Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Oracle Attacks Open Source; Says Community-Developed Code Is Inferior

Soulskill posted 1 year,14 days | from the completely-unbiased-and-without-any-sort-of-agenda dept.

Oracle 394

sfcrazy writes "Oracle has a love-hate relationship with open source technologies. In a whitepaper (PDF) for the Deparment of Defense, Oracle claims that TCO (total cost of ownership) goes up with the use of open source. They're essentially trying to build a case for the use of their own products within the government. 'The skill required to successfully and economically blend source code into a commercially viable product is relatively scarce. It should not be done directly at government expense.' Oracle also attacks the community-based development model, calling it more insecure than company developed products. 'Government-sponsored community development approaches to software creation lack the financial incentives of commercial companies to produce low-defect, well-documented code.'"

Sorry! There are no comments related to the filter you selected.

Prejudiced much? (5, Interesting)

erroneus (253617) | 1 year,14 days | (#45135111)

That is the most insulting demonstration of hubris from Oracle I have seen in a very long time.

Re:Prejudiced much? (4, Funny)

Vanderhoth (1582661) | 1 year,14 days | (#45135207)

You should try opening you're eyes more than once a day. :P

Re:Prejudiced much? (0)

Anonymous Coward | 1 year,14 days | (#45135401)

You should try opening you're eyes more than once a day. :P

Oracle as per normal talking total and complete bollocks .

Yeah, but they nailed the "documentation" part (3, Insightful)

Anonymous Coward | 1 year,14 days | (#45135285)

Open-source documentation is like an insomniac cat. Theoretically it exists somewhere, but no one's ever seen it.

And remember, in this paper Oracle is pandering to risk-averse goverment "managers" in order to get money from them.

Re:Yeah, but they nailed the "documentation" part (4, Insightful)

dskoll (99328) | 1 year,14 days | (#45135455)

Open-source documentation is like an insomniac cat. Theoretically it exists somewhere, but no one's ever seen it.

Don't over-generalize. The open-source PostgreSQL project has the best documentation of a software project [postgresql.org] that I have ever seen, open- or closed-source.

Other open-source projects with really good documentation: The Linux man pages (documenting the Linux API), Tcl/Tk and Perl. And as far as end-user docs go, LibreOffice is fairly decent, though not in the same league as PostgreSQL.

Re:Yeah, but they nailed the "documentation" part (3, Insightful)

mstefanro (1965558) | 1 year,14 days | (#45135543)

> The Linux man pages (documenting the Linux API)
No.

Re:Yeah, but they nailed the "documentation" part (5, Insightful)

Nadaka (224565) | 1 year,14 days | (#45135473)

As opposed to Oracle error codes that are documented as "Please contact Oracle support", for shit they know about and have a patch ready for but they have you over the coals and want to extort a couple hundred grand from you.

Re:Prejudiced much? (0)

RightSaidFred99 (874576) | 1 year,14 days | (#45135323)

Hubris from Oracle only? What about the Open Source people who think they can always outdo a large, focused corporation like Oracle or MS? Hubris runs both ways.

Re:Prejudiced much? (0)

Anonymous Coward | 1 year,14 days | (#45135525)

Why just Hubris? It takes idiocy to come up with a straw man argument like that.

Re:Prejudiced much? (3, Informative)

Anonymous Coward | 1 year,14 days | (#45135545)

I came to say what you did. I would add. I have seen brilliant open source projects and crap ones. I have seen brilliant closed source ones and crap ones. That TCO thing is funny. Its like they have never bothered to buy their own flagship product. It is considered one of the highest priced finicky bits of software out there... When you have to hire 2-3 consultants just to figure out how to install and tune it something is wrong.

Re:Prejudiced much? (0)

Anonymous Coward | 1 year,14 days | (#45135561)

Careful, you're showing your own prejudice by implying that there aren't any large and focused OSS projects.

Re:Prejudiced much? (0)

Anonymous Coward | 1 year,14 days | (#45135583)

At least the Open Source hubris has been substantiated, repeatedly....

Re:Prejudiced much? (0)

Anonymous Coward | 1 year,14 days | (#45135631)

Linux, MySQL, ownCluod, Apache, nginx, hundreds of others. They outdid them all.

Re:Prejudiced much? (0)

Anonymous Coward | 1 year,14 days | (#45135355)

Or at least in the last 15 picoseconds...

