mccSep 16, 2024

What's funny about Oracle is like, most tech companies, people probably feel *skeevy* about, but also most tech cos have done 1 thing you Like. Lots of people love their Apple products. You might be annoyed at Google right now but there was probably a time they made you happy in some way. Microsoft? People do like XBoxes. OpenAI has fans!

But NOBODY interacts with Oracle on purpose. Even coders don't *pick* Oracle. There's no brake on you just *resenting* Larry Ellison.

https://arstechnica.com/information-technology/2024/09/omnipresent-ai-cameras-will-ensure-good-behavior-says-larry-ellison/

Omnipresent AI cameras will ensure good behavior, says Larry Ellison

We’re going to have supervision," says billionaire Oracle co-founder Ellison.

Ars Technica
Show threadtends 
@mcc there's Oracle VM VirtualBox. I don't understand how and why it continues to exist but I feel like I should stop talking before it stops existing
Sep 16, 2024 at 10:52pmWeb
Show threadTimSep 16, 2024
@tendstofortytwo @mcc virtual box, like the jvm, came from their acquisition of Sun. I too am surprised in both cases they haven’t managed to screw them up, though I stopped following Java after Oracle got their hands on it and sued Google over trying to implement its APIs.
Show threadmccSep 16, 2024
@stiv @tendstofortytwo that's what I was thinking, yeah.
Show threadShadSterlingSep 16, 2024
@stiv @tendstofortytwo @mcc didn’t they wreck the licensing for everything Java-related? Something like changing the license for new releases to remove the guarantee that you can always keep using it without paying license fees, IIRC
Show threadBee O'Problem Sep 16, 2024

@ShadSterling @stiv @tendstofortytwo @mcc yeah and they also absolutely fucked downloading runtimes for anything more recent than Java 1.8 (from what I remember)

The only reason I still have to deal with Java crap is Minecraft and OWASP ZAP. At least Microsoft is smart enough to actually include a JRE with the game so players don't have to deal with Oracle's inexplicable decisions

Show threadvriska, thief of light Sep 17, 2024
@beeoproblem @ShadSterling @stiv @tendstofortytwo @mcc this is iirc explicitly to encourage applications to ship their own JRE instead of using the system one, since they no longer have a hard backwards compat guarantee
Show threadBee O'Problem Sep 17, 2024

@leo @ShadSterling @stiv @tendstofortytwo @mcc I guess I should be directing some of my ire onto OWASP then in that case.

Still seems like a really bad idea RE security patching. Instead of one tool managing some number of installed runtimes it's an unbounded number of tools which may or may not be secure themselves all needing to maintain JRE installs separately.

Show threadShadSterlingSep 17, 2024
@leo @beeoproblem @stiv @tendstofortytwo @mcc I remember when the point of Java was portability. If you have to ship yet another copy of the JRE with each app there’s no portability advantage.
(But I guess it’s no worse than distributing docker containers)
Show thread0xC0DEC0DE07EASep 17, 2024
@leo what the hell? That is terrible! Yeah, let me just pester the vendors of every single Java-based piece of software I run at work to give me a new release on a monthly basis… that’s going to go well.
We literally delete the censored JRE and symlink back to the system-managed one. I suppose when Fortify or Squish or whatever breaks based on a JRE compatible issue, I know who to tell the security folks to be mad at…
@beeoproblem @ShadSterling @stiv @tendstofortytwo @mcc
Show threadBee O'Problem Sep 17, 2024

@c0dec0dec0de @leo @ShadSterling @stiv @tendstofortytwo @mcc I know right.

Because nothing says security like maximizing the number of folks/systems you need to trust in order to stay up to date.

Show threadMegSep 16, 2024

@tendstofortytwo @mcc yeah I think VirtualBox might be the only real exception. It only spent one year as an independent project, then two years as part of Sun, before being acquired into Oracle, and I think that I've never known it as anything but an Oracle product (since I came to it through vagrant).

In that time it's never gotten really worse or better that I know of, it's just kind of there and really is the only open source desktop virtualization software worth much afaik.

Show threadThe DoctorSep 17, 2024
@tendstofortytwo @mcc I remain surprised they haven't killed it yet.