Oracle/Sun Enforces Pay-For-Security-Updates Plan 238
An anonymous reader writes "Recently, the Oracle/Sun conglomerate has denied public download access to all service packs for Solaris unless you have a support contract. Now, paying a premium for gold-class service is nothing new in the industry, but withholding critical security updates smacks of extortion. While this pay-for-play model may be de rigueur for enterprise database systems, it is certainly not the norm for OS manufactures. What may be more interesting is how Oracle/Sun is able to sidestep GNU licensing requirements since several of the Solaris cluster packs contain patches to GNU utilities and applications."
That's a nice server you got there (Score:5, Funny)
Re: (Score:3, Funny)
That's a nice joke you have there. It'd be a shame if someone were to moderate it. ;)
Re:That's a nice server you got there (Score:5, Insightful)
Re: (Score:2)
You mean except for the fact that they disclaim all warranties and liabilities in the license? Exactly what basis would you bring up this lawsuit when you agreed to their licensing terms?
Re:That's a nice server you got there (Score:5, Insightful)
The part that says(slightly paraphrased for clarity) "this disclaimer may not be valid in some states and does not prevent you from exercising your rights, but hopefully confuses you enough that you don't realize you have any"
Re: (Score:2)
But it's open source. Doesn't that mean people can fix it since they have the code? So what's the problem really? That's how FOSS works, for both of its advantage and disadvantage.
Re: (Score:2)
Re: (Score:2)
So sure, you could fix the open source parts yourself, but how could you fix flaws in their proprietary code?
Patching the binary file. Duh. There are numerous patches that people have created to proprietary software to fix bugs and security flaws without even a single line of the original source code. Do you somehow think that game crackers have the game's source code when cracking the games or creating key gens? Are you really that ignorant?
Re: (Score:2)
Re: (Score:2)
Great dodge, man! Secondly, you keep claiming this is extortion with absolutely zero legal basis to back it up.
Re: (Score:2)
decompile. how hard could it be.
But wouldn't that be reverse-engineering, a breach of copyright, a breach of DMCA due to the two aforementioned parts, and be opening a different can of worms for legal action against you.
Re: (Score:2)
The same EULA that lies to you about your other rights also forbids reverse engineering or altering of the product. Besides, the whole point here is selling something that is broken. A tangible product which does not work would be subject to return with refund, or if it were a safety issue a recall. Identity theft being a very real and serious problem, I would pester the FTC or similar authority to demand a recall due to the potential damage. Someone is storing SSN or other type of personal data in a da
Re: (Score:2)
That poses another problem. In general, vendor support contracts for a given piece of software usually become inapplicable if you modified the code in question. At least, this is how RedHat operates (See: Modified RPMs [redhat.com]) so it's reasonable to expect that other vendors have similar policies.
IMHO, this is a reasonable policy, because the complexity in supporting the software distribution increases quite a bit if you can't guarantee the code\behavior is vanilla. So while you're still free to integrate upstream
Re: (Score:2)
And I'm sure you have relevant case law to cite that shows that the universal disclaimer of warranty with regards to software (both proprietary and open source software) is not valid in some states or countries? Yeah, I'm not holding my breath.
Re: (Score:2)
Re: (Score:2)
And what specific law(s) are these disclaimers of warranty violating? If such warranty disclaimers are invalid it would be quite interesting that the lawyers for the FSF and UC Berkeley were unaware of them when drafting their licenses.
Re: (Score:2)
Most countries have laws which state pretty clearly that goods and services must be fit for the purpose for which they are sold. In the UK you'd have the Sale of Goods Act, not sure what you'd have elsewhere.
This has been used on occasion by people who want a refund for a piece of software which didn't live up to the hype - though AFAIK the company selling the software has caved before it's reached court. My guess is that while they don't really want to refund, they're even more averse to the idea of esta
Re: (Score:2)
Most countries have laws which state pretty clearly that goods and services must be fit for the purpose for which they are sold. In the UK you'd have the Sale of Goods Act, not sure what you'd have elsewhere.
Apparently you haven't actually read such act. In fact the act has specific terms on which you can disclaim warranty to a product.
Re: (Score:2)
There's no need. Disclaimers cannot trump the law.
They can during binding arbitration. Which, of course, everyone agrees to when they install software, use a service, or drink a soda in this damned country.