Re:Prejudiced much? (1)

intermodal (534361) | 1 year,14 days | (#45135443)

I view it as a compliment rather than an insult. He seems to be confusing the negative ends of proprietary software development with its biggest problems.

Re:Prejudiced much? (0)

Anonymous Coward | 1 year,14 days | (#45135603)

You've obviously never spent much time with open source commie thugs.

Whitepaper? (5, Informative)

Anonymous Coward | 1 year,14 days | (#45135119)

Can't we just call them advertisements like the waste of time they truly are?

LOL (0)

Anonymous Coward | 1 year,14 days | (#45135121)

Not sure if I should laugh or cry.

Given Oracle DB's Track Record of Bugfixes (4, Insightful)

Anonymous Coward | 1 year,14 days | (#45135129)

the pot calling the kettle black

Re:Given Oracle DB's Track Record of Bugfixes (1)

Anonymous Coward | 1 year,14 days | (#45135299)

the pot calling the kettle black

More like the inside of the chimney calling the kettle black.

"Unbreakable" my ass!

*bitch slaps larry across the fucking mouth* (4, Insightful)

Anonymous Coward | 1 year,14 days | (#45135137)

Larry, wake the fuck up you dumbass.

Half your product line was developed through open source programmers.

Stupid mother fucker...

Re:*bitch slaps larry across the fucking mouth* (2, Informative)

Anonymous Coward | 1 year,14 days | (#45135331)

And the ones he inherited from the Sun acquisition got so pissed off with working for Oracle, they all left as soon as they could.

Like your own product (4, Funny)

Ubi_NL (313657) | 1 year,14 days | (#45135143)

Wasnt the kernel of their unbreakable linux open source as well?

Re:Like your own product (4, Informative)

djdanlib (732853) | 1 year,14 days | (#45135155)

Yes, Oracle Unbreakable Linux is repackaged Red Hat Enterprise Linux.

Re:Like your own product (5, Informative)

dyingtolive (1393037) | 1 year,14 days | (#45135347)

Blatantly, even.

[brad@icarus Desktop]$ cat /etc/oracle-release
Oracle Linux Server release 6.4
[brad@icarus Desktop]$ cat /etc/redhat-release
Red Hat Enterprise Linux Server release 6.4 (Santiago)
[brad@icarus Desktop]$ uname -a
Linux icarus 2.6.39-400.209.1.el6uek.x86_64 #1 SMP Tue Sep 10 20:39:39 PDT 2013 x86_64 x86_64 x86_64 GNU/Linux
[brad@icarus Desktop]$

At least CentOS bothered to change the redhat-release file.

Re:Like your own product (0)

Anonymous Coward | 1 year,14 days | (#45135385)

You mean "Oracle Slipshod Uneconomical Linux"?

They have 2 kernels (1)

Stone316 (629009) | 1 year,14 days | (#45135637)

One based off of RedHats and one based off Kernel.org. The RHEL kernel has alot more code it in, naturally.

http://www.oracle.com/technetwork/server-storage/linux/technologies/uekr2-features-1897094.html [oracle.com]

Some features:
PV Huge Pages
dtrace
ocsf2
btfrs
ksplice..

From what I have seen on Oracle systems OEL is better for largest systems with heavy workloads.

If your running Oracle, IMHO it makes sense to run a tuned kernel. If you've already invested in the Oracle stack, then it makes sense to me to run Oracle Linux as well. Why have unnecessary bloat in there? Sure you could always compile and tune it yourself. Any improvements are sent back to kernel.org.

FUCK YOU MICROSOFT !! (0)

Anonymous Coward | 1 year,14 days | (#45135151)

OR Oracle !! Or whoever !!

Hmmm .... (4, Informative)

gstoddart (321705) | 1 year,14 days | (#45135153)

And just what fraction of Java was community-developed?

As usual, when a company makes this kind of claim, my first thought is 'yeah right', and my second though is that it's mostly FUD to convince people to buy the crap you make.

And, if my limited exposure to Oracle Beehive and a few other things means anything ... Oracle can produce some major-league shit code on their own. That stuff was complete garbage, wasn't even what I'd call a beta, but it was being sold as if it was solid and ready for business.

Here, take a cookie... (1)

Anonymous Coward | 1 year,14 days | (#45135161)

I promise, by the time you're done eating it, you'll feel right as rain.

