing $40- $300 per user and $5,000 – $15,000 per processor.

Experts telling people to avoid downloading Java SE and those who have should review its use before Oracle pounds on their door.

We have been told that Oracle is also targeting its partners, even though they are the ones helping Oracle carry out the legal moves.

The issue is that people seem to believe that Java is free software because that was the case under Sun. Sun charged a licensee fee to companies like IBM and makers of Blu-ray players, but generally Sun used Java to help sales of its systems.

Oracle changed all that with Java SE includes Java SE Advanced Desktop, introduced by Oracle in February 2014, and Java SE Advanced and Java SE Suite, introduced by Oracle in May 2011.

Java SE is free but Java SE Advanced Desktop, Advanced and Suite are not. Java SE Suite, for example, costs $300 per named user with a support bill of $66; there’s a per-processor option of $15,000 with a $3,300 support bill.

Java SE is not free for what Oracle’s licence defines as “specialized embedded computers used in intelligent systems.” This includes mobile phones, hand-held devices, networking switches and Blu-Ray players.
Another issue is that when you download Java SE you can end up installing things you don’t need but have to pay for.
If anything Oracles actions are going to really hack off users next year and there will be a general backlash against Java in 2017.

Microsoft opens up Visual Studio to Java developers

microsoft-in-chinaMicrosoft has opened its Visual Studio Application Insights cloud software telemetry service so that Java developers can come up with new Azure designs.

For those who came in late, Application Insights is part of the Visual Studio Online set of services that Redmond announced in November 2013. It gathers and generates reports on usage and performance data for online applications.

These can be accessed through the Microsoft Azure Portal – which means you need an Azure subscription to use Application Insights.

The service had only allowed for the connection web applications and apps written using Microsoft’s own ASP.Net framework. But the new rules allow the same kind of monitoring to Java applications.

Microsoft is also offering support for Application Insights in its new version of the Azure Tookit for Eclipse.

A free trial of Application Insights is available. After that, pricing depends on the level of Visual Studio Online service you need and the amount of Azure resources you consume each month.

Javascript grows in popularity

JavascriptAccording to numbers from RedMonk, a tech-industry analyst firm, while Apple’s development language Swift is growing it has a mountain to climb before it will rival the ever popular Javascript.

The tame Apple Press is doing its best to talk up the rise of Swift, but the real news from RedMonk’s list of the most-used languages survey is that Javascript is continuing to grow like topsy. Swift has risen from obscuring to one of the top 22 languages but given that is two spots below an OS called “groovy” we don’t think it is making that much of a splash.

The top ten are

  1. JavaScript
  2. Java
  3. PHP
  4. Python
  5. C#
  6. C++
  7. Ruby
  8. CSS
  9. C
  10. Objective-C

JavaScript edged Java for the top spot in the rankings, but as always, the difference between the two is so marginal as to be insignificant.

The Top 10 was effectively static. C++ and Ruby jumped each one spot to split fifth place with C#, but that minimal distinction reflects the lack of movement of the rest of the “Tier 1,” or top grouping of languages.

PHP has not shown the ability to unseat either Java or JavaScript, but it has remained unassailable for its part in the third position. After a brief drop in Q1 of 2014, Python has been stable in the fourth spot, and the rest of the Top 10 looks much as it has for several quarters.

In fact rather than Swift, Red Monk predicts that Go is doing the best.  Six months ago it was predicted that it would become a Top 20 language within six to twelve months. Six months following that, Go can consider that mission accomplished. Go jumped over Visual Basic, Clojure and Groovyand displaces Coffeescript entirely – to take number 17 on the list.

Red Monk said that Julia and Rust are the two notable languages to watch, Julia and Rust’s growth has typically been in lockstep, though not for any particular functional reason. This time Rust outpaced Julia, jumping eight spots to 50 against Julia’s more steady progression from 57 to 56.

 

Oracle pushes out huge security update

Sisyphus-Image-01CDatabase outfit Oracle has pushed out a record number of patches in a security update.

Included in the patch are critical fixes for Java SE and the Oracle Sun Systems Products Suite.

All up this means that the update contains nearly 170 new security vulnerability fixes, including 36 for Oracle Fusion Middleware. Twenty-eight of these may be remotely exploitable without authentication and can possibly be exploited over a network without the need for a username and password.

The worst of the bugs are in Java SE, Fujitsu M10-1, M10-4 and M10-4S. In the case of Java SE, a CVSS Base Score of 10.0 was reported for four distinct client-only vulnerabilities.

Writing in the company blog, Oracle said that out of these 19 Java vulnerabilities, 15 affect client-only installations, two affect client and server installations, and two affect JSSE installations.

The blog says that the lower number of Oracle Java SE fixes reflect the results of Oracle’s strategy for addressing security bugs affecting Java clients and improving security development practices in the Java development organization.

While that might be true, the ton of patches in the rest of the software suggests that while Java is being closely watched, other bits are not.

In the case of the Oracle Sun Systems Products Suite, CVE-2013-4784 has a CVSS rating of 10.0 and affects XCP Firmware versions prior to XCP 2232. Overall, there are 29 security fixes for the suite.

The update also includes eight new security fixes for Oracle Database Server, none of which are remotely exploitable without authentication. Oracle MySQL has nine security fixes.

There are also: 10 fixes for Oracle Enterprise Manager Grid Control; 10 for Oracle E-Business Suite; six for the Oracle Supply Chain Products Suite; seven security fixes for Oracle PeopleSoft products; 17 for Oracle Siebel CRM; one for Oracle JD Edwards Products; two for Oracle iLearning; two for Oracle Communications Applications; one for Oracle Retail Applications; one for Oracle Health Sciences Applications and 11 new security fixes for Oracle Virtualisation.