back to article Oracle Java license teams set to begin targeting Oracle users who don't think they use Oracle

Organizations that do not consider themselves Oracle customers, but who use Java, can expect a call from the Big Red in the next three to nine months, according to a software licensing specialist. House of Brick, which has spent years advising clients on how to manage their commercial arrangements with Oracle, said it had …

  1. OrangeDog
    Holmes

    Simple solution

    This is why everyone I know switched to an OpenJDK distribution six years ago.

    1. Doctor Syntax Silver badge

      Re: Simple solution

      Judging by the report the problem might be people in your organisation that you don't know about. Best to run your own audit, just in case.

      1. Short Fat Bald Hairy Man

        Re: Simple solution

        Used to work with a company using Apache Cassandra. Had to walk around checking whether the developers used anything else than openJDK. Quite a few had. They giggled.

    2. Anonymous Coward
      Anonymous Coward

      Re: Simple solution

      Being nuked from orbit with prejudice where I work, I think our compliance police are worse than Oracle but they sure is going to get rid of the dammed infestation.

      Nice own goal Oracle - there are plenty of open alternatives now.

  2. b0llchit Silver badge
    Facepalm

    They effectively say:

    I see you have downloaded some of our product. A shame when something would happen to your company. I'll send you a bill for the last three years. We'll send you a bigger bill next year too.

    When will people learn not to play with these criminalslawyers.

    1. nematoad Silver badge
      Unhappy

      Yes, making you an offer you cannot refuse.

      I seem to have heard of that way of doing business before.

      Avoid Oracle if you can, they are the plague, not just like it.

      1. This post has been deleted by its author

  3. Ali Dodd
    Devil

    Oracle

    not much different from a loan shark/Drug dealer.

    1. UCAP Silver badge

      Re: Oracle

      Loan sharks are far more honest than Oracle.

      1. Doctor Syntax Silver badge

        Re: Oracle

        And they're cheaper.

  4. EricM Silver badge

    A "special" kind of relationship ...

    "They don't have a relationship with Oracle. But Oracle has tracked Java SE downloads to their company. "

    Or so they might at least say...

    Make sure you _really_ do not use Oracle Java - there is literally not a single reason not to run whatever Java stuff is needed on OpenJDK these days, which needs exactly zero licenses from Oracle - and then tell Oracle to get lost.

    This is not to say that Oracle might not be trying to muddy the water by talking just about "Java" instead of their outragoulsly priced version of "Oracle-infested Java (TM)"

    1. Dan 55 Silver badge

      Re: A "special" kind of relationship ...

      Businesses shouldn't be leaving this to chance really. The company should redirect java.com to a local page which tells them to go to this network drive for 6u45 and 8u202 and if they want anything newer then here's a list of OpenJDK providers.

    2. Anonymous Coward
      Anonymous Coward

      Re: A "special" kind of relationship ...

      I can imagine lot of smaller companies are running some older software they have little idea how to manage and probably have no idea what Java is never mind a requirement to pay for a bit of their software they already thought they bought.

  5. xyz Silver badge

    Hello I'm Javid from Oracle...

    I am seeing your IP of 127.0.0.1 and seeing you have downloaded the fabulous Java. Please send much monies to my account.

    I am also seeing your computer has issues and would like to remote access to fix them.

    Lol

    1. Anonymous Coward
      Anonymous Coward

      Re: Hello I'm Javid from Oracle...

      I'm sure they phone government organisations saying:

      I'm from Oracle Licensing. I'm here to help.

    2. UnknownUnknown Silver badge

      Re: Hello I'm Javid from Oracle...

      Phish alert button pressed, or they are speaking to AI powered chatbot in the call queue.

  6. perkele

    So you download it, maybe test it, don't use it and Oracunts thinks you owe them money and sends demands for your obvious use straight away without evidence...?

    1. ciaran

      Unintended...

      Its the automatic updater. That's clearly "using"...

      1. ChrisC Silver badge

        Re: Unintended...

        Nope, not unless you can guarantee that the mere act of installing a given version of Java for evaluation purposes will NOT trigger an automatic update within the evaluation period.