You got a bit wrong there, Larry... (5, Insightful)

ak_hepcat (468765) | 1 year,14 days | (#45135163)

You said "Government-sponsored community development approaches to software creation lack the financial incentives of commercial companies to produce low-defect, well-documented code."

What you really meant was "Unlike proprietary, hidden commercial code, Government-sponsored back doors in software can't be found in the traditional, open-source, many-eyes, well-documented code.

But that probably doesn't rake in the profits, does it?

Bull-shit (0)

Anonymous Coward | 1 year,14 days | (#45135165)

Bull-shit ! The only thing open source does is deny collection of huge fees. I've had more issues with purchased software.

Maybe the *financial* incentives are lacking (4, Insightful)

jdunn14 (455930) | 1 year,14 days | (#45135175)

There are many other types of incentives and I have rarely done my best work for strictly financial ones. When contributing to an open source project you have to think that somewhere someone will look at the code you write and have the ability to publicly shame you if you do something truly stupid. Standing, respect, whatever you want to call it, is a big motivator for many people. If the same thing happens in many businesses there *may* be consequences, but often as long as it works well enough to collect the customer's money it ships. Personally, I've found more fugly code turds in various closed source projects than I've touched than in the open source world.

Re:Maybe the *financial* incentives are lacking (-1)

Anonymous Coward | 1 year,14 days | (#45135271)

exactly. just look this link on the dry ice bombs at lax:

http://www.washingtonpost.com/national/another-dry-ice-explosion-reported-at-los-angeles-airport-no-one-injured/2013/10/15/6b1ddbb2-3556-11e3-89db-8002ba99b894_story.html

just cause they get paid, doesn't mean they're gruntled.

Is code all there is? (1)

Okian Warrior (537106) | 1 year,14 days | (#45135707)

Personally, I've found more fugly code turds in various closed source projects than I've touched than in the open source world.

Is code the only aspect of note in an open source project?

How is the project named? Is it something reminiscent of the function (like PaintShop Pro, Photoshop, Internet Explorer) or something entirely random, forcing more cognitive load on an uninformed user (Gimp, Firefox, Juice)? Does it have a newish, edgy name to give it that extra sizzle (pantyshot, upskirt [zdnet.com] ).

How is the project configured? Is is a list of poorly-written technobabble [latexeditor.org] ? Does the installation instructions begin with the history of the project (of which I am not interested), require other packages [google.com] which I have to research and choose, does it require cryptic installation actions and complex setup that has to be done by hand?

How does the project look? Are the panels laid out with ease-of-use [latexeditor.org] in mind, or they just show everything and "let the user arrange them as they like"? Is the text font and color scheme appropriate, or is it default, the user can choose the one they like?

Are there lots of icons [scottnesbitt.net] for every little action, no matter how small (the "kitchen sink" philosophy), or is there a well-chosen subset that balances functionality with ease-of-use? Do the icon shapes bring the function to mind, or are they more-or-less random shapes that rely on popups to tell the user what they do?

Is the documentation well-written by people who are good at explaining things, or is it just a wiki [lyx.org] editable by anyone, maintained by the users, with no real structure?

Has the code been tested by someone who is not the lead coder (and not the users)? Does the project use regression tests?

Yeah, nice code you've got there. If that's all I wanted in a product, yours would be a slam dunk.

Check their work (2)

finkployd (12902) | 1 year,14 days | (#45135179)

Go decompile some oracle fusion middleware java code sometime. I assure you that what you find will not inspire confidence.

Re:Check their work (1)

Nadaka (224565) | 1 year,14 days | (#45135499)

decompiling any code will not inspire confidence. Decompilation doesn't necessarily reproduce the original code.

Re:Check their work (2)

finkployd (12902) | 1 year,14 days | (#45135579)

Of course, but I'm talking more about overall project structuring, not line by line minutia.

Re:Check their work (2)

Sparrow_CA (783100) | 1 year,14 days | (#45135689)

I had to do this very recently with an Oracle product who's documentation was inadequate.

The fact is, it is very expensive to record every detail of highly configurable and pluggable software where the line between internal and external workings is so blurry. In this case having access to the source code can be much cheaper, as it allows the channel/community to dig out the nasty details if/when needed.

Well, we're on to stage 3... (3, Insightful)

Zelig (73519) | 1 year,14 days | (#45135181)

First they ignore you, then they laugh at you. Then they fight you, then you win.