Re:That's a nice server you got there (Score:5, Insightful)
Re: (Score:2, Insightful)
So it really doesn't matter in this particular case if you agreed to their terms or not so long as a court would agree that this is extortion...
Which is highly unlikely and I doubt you have a shred of case law to back up any claim to the contrary.
Re: (Score:3, Insightful)
So that's a no on having any relevant statutory or case law to back up the claim that they could be successfully sued for extortion? Yeah, I thought so.
Re: (Score:2)
Got any case law that says they can't be?
Yeah, I thought so.
Re: (Score:2)
This is no way extortion. You bought the current version of Solaris. That's what they're legally obligated to give you. Then you made sure you also have future support for the product.. you did that, right? And it's in your contract, right? right?
Re: (Score:2)
the Open Solaris Version (Beta) updates Free(Even this could be Debatable),I have no problem with this.
Also Agree that it is your job as an Admin to look at the contract that you sign and or contact the vendor,
When you have questions, ANY QUESTION!, even legalese questions.
+1 off topic.
Re:That's a nice server you got there (Score:4, Interesting)
Re: (Score:2)
By that measure then no need for Toyota to recall anything. You paid for the current version of the vehicle so they can just charge to fix your death trap. As long as its reasonable, labor, parts of course! I'm waiting for someone to set a legal precedent here. The day a software company becomes liable for negligence will forever change IT. I can see it happening at a hospital where access to vital information was lost and someone dies.
Except the motor industry (probably more specifically *safety* in the motor industry) is regulated, the software industry is not. So Toyota are legally required to ensure their car designs/manufacturing processes result in their cars meeting certain minimum safety standards, Oracle/Sun is not legally required to ensure their software does anything.
Re: (Score:3)
"It would be a shame if your nice [online] storefront got broken into and wrecked. Yeah, we sold you that front door and lock. Well, you should know there's a little problem we've discovered with it. We could fix it for you, for a price. Or you might expect to find a couple of guys have opened that lock at night and run through your place with wrecking bars, one of these mornings."
Classic protection racket. My Italian relatives would totally approve.
Re: (Score:2)
Sure, you could make the argument that it not being able to work on low memory systems as being a "bug", but what are the damages there? Maybe the retail cost of Vista? What this is about is a case where the computer was compromised form a security vulnerability that they refuse to fix unless you pay them. The damages can be very high (potentially millions of $$$). Now, I doubt an
Re: (Score:2)
Microsoft releases security updates to all of its currently supported OSes, even if they don't pass the activation process. The mindset is that even if it's a pirated version, security vulnerabilities can harm everyone if left unpatched. They don't allow pirated versions to get non-security updates.
Oracle should take a similar stance, with free security updates to your current version but anything above that should require some sort of support contract.
Re: (Score:2)
Not really.
Nothing is perfect including security. If you bought a lock and three years later someone found a way to pick it would you expect the company to give you a new lock?
I am not a FOSS zealot but if you buy a closed source OS that comes with a support system then you are silly if you expect updates for free for anything.
Even if the company you bought from does provide free security patches eventually the OS will be EOL and those will stop.
It takes money to patch security issues and issue updates that
Re: (Score:3, Insightful)
No. But if I bought a lock that claimed to be secure, and a few months down the line someone figured out that you could unlock it by simply putting a paperclip in the end, I would expect them to give me a new lock. I expect a reasonable level of security, and I expect a reasonable length of support for that security. If they told me 1 month after purchase that they weren't going t
Re: (Score:2)
The thing is that none of the exploits are as simple as putting a paperclip in the lock.
So no it is a lot more complex of an issue than you are supposing. And a zero day exploit just means a bad guy found it first.
As I said if you don't like just pick a different company or go with a FOSS solution. It is as simple as that.
Title of Article Is Incorrect (Score:3, Informative)
The title of this article is incorrect. It should read Oracle announces its products will become less secure over time. This will be true because they will permit malware to infect a percentage of their installations, which in turn will corrupt others by providing an internal platform for hackers to penetrate otherwise secure systems. Either a product is secure or it is not. Oracle is merely announcing that their products will not be secure.