        Now, that *may* be at least a semi-reasonable assumption to make if you've grabbed the latest and greatest version of the installer as part of your evaluation, provided that the installer offered for download isn't merely a lightweight shell for the autoupdater in order for *that* to pull down the actual latest and greatest version on your behalf, but what if you happened to have downloaded it a while ago but have only now got around to trying it out...

    2. seven of five Silver badge

      Almost. They'll also threaten to sue you into oblivion when you don't cough up a beeeeeeleeon doolars for the past century of java use.

    3. An_Old_Dog Silver badge

      "EVIDENCE"

      Wasn't that the economically-successful business model of a bunch of I P. trolls working for various movie-production companies (Disney, Warner Brothers, Sony, Columbia, etc.)? "Pay up or we'll sue and it will come out in public that you torrented porn!!"

      1. Ken G Silver badge

        Re: "EVIDENCE"

        You think companies will pay to avoid the embarrassment being seen to have funded Larry's yachts?

      2. fandom

        Re: "EVIDENCE"

        You downloaded porn made by Disney?

        1. Anonymous Coward
          Anonymous Coward

          Re: "EVIDENCE"

          No.

          Ahem, not made by...

  7. G2
    Black Helicopters

    not just normal downloads but probably automatic update checking too.

    i think they are not just tracking normal downloads, but also that automatic update check that is started daily / weekly in the background by pretty much ALL computers that have an Oracle JRE and/or JDK installed.

    Even if the actual installer is not downloaded from their servers, the simple fact that the automated version checker sent a version query/ajax ping to their server is probably enough to tell them that you're using Oracle Java and which particular version you are using.

    Short of being inside a walled garden / heavy firewalled network, that kind of update check is not usually blocked or considered malware by firewalls... after all, it's a "simple" version update notification check with just a few bytes transmitted from each side, right? (well, it used to be...)

    1. Anonymous Coward
      Anonymous Coward

      Re: not just normal downloads but probably automatic update checking too.

      What's the Reg's suggestion for a standard firewall category under which to place Oracle.com , java.com and the rest of their mud pen?

      "Potentially Liable \ Illegal or Unethical"

      or

      "Security risk \ Phishing"

      1. UCAP Silver badge

        Re: not just normal downloads but probably automatic update checking too.

        All of them.

  8. FirstTangoInParis Silver badge

    How’s that going to go?

    “ Oracle has deployed a whole team of people in India that are contacting organizations worldwide with claims of non-compliant Java SE usage”

    Well best they be trained in people hanging up on them then. The scammers have given these teams such a bad reputation that Oracle would have been better off using same-country nationals, but then they can’t pay them such low wages.

    There’s a reason that whenever I get a call from an 020 number I ignore it. It’s either a robot or a scammer.

    1. Grogan Silver badge

      Re: How’s that going to go?

      I just never answer phones. If someone matters, they'll leave a message. If not, they don't matter to me. That's how I operate for self employment too. My customers know they have to leave a message to get me. Or send me an email (either directly or through contact form etc.). Sure I'd get more calls if I answered my phone, but that would only mean more talking on the phone and dealing with soliciting. It's the limited time for one individual that's the bottleneck, not the number of potential customers (that's why that works for me, I mean) :-)

      1. Anonymous Coward
        Anonymous Coward

        Re: How’s that going to go?

        If I phone somebody and they don't answer I usually hang up and call again later. If still no answer it comes down to one of two approaches:

        a) If I need to contact them for something I need, I'll leave a message; or

        b) If it's something they need, I'll give up - if they need it they'll see two missed calls and it's up to them to call me back.

        If it's a company, it's not often (a) as there are other businesses I can approach. Besides, not answering the phone tells me they're probably already too busy and won't have the time to give my work sufficient attention.

        1. FIA Silver badge

          Re: How’s that going to go?

          I don't know why more people don't adopt the 'Don't answer' mechanism.

          One of the best managers I ever worked for had a reputation for not answering emails. I asked him about it once, he said it was quite deliberate, as if it was actually important they'd come find him or ring his phone.

          When he left the company you suddenly realised he'd been managing our 3 biggest projects, well.