Wouldn't Java be a counterexample? (1)

mlts (1038732) | 1 year,14 days | (#45135193)

IMHO, wouldn't Java be a example of the contrary to this? I don't know any OSS utilities or operating systems that have had as many issues as Java has had, allowing an attacker to seize control of multiple platforms.

The only thing that came close would have been sendmail in the '90s, and that lasted about 6-9 months.

Of course, Solaris is a different beast altogether, and it has stood the test of time, security-wise. However, this is more of Sun's creation than Oracle's.

Re:Wouldn't Java be a counterexample? (0)

Anonymous Coward | 1 year,14 days | (#45135305)

Java hasn't had security problems, the applet browser plugin has had security problems. Two different things. Java on the server is rock solid.

Re:Wouldn't Java be a counterexample? (1)

Nadaka (224565) | 1 year,14 days | (#45135515)

Not entirely true these days.

Re:Wouldn't Java be a counterexample? (1)

Anonymous Coward | 1 year,14 days | (#45135693)

Oh RE-ALL-YZZ ?

Just run the YaCY distributed search engine/crawler for a few days. It contains a pure-Java PDF indexer and that one will somehow drive a stake through the heart of the Java engine. YaCY can't be restarted without deleting the offending PDF.

What does that mean ? Your statement is invalid.

Re:Wouldn't Java be a counterexample? (2)

slackergod (37906) | 1 year,14 days | (#45135319)

Don't forget the open-source MySQL, which was of such good quality Oracle purchased it for a HUGE amount of money, despite already having a database product (as their primary product no less!).

Re:Wouldn't Java be a counterexample? (1)

gstoddart (321705) | 1 year,14 days | (#45135511)

Don't forget the open-source MySQL, which was of such good quality Oracle purchased it for a HUGE amount of money, despite already having a database product (as their primary product no less!).

I question how much of that was related to the quality of MySQL, and how much was controlling something people were using as an alternative to Oracle. Oracle might have been willing to pay a premium to be in control of it (I'm not suggesting MySQL wasn't any good, just that I don't trust Oracle).

From what I've seen over the years, I'm not willing to ascribe any motive to Oracle other than "how much more money can we get?".

Re:Wouldn't Java be a counterexample? (0)

Anonymous Coward | 1 year,14 days | (#45135375)

Isn't Java more of Sun's creation than Oracle's as well?

What open source project is as widely used as Java to execute code in the browser that is very secure which provides a counter point to Java? You DO realize that the security issues have to do with Java the browser plugin specifically, and not with the entire system? If you allowed your browser to download, compile and run code in say, GCC (an open source project from what I hear), the security implications would be far far worse. This hardly proves that GCC is "insecure."

Re:Wouldn't Java be a counterexample? (5, Interesting)

TopSpin (753) | 1 year,14 days | (#45135699)

wouldn't Java be a example of the contrary to this?

Yes, but not the best one. The best would be Oracle's database. Despite the fact that Oracle Database Server is not the result of a 'community-based development model,' the product has a long, ugly history of vulnerabilities. For some reason it fails to be composed of 'low-defect code,' despite apparently having all the best financial incentives. The list of vulnerabilities [cvedetails.com] is long and grows regularly.

The only reason Oracle Database Server has never been the victim of a SQL Slammer type exploit is that it is so expensive that most instances exist only well behind corporate and government firewalls that, if not well maintained, at least exist. Many SQL Server admins apparently don't believe in firewalls.

However, [Solaris] is more of Sun's creation than Oracle's.

Likewise with Java.

Not making enough money Larry? (0)

Anonymous Coward | 1 year,14 days | (#45135195)

Does anyone believe Larry after Java, Mysql e.a. within his greedy hands? He is a first class moneymaker but also a first class liar. Larry, go home!

I think we have gone directly to (0)

Anonymous Coward | 1 year,14 days | (#45135199)

HATE HATE.

Ellison is not an idiot. (0)

Anonymous Coward | 1 year,14 days | (#45135203)

He's watched McNealy praise OSS and take jabs at Microsoft while it was Linux and not Windows that was eating away at his more lucrative revenue streams. Hell, he was there to pick up the debris.