Just like Redhat (Score:3, Informative)
Re:Just like Redhat (Score:5, Informative)
o rly?
http://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/
Re:Just like Redhat (Score:5, Funny)
O'Reilly is over here: ftp://ftp.oreilly.com/ [oreilly.com]
If you don't like the game, change the rules? (Score:2)
The problem here is not that they are doing this, but that they are doing this NOW.
RHEL was pay-to-update from day one. Everyone considering RHEL knew this and could decide whether that was what they wanted to go with.
The difference here is that users who have been using Solaris for years and making do with critical updates are now unable to keep their systems secure.
Oracle is changing the rules of the game in mid-stream. That is where the problem is.
Were they to come out with Solaris 11 and proclaim THEN
Re: (Score:2)
If the two options are either to stop the Solaris project because it's generating so big losses, or continue it with paid updates, which one is better? Sure suddenly starting to pay for updates might suck a bit, but it's better than not getting those updates at all.
Re: (Score:2)
Oracle is changing the rules of the game in mid-stream.
Well, to be fair, it's not exactly Oracle that's changing the rules, it's Sun's stockholders who decided to sell to Oracle. That Oracle was going to do exactly what they're doing was pretty obvious to most who've followed these companies... the reason customers were dropping Sun during the pre-merger period was hardly the regulatory dragging, but rather the high power suction device snaking towards their wallet.
Sooner or later, you pay for what you get.
Re:Just like Redhat (Score:4, Insightful)
Oracle is redistributing the works of others... just as if they were passing around copies of msoffice.
Now of course something like that comes with legal complications.
Merely claiming that this is another case of "entitlement mentality" is dishonest and *ssinine.
There's an easy solution to the GNU issue... (Score:4, Interesting)
Just because they're selling the security updates doesn't mean they're in violation. I think it's highly likely that Sun/Oracle will go right ahead and sell their updates, and make the source code available (via the web?) for the GNU parts. Offering the source for the GNU packages wouldn't cut into their sales much, as most of their customers are probably not inclined to compile this code for themselves anyway (if they were, my thinking is that they probably wouldn't be running Sun). And even if they were, they'd miss out on updates to the proprietary parts of the code.
I'm having trouble seeing what the big deal is here.
Re:There's an easy solution to the GNU issue... (Score:4, Insightful)
I'm having trouble seeing what the big deal is here.
Oracle is building a successful business around open source software in the full spirit of the GPL. They must be destroyed at all costs .. oh, wait.
Re: (Score:2)
Correct me if I'm wrong, but doesn't the GPL etc require source distribution only for the software covered by GPL that someone has provided to you? If they haven't provided a binary of the updated software, are they required to provide updated SOURCE for that software?
Does the GPL REALLY mean that someone is required to support the code you got from them fore
Re: (Score:2)
Correct me if I'm wrong, but doesn't the GPL etc require source distribution only for the software covered by GPL that someone has provided to you? If they haven't provided a binary of the updated software, are they required to provide updated SOURCE for that software?
Yes, if the updated binary was originally distributed from them since the GPL is implicitly transferred along with the binaries. If you got the binaries from somebody who got them from Sun, Sun still have to provide to you upon request a copy of the source code the binary was built from. They are permitted to charge reasonable costs for distributing the source, however.
Does the GPL REALLY mean that someone is required to support the code you got from them forever for free? Can I call up Walnut Creek and demand that they send me a CD of the all the updates for all the software I bought from them?
No, only for a minimum of three years, and the GPL says nothing about support - only that the source be available upon request.
Re: (Score:2)
Can they also add clauses to the support contracts so that if those customers are found distributing the source code to others, they don't get to sign up for future support?
Re: (Score:2)
Am I right that if they only distribute the patched binaries to customers who have support contracts, they only need to make the source available to those customers?
Can they also add clauses to the support contracts so that if those customers are found distributing the source code to others, they don't get to sign up for future support?
No, and no.
The source must be made available to anyone with the binary, regardless of where it came from since the GPL is transferred along with the binary. For the same reason, you cannot place additional restrictions on the use of the binary or source code.
Re: (Score:2)
CentOS is bad example because it's actually a separate branch from Red Hat. Fedora is what you're looking for, and it's usually quite up to date.
Re: (Score:2)
OpenSolaris is that project.
Re: (Score:2)
So is Oracle just gone and shot off a foot, here?