          It also worked the other way too, he liked me as I'm one of those devs that can switch on a dime and look at a problem quickly, so he'd often ask me to take a quick look at something. I'd put the request to one side, and only ever look if he mentioned it a second time.

          It's a very effective method of filtering important from 'would be nice'.

  9. MrGrumpy
    Devil

    Mess with them

    I'm going download JavaSE, delete, download, delete, rinse and repeat, wait for my call, tell them to go and roger themselves.

  10. Locomotion69 Bronze badge
    FAIL

    Write once run everywhere

    Soon to replaced by

    Used once - dumped everywhere

  11. James O'Shea Silver badge

    I haven't had Java

    on any of my boxes since OpenOffice stopped requiring Java. No Java. No Virtual Box. No early versions of OpenOffice or derivatives thereof. No Oracle of any kind whatsoever.

    I am sure that Oracle will get around to checking for ancient (10-15-20 year old) installs. I am also certain that if they try I will tell them to fuck off and that I'll see them in court. There ain't no Oracle products on any machines I run, both professionally and personally, and there have been no Oracle products on said machines for a minimum of a decade.

    1. An_Old_Dog Silver badge
      Joke

      Re: I haven't had Java [New Extortionware]

      This new(?) Oracle policy will give rise to a new breed of extortionware.

      Once installed on a compromised device, the new extortionware collects system, network, and account data, then pops up an on-screen window:

      "Pay us €5000, or we'll install Oracle Java on your device, and then inform Oracle's License Enforcement and Revenue Collection Division."

      1. Giles C Silver badge

        Re: I haven't had Java [New Extortionware]

        Somehow I don’t see that being a joke in a few months…

    2. phil8192

      Re: I haven't had Java

      Under the Uniform Commercial Code, any debt that hasn't been collected within seven (7) years becomes noncollectable. If Oracle were to try to collect on Java installations prior to 2017, I'd tell them to go soak their head in a lake.

  12. AgTiger
    Trollface

    “We refer you to the reply given in the case of Arkell v. Pressdram.”

  13. Throatwarbler Mangrove Silver badge
    WTF?

    Legal in the EU?

    Can this possibly be legal in the EU? I would expect that it's illegal to have a EULA which inflicts this sort of licensing cost retroactively on a free download.

    Arkell vs. Pressdram seems relevant, but I'm also a big fan of Wally's responses to Dilbert.

    1. Richard 12 Silver badge

      Re: Legal in the EU?

      IANAL, but business-to-business has lesser protection. Contracts are rarely worth the paper they're written on - one of my suppliers didn't bother actually providing the service for two years before I found out, yet I couldn't enforce the refund clauses, only fire them.

      That said, the only thing that Oracle can do is take the business to court. So don't engage, just forward them straight to your lawyers.

      Audit internally and block their IP ranges in your firewalls. Take off and nuke the site from orbit, it's the only way to be sure.

    2. Curious

      Re: Legal in the EU?

      The salespeople will be shooting fish in a government provided barrel in Ireland. Just phone the accounts department.

      Ireland's revenue service provide "ROS Online Application" which bundles Java6 u15 for downloading revenue forms and filling in revenue declarations.

      Probably every accountant has it installed.

      It fails when the enclosed JRE is replaced with a modern JRE, even Adoptium 8 JRE isn't great.

    3. Phones Sheridan

      Re: Legal in the EU?

      Harvesting IPs in the EU (and the UK for the moment) is illegal under GDPR, if the machine contacting the mothership is owned by a consumer, and not a business. If oracle are then shipping IP databases off to India for them to try to identify the owner, that again I'm pretty certain is against GDPR. Time for everyone in the EU and UK to make a complaint about the Oracle IP harvesting to their local DPA / ICO "just in case". It costs nothing, but it might get Oracle in bad water with the EU.

  14. rgjnk Bronze badge
    Devil

    Not just Java

    They've been busy doing similar tracking with other products too, like downloads of the VirtualBox Extension Pack.

    1. This post has been deleted by its author

      1. MacroRodent

        Re: Not just Java

        VirtualBox also checks for updates from the mothership. I would not be surprised if the check includes information about the possibly installed extension pack. So you could be in trouble if you load it at home but use it at business.