I am not talking about the merits of the argument. I am not agreeing with Oracle and saying that OSS is inferior. I am just saying OSS is a threat to companies like Oracle and therefore it is only logical that they would try to persuade their costumers that community code is inferior.

Costumers (0)

Anonymous Coward | 1 year,14 days | (#45135283)

Well, I suppose if anyone could use a good costume, it's Oracle, I guess. They're probably the ugliest company in the technology business at the moment.

SCOracle (1)

drooski (1404851) | 1 year,14 days | (#45135213)

The logic behind this white paper leads me to think that all the lawyers working on the SCO case before they lost that golden goose have changed careers and are now working for Oracle instead.

my summary (0)

Anonymous Coward | 1 year,14 days | (#45135223)

ha ha ha ha ha ha

really... well i supose they have to try

Reminds me of a discussion I had. (4, Insightful)

Anonymous Coward | 1 year,14 days | (#45135229)

As we will see, total cost of ownership (TCO) for open source software often exceeds that of commercial software. While minimizing capital expenses by acquiring “free” open source software is appealing, the up front cost of any software endeavor represents only a small fraction of the total outlay over the lifecycle of ownership and usage.

I had a similar discussion once with an engineer. We were looking at the numbers and I doubted some of the numbers. the engineer replied, "Well, that number came from somewhere!"

Me: "Yeah, out of someone's ass!"

Financial numbers are not physical constants where there's empirical evidence to back it up like say 'g'.

And the thing is, there aren't necessarily lies. You can apportion costs in many different ways and still adhere to FASB and to IRS rules.

tl;dr: Let me at those numbers and I'll prove that any Oracle solution costs way more than any F/OSS solution - and it'll pass FASB and IRS muster.

Re:Reminds me of a discussion I had. (3, Insightful)

jedidiah (1196) | 1 year,14 days | (#45135369)

Oracle sells some of the most expensive software on the planet. It's not hard to come out ahead of Oracle. You don't even need to employ Free Software to do this. You can just employ much cheaper payware.

You can buy quite a bit of in-house expertise and 3rd party consulting for what Oracle wants you to pay them.

Healthcare? (0)

Anonymous Coward | 1 year,14 days | (#45135233)

"...the financial incentives of commercial companies to produce low-defect, well-documented code.'

Even under government contract? Or in the private sector? Recently, there have been several large commercial software development efforts that have resulted in some pretty messy crash-and-burn failures.

Bleh not again (0)

Anonymous Coward | 1 year,14 days | (#45135241)

I really don't want another situation like SCO vs. Linux. It's always these companies with their own proprietary unix distros.

I'm not even sure why Oracle would say this, since Solaris uses large amounts of open-source software. (GCC and friends, X11, gnome 2, I believe binutils, etc. )
Are they saying a lot of the software on their own platform is incredibly insecure? If so, they should take up the task of rewriting and maintaining their own damn code.

Re:Bleh not again (1)

viperidaenz (2515578) | 1 year,14 days | (#45135391)

No, because Larry has waved his corporate hand over it, all that open source software he distributes is now blessed.

Partly right. (-1)

Anonymous Coward | 1 year,14 days | (#45135263)

I know it's not popular and people hate to consider opinions that vastly differ from their own but there's a grain of truth to this. You can talk about Oracle's self-interest but let's not neglect your own.

There is a cost to using open source software and it depends a lot on what you're doing. I know people working on the OpenStack space and I find it _fascinating_ what a fucking mess all that stuff is. There are 50 different components with weird names that just come and go. Pet projects that people will support then get bored with and someone will try to replace. Just sprawling, massive chaos.

Yes, I _well_ understand the many, many very popular, powerful, and extremely cost efficient open source projects out there. But maybe you should all consider that open source isn't always the answer.

Re:Partly right. (1)

king neckbeard (1801738) | 1 year,14 days | (#45135677)

There are also tons of low quality proprietary solutions, many of them being largely pet projects. There are many different metrics you can use, but at the veyr least, try to apply the same metric to both. That some proprietary software is better than some FOSS doesn't mean anything more than some FOSS being better than some proprietary software. Yes, there are tons of abandoned or otherwise low quality FOSS projects, but you could spend you whole life finding proprietary shovelware as well.

Open Source by its nature is OPEN (1)

jmelnick (812670) | 1 year,14 days | (#45135269)

Defects get found and fixed by the community. The process is driven by a desire to produce quality software that works. This seems to have been overlooked by Oracle.