Sidestep? (Score:5, Insightful)
What may be more interesting is how Oracle/Sun is able to sidestep GNU licensing requirements since several of the Solaris cluster packs contain patches to GNU utilities and applications
The GPL doesn't prevent you from charging a fee for GNU software. It just stops you from preventing the people you sell it to from distributing it to everyone else. OpenSolaris is free and the source is available. If you are using Solaris (not OpenSolaris) then you are paying for a platform that has undergone some extra testing and comes with support guarantees. If this isn't important to you, then use OpenSolaris for free.
Re: (Score:3, Insightful)
...and I quote (from gnu.org gpl-faq
The GPL does not require you to release your modified version, or any part of it. You are free to make modifications and use them privately, without ever releasing them. This applies to organizations (including companies), too; an organization can make a modified version and use it internally without ever releasing it outside the organization.
But if you release the modified version to the public in some way, the GP
Re: (Score:2)
The reason we require the offer to be valid for any third party is so that people who receive the binaries indirectly in that way can order the source code from you.
And if I want to keep my mods private I will charge one million USD for the source. I am allowed to do this because I initially charged that much for initially distributing the binaries (to one of my shell companies, of course, which then redistributed to you). When I receive payment, the source will be mailed to you in leather-bound hardcopy, in 6pt dingbats font, and you will find that there is a 100,000 to 1 comment-to-code ratio. Enjoy your source distribution! :)
No, you are not allowed to charge an arbitrary sum for providing the source. You can charge an arbitrary sum for the binaries, since that is covered in the commercial distribution clause but the source must be provided at cost, and it must be in a machine readable form. So, the comment to code ratio will be OK, the 6pt Dingbats font is debatable, but the leather bound hard copy, while nice to keep on a shelf is expressly forbidden by the machine readable provision of the GPL.
Re: (Score:2, Informative)
Re: (Score:3, Informative)
Mr. Opportunity (Score:2, Interesting)
... is knocking on the door of the competition.
There are many ways to take news like this. For those invested, it's a blow. For the free market and those looking for marketing opportunities (cough ... I'm talking to the competition) .... this is your opportunity to do something good to us looking for solutions and yourself (in recapturing market share). Make me an offer I can't refuse.
Sidestepping Nothing (Score:5, Insightful)
They're not sidestepping anything GPL-wise. The OS patches contain some GPL binaries and some proprietary binaries. They are side by side, which means the proprietary binaries are not subject to the GPL. The entire patch package, therefor, can't be redistributed. The GPL bits within the patch can be freely redistributed. As can the source for those bits, which Sun/Oracle is (presumably) making available as they always have to comply with the GPL.
So, they are sidestepping nothing.
Re: (Score:2)
They're not sidestepping anything GPL-wise. The OS patches contain some GPL binaries and some proprietary binaries. They are side by side, which means the proprietary binaries are not subject to the GPL. The entire patch package, therefor, can't be redistributed. The GPL bits within the patch can be freely redistributed.
They're not side-stepping the GPL because the GPL is not viral. The idea that Oracle is doing something wrong really only makes sense if you think of the GPL as viral. (flame on!)
Re: (Score:3, Interesting)
I think you'll find that 'not presuming' is exactly what the parent is doing. The summary said, "What may be more interesting is how Oracle/Sun is able to sidestep GNU licensing requirements". And the poster is saying, "Hey lets slow down a second, are we sure Oracle isn't giving access to the source code to their customers?" Remember,
Re: (Score:2)
Remember, there's nothing stopping Oracle from charging for GPL source code, and they only have to provide access to the source code to the people they distribute the binaries to.
Wrong. GPLv2 [gnu.org] section 3 specifically requires the source code to be made available to any third party, regardless of where they got the binaries:
b) Accompany it with a written offer, valid for at least three years, to give any third party, for a charge no more than your cost of physically performing source distribution, a complete machine-readable copy of the corresponding source code, to be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange
GPLv3 [gnu.org] section 10 specifically grants all recipients of the code (binary or source) the same license that you have, including the right to distribution:
Each time you convey a covered work, the recipient automatically receives a license from the original licensors, to run, modify and propagate that work, subject to this License. You are not responsible for enforcing compliance by third parties with this License.
Both versions of the GPL prevent you from placing further restrictions on third party licensees. So long as Oracle make the source code available at cost, they have likely fulfilled their obligations under the GPL.