        Pro tip: most ordinary usage of VirtualBox does not actually require the extension pack.

      2. Anonymous Coward
        Anonymous Coward

        Re: Not just Java

        or just avoid it and use the really free versions

      3. Michael Strorm Silver badge

        Re: Not just Java

        Yeah, no.

        That's the type of pointless clever-dick "get one over" suggestion you see random people make online that- in the real world- would run the very serious risk of coming back to bite your backside if Oracle had another excuse^w reason to investigate you and found out you were running that "free for personal use" software for business purposes.

        While I've no moral objection to anyone screwing over a company whose modus operandi is (to all intents and purposes) legalised extortion, you're not screwing over Oracle by running their software without paying, rather than using a free alternative. Quite the opposite, you're simply running the pointless risk of giving them an additional opportunity to get *you*.

        The sensible move isn't to use *more* Oracle software, quite the opposite- it's to move away from them in favour of alternatives wherever practical and to minimise use of *any* Oracle-encumbered software (down to, and including, ditching the lot).

  15. Anonymous Coward
    Anonymous Coward

    Back charges

    If they hit you with back charges for using the software, do you get a rebate for all the support they didn't provide during that time?

  16. Mr Dogshit

    racketeering

    UNCOUNTABLE NOUN

    Racketeering is making money from illegal activities such as threatening people or selling worthless, immoral, or illegal goods or services.

  17. Anonymous Coward
    Anonymous Coward

    Good for Oracle...

    Go Oracle.

    At this point people who use Oracle software totally deserve this. Is it possible for me to have negative sympathy for them or do I have to stay at zero?

  18. Soruk

    Right, I am going to suggest to my team that we block oracle.com, java com and sun.com at the corporate DNS servers.

    1. TVU

      Excellent, and while there might be a short upturn in Oracle extortion revenues, their greedy conduct will surely mean a much reduced user base for Oracle Java in the future.

  19. IHateWearingATie
    Stop

    "simple, low-cost"

    Not usually words one associates with Oracle, unless words like 'never' are put in front of them

  20. bud-weis-er

    Damn, I'm probably responsible for a lot of these. Database downloads too.

    Oh well, ho hum.

  21. bigtimehustler

    And presumably they just say no we are not and hang up, where is the evidence? You can't take someone to court for a download matched by IP, especially without proving usage.

  22. katrinab Silver badge
    Mushroom

    They have an IP address. Sure. But you can't sue an IP address.

    The IP address points you towards a router. But you can't sue a router.

    If they want to sue the company, they have to prove that the company authorised the download and agreed to the terms. If an employee is connecting a personal device to the company Wifi, and uses that to download Java or check for Java updates, that is entirely between the employee and Oracle. The company is not obliged to help Oracle identify the employee in question.

  23. Scene it all

    Back when I worked for the Big O for almost 20 years, I *had* to write in Java, and using their miserable home-grown internal Source Management system on top of that. I really grew to hate that verbose language and today will have nothing to do with it.

    1. Anonymous Coward
      Anonymous Coward

      I quite enjoyed Java, and grew up writing stuff with the SE JDK. But doing it for a hobby, wouldn't ever pay a license fee for it, especially with free alternatives.

      The language isn't the issue, it's the extortionate licensing. Acquire a common and free product, then charge folks for it, then threaten to sue them if they don't pay/cooperate with the audits...

  24. Mike Friedman

    This is a sure fire way to get companies to rewrite all of their Java code in other languages that don't try to shaft them every year with crappy subscription nonsense.

  25. Bitbeisser

    Information Highway Robbery now definitely has become a thing...

  26. Uh, Mike

    Resistance is not futile

    What if Oracle had trouble telling the difference between a bot and a real company with money?

  27. Herring` Silver badge

    I see how this works

    Someone in a company clicks on a link that they shouldn't have and then a shady organisation shakes them down for millions. Sounds a lot like ransomware to me.

  28. moshbox

    Oh look, yet another scam call center in India!

  29. wallaby

    Rings bells

    When they send the letters out are they introducing themselves as a Nigerian prince ?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like