Entirely Different (Score:2)
That's an entirely different topic than what we are discussing here (whether Oracle is side-stepping the GPL by only making patches available to paying customers). That's why I said presumably and don't feel like taking the time to download the full Solaris and OpenSolaris packages to see what source is where. Considering they have OpenSolaris with all the source available for all bits we'd be worried about up (and anything GPLed in Solaris is also in OpenSolaris), I think they're good. Either way, it do
Re: (Score:2)
Additionally, there is NOTHING requiring Oracle to separate their GPL and non-GPL patch components to support people who aren't paying for support.
Precisely, the GPL specifically permits commercial distribution (i.e. for profit) of binaries, but always requires the source code to be made available at cost (i.e. not for profit)
Was to be exepected (Score:4, Insightful)
I don't want to sound negative, but I was always worried about Oracle buying Sun, for how it would impact negatively on Sun's business. For me the Oracle web site is so convoluted that it stinks of 'we designed this so that you to pay use to find it'. Everything feels designed to nickle and dime everything you try doing with them. This is based on experience of having get specific updates to fix certain known issues. If you don't agree with my perspective, I would gladly appreciate hearing about your experience.
I am a Java developer and I hope that they don't extend this to Java or any other Sun technologies with a more 'open' culture.
Re:Was to be exepected (Score:5, Informative)
I don't want to sound negative, but I was always worried about Oracle buying Sun, for how it would impact negatively on Sun's business. For me the Oracle web site is so convoluted that it stinks of 'we designed this so that you to pay use to find it'. Everything feels designed to nickle and dime everything you try doing with them. This is based on experience of having get specific updates to fix certain known issues. If you don't agree with my perspective, I would gladly appreciate hearing about your experience.
I am a Java developer and I hope that they don't extend this to Java or any other Sun technologies with a more 'open' culture.
I agree. I cringe every time I venture into the quagmire of oracle.com to obtain a CPU or look up information/patches for an older version of oracle. Sun's site was much easier to navigate through for patch clusters or specific patches themselves. Now that sun's site is folded into oracle's site, finding hardware information has become a pain. I did find that going to sunsolve still is the way to go though.
Re: (Score:2)
I don't want to sound negative, but I was always worried about Oracle buying Sun, for how it would impact negatively on Sun's business.
The Sun's business is keeping me warm during the day, providing a free energy source, and an excuse for me to wear sun glasses.
So long as it does that, I couldn't care less what any Oracle does with it.
Re:Was to be exepected (Score:5, Funny)
I wanted to play with a particular technology from a company that was acquired by a company that was acquired by Oracle. I called Oracle and got passed from department to department. Nobody had ever even heard of this technology or the company they had acquired years ago. One rep was willing to sell me a license to use the technology for many thousands of dollars even though he himself couldn't find any mention of it inside Oracle, with the caveat that I would have to FIND IT myself because he didn't have any idea where it might be. After being transferred back to the same person the fourth or fifth time I gave up with the phone and started googling for the technology. I found a web page deep inside Oracle's website that had the entire thing, source code and all, available. There were no disclaimers, there was no license, just instructions on how to download it, compile it, install it, and use it.
So I did.
I suspect Oracle is run by the Department of Motor Vehicles.
Re:Was to be exepected (Score:4, Funny)
If only Oracle had one of those data-thingamajigies that lets you search for information and retrieve it.
Re: (Score:2)
I don't want to sound negative, but I was always worried about Oracle buying Sun, for how it would impact negatively on Sun's business.
Sun's business was already in the negative. At this point, I can't blame them for trying something new to turn-around Sun's profit/loss statement:
For the quarter that ended March 29 [2009], Sun posted a net loss of $201 million, or 27 cents a share. That’s a sharp downturn from the loss of $34 million, or 4 cents a share, it reported the same period last year.
http://www.nytimes.com/2009/04/29/technology/companies/29sun.html [nytimes.com]
Just another step... (Score:3, Informative)
...and another 'I' dotted in Oracle's plan to kill off Solaris, and force Linux as their high-end product.
I only have one Solaris server left, and I'm rapidly losing any real need to keep using it.
In fact, I will probably end up migrating off of Solaris this year, just to be done with it.
Linux works just fine on my Sparc hardware, even my Ultra Enterprise 2, which hasn't seen
upgrades or replacement parts in over 10 years. (and why it's still up and running, I don't know...)
Re: (Score:3, Informative)
Re:Just another step... (Score:5, Informative)
There's a big difference - it used to be you needed a contract to use their patch update manager (and one contract covered all machines), but not just download individual patches or patch clusters (which, BTW, are integrated into the latest full OS downloads, and in fact at least one Sun person I've seen has recommended just grabbing the latest full OS download and using that to apply updates!). Now, not only do you need a contract, but you need one for each machine and OS version separately, and you can't actually buy the contracts from Oracle anyway. There's NO way to purchase them online (in fact the one link that's been posted multiple times as "I've verified this works" by Sun/Oracle people takes you to the Oracle 404 page), and when you leave your name with the pre-sales people to have sales call you, you don't get called back (since there's no way to actually talk to a sales person directly).
I suspect that Oracle is doing everything they can to passively kill Solaris without admitting it, that way they can say it wasn't their fault (or plan all along) when the regulators and shareholders come asking questions... If I had my choice, I'd be off Solaris completely, but at least for right now I don't. What's really interesting is what this is going to do to all those proprietary software vendors who require Solaris as the server OS for software used in regulatory compliance-audited environments. Since no patching = non-compliance, the ripple-effect is gonna be HUGE...
Re: (Score:3, Informative)
I think you've missed the point. Sun still made security patches generally available, Oracle have made those $$-only as well now.
Re: (Score:2)
...and another 'I' dotted in Oracle's plan to kill off Solaris, and force Linux as their high-end product.
Oracle isn't stupid about making money. They're probably seeing if Solaris can be made profitable on its own. If not, it gets the whack. But not giving it the full chance would be a foolish disposition of an asset.
Stop stepping. (Score:3, Insightful)
Yes, that was certainly the plan a year ago.
It's no longer the plan. You'll soon need to flip it around.
Solaris is now a great tool to help Oracle force people to one and only one vendor (Oracle) for just about everything. That's the new plan. And Linux fits in that plan right now, but probably won't in a few years, if they can get people to trust them as hardware vendors, and they can keep the quality of Solaris testing up.
Oracle sees Sun as a company with a LOT of great stuff, but both weak and incompe
GPL requirements (Score:2)
SUN has never been easy to deal with (Score:2)
Interestingly, we had support contracts for several SPARC machines until recently, but when the time
for renewal came around SUN didn't send any notice, and we let it go. I think of this as
"passive/aggressive" behavior on their part and seems typical of our experience with the administrative
side of SUN, although past adventures (such as wrong addresses on shipments) have been worse. .
The GPL does not apply here (Score:3, Insightful)
Presumably if you obtained the GPL binaries/source from SUN, its legal to redistribute those patches. But there is nothing in the GPL requiring SUN to give you those patches, code or binaries.
If they give you the binaries, they need to give you the source. But if they choose not to give you the binaries (i.e. you elect not to pay for a Solaris contract), they are not obligated to give you anything (binaries or source)
Re: (Score:2)
If they give you the binaries, they need to give you the source. But if they choose not to give you the binaries (i.e. you elect not to pay for a Solaris contract), they are not obligated to give you anything (binaries or source)
Correct, but as soon as they distribute the binaries to a single person or organisation, the GPL is also implicitly transferred, and so is Sun's (or Oracles) obligation to provide the source code to any third party who obtains the binary under the GPL from that person or organisation. So they are not obligated to provide you with the binaries, but they are obligated to provide you with the source if you got those binaries from another route. Though, this is time-limited. a quick scan of the GPLv2 shows that
somewhere a bunch of Sparc boxes are.... (Score:2)
Re: (Score:2)
Re: (Score:2)
At the present time I am not even considering Sparc based servers.
"de rigueur for enterprise"? Not for DB2 (Score:3, Informative)
I can't think of any IBM product on the "distributed platforms" (i.e not mainframe or i5OS) where the fixpacks are not available for free.
Industry-wide needs to pro-consumer policy (Score:4, Insightful)
Re: (Score:3, Insightful)
Industry-wide needs to pro-consumer policy
Only problem with that is Sun/Oracle aren't selling to consumers.
As a industry best practice... (Score:5, Insightful)
The frog replied "Why should I help you across because you will sting me and we will both drown."
The scorpion said "I promise not to sting you."
They are half-way across the river then the scorpion is startled by a splash of water and stings the frog. The frog cries out as his body begins to paralyze "Fool! You have doomed us both as I predicted."
The scorpion replies "Fool? What did you expect Frog? I am a scorpion."
Oracle is a Scorpion. Anyone who thought otherwise when they purchased SUN is a fool.
Re: (Score:2, Offtopic)
That is an old tale, but not told the way you wrote it. A (somewhat) corrected version:
A scorpion was travelling across the land when he came to a river. Wanting to get across, he approached a frog to help him get across.
The frog replied "Why should I help you across because you will sting me and we will both drown."
The scorpion said "I promise not to sting you."
They are half-way across the river then the scorpion is startled by a splash of water and stings the frog. The frog cries out as his body begins t
Re: (Score:2)
Re: (Score:3, Insightful)
This is why the day the deal was announced we started migrating everything we could to PostgreSQL and FreeBSD (ZFS & DTrace Support). I had decent respect for Sun and have had some damn good products and service over the past 15 years or so. Oracle is a company that I absolutely had dealing with as a vender. We *have* to support Oracle because that is what some of our clients deploy on. Doesn't mean we have to like it. Honestly, for what we do, we've only had one client that had a HA requirement an
Re: (Score:2, Informative)
Re: (Score:3, Informative)
Unless they've been stung by a Scorpion, in which case the venom will kill or paralyse them, thus preventing them from breathing.
a case of programmed cell death - apoptosis (Score:2, Interesting)
U.S.A. three letter orgs dropping Sun? (Score:2)
Re: (Score:2)
subjugate Sun (Score:2)
Funny, I was just reading this blog post last night.
Danese Cooper is a long time open source advocate who formerly worked at Sun, among others, and is recently the new CTO at the Wikimedia Foundation after the recent departure of Brion Vibber for a micro-blogging upstart.
New DivaBlog: Assimilation begins...Oracle Censors Blogs.Sun.Com [blogs.com]
Remaining Snoracle employees have until May to migrate their personal blogs to a non-Oracle-owned hosting service...but if even after such migration, anyone who mentions work on a personal blog forfeits their editorial self-determination, as Oracle believes the blog then becomes Oracle property subject to their draconian rules.
That sounds a mite drama-queeny until you factor in that she helped to create Blogs.Sun.Com and probably cared a lot about the culture of her former employer.
What you don't se
So? (Score:2)
Why do people misunderstand the GPL so? (Score:2)
GPL does not mean they have to give their product away for free to anyone who asks.
It means that whatever pieces of code they use that are under the GPL, they cannot block re-distribution of; and they must provide "access to code to customers who ask". *NOT* to "anyone". And they are free to distribute said code however they want. They can do it by insisting that the customer pay $9.95 shipping to receive just the GPL code on a CD-ROM, AND insist that only paid customers can even place this order.
But, on
Re: (Score:2)
GPL does not mean they have to give their product away for free to anyone who asks.
It means that whatever pieces of code they use that are under the GPL, they cannot block re-distribution of; and they must provide "access to code to customers who ask". *NOT* to "anyone".
Actually, not quite. In GPLv2 section 3, which you're referring to here,
b) Accompany it with a written offer, valid for at least three years, to give any third party, for a charge no more than your cost of physically performing source distribution, a complete machine-readable copy of the corresponding source code, to be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange
They *DO* have to provide source code to any third party who has a copy of the binary
Absurd! (Score:2, Insightful)
This is the most absurd piece of news I've come across this year! Why on earth should I pay to have Oracle/Sun fix their own bugs?
Obviously Security flaws are bugs. If any security vulnerabilities are identified, they should be ethically and morally obligated (ie assuming that the legal angle is unenforceable) to fix these and distribute the patches for free.
Isn't there anything called accountability/responsibility left any more?!? We are a huge Sun shop and one of the reasons we loved Sun so much is the fa
Re: (Score:2)
Unless your an enterprise sized company who needs support contracts for no other reason than it gives legal someone to sue if things go badly...
We have GPLv3'd products. Sure anyone can download them and install and compile. We have a public SVN and Git repos. However, there is no documentation or support without a service contract. Why? Those cost us a lot of time and money to produce and do right. The other part of the deal is that those who buy support agreements also get a warranty and priority bu
Re: (Score:2)