Scared much? (1)

Sterculius (1675612) | 1 year,14 days | (#45135301)

Nothing strikes fear in the hearts of bloated corporations more than competent individuals banding together to produce a superior product for free. Socialism!

Re:Scared much? (0)

Anonymous Coward | 1 year,14 days | (#45135413)

This isn't how many successful open-source products work, and supporting open-source can be quite profitable. I know that the stereotype is that it's written by a bunch of altruistic nerds, but in reality, the vast majority of open-source software is written by developers under the employ of commercial companies. It's not socialism... more like friendly information sharing.

Not everything is PHP. (1)

Anonymous Coward | 1 year,14 days | (#45135315)

Not everything is terrible as PHP, Oracle.

It is funny that closed-source software is always the one that has most problems, just by ratios alone, not even number counts.

Re:Not everything is PHP. (0)

Anonymous Coward | 1 year,14 days | (#45135639)

PHP is broken exactly because it was invented with $$$ in the eyes, by a corporation (Zend Labs). Compare it to Perl, which is rock-solid, but not as idiot-friendly.

Open Source support sucks... (2)

stox (131684) | 1 year,14 days | (#45135335)

when you are silly enough to buy it from Oracle. Several shops, I am aware of, are dropping Oracle Linux because their support is worse than useless.

It almost seems that they are trying to prove open source doesn't work by supporting it so badly.

That's right Larry (1)

viperidaenz (2515578) | 1 year,14 days | (#45135367)

Because Java is defect-free.

Kettle and teapot (1)

MoFoQ (584566) | 1 year,14 days | (#45135377)

Very strange and hypocritical.

Especially since Oracle owns several products that are open-source (some that started off as open source as well).

Let's see....

VirtualBox (it has an open source edition)
MySQL
OpenSolaris
Java
Oracle Linux (Oracle repackaged version of RHEL and not started from a company they bought out)
And Oracle Linux is used as a base for the following product lines from Oracle:
        Oracle Exadata
        Oracle Exalogic
        Oracle Big Data Appliance
        Oracle Exalytics
        Oracle Database Appliance

I'm sure there's more that people can list....but for me....I don't give a rat's arse about Oracle...shoot, I was rooting for the Kiwi's in the America's Cup and I live in the Bay Area.

not entirely false (1, Informative)

smash (1351) | 1 year,14 days | (#45135381)

Compare the level of integration and usability between say, OS X or BeOS, to your typical linux distribution. Compare how many times a typical component of the open source ecosystem goes through a major API breaking re-write because the core design was so badly broken that maintaining API compatibility was either too difficult or impossible.

Open source is many things, but a generator of superior code, reliably, it is not.

There is masses of half-assed, broken, wretched and downright brain-damaged open source code out there, and anyone who claims otherwise doesn't know what they're talking about. Much of it is written as a quick and dirty hack to solve an individual's problem and then released, with scant regard to long term maintainability.

Yes, there are some gems, but they are hidden amongst many many times more garbage.

The good thing is you can fix it, if needed, and the software will evolve. But typically commercial software has gone through that process several times before it gets to market, because despite what people here may say about microsoft, not many people will pay good money for completely broken crap that doesn't work.

Re:not entirely false (1)

roc97007 (608802) | 1 year,14 days | (#45135569)

You're right.

But you're also right that the big advantage of open source, as anyone who has posted a code fix can say, is that it can be fixed. And the fix is scrutinized by other developers and knowledgeable users, so half-assed fixes are more likely to be called out. I submit that this is especially important with security issues, for several reasons.

How often have we had to endure for years (sometimes decades) bugs in commercial software that get passed on from one version to the next with absolutely no hope that the vendor will ever fix it?

Re:not entirely false (0)

Anonymous Coward | 1 year,14 days | (#45135615)

You are simply a $hill. We have seen Microsoft fixing "0wn the castle"-style of bugs which were inside Windows for something like 20 years. All your claims are unproven, because Microsoft hides their dirty secrets. That's probably exactly because they want no-one to see their crapola and then demand improvements.

Re:not entirely false (1)

rockmuelle (575982) | 1 year,14 days | (#45135651)

I don't have mod points today, so I'll reply and add some more supporting material. The parent's point on reliability is dead on.

When it comes to cost, we've done a lot of market research and internal analysis on the actual costs of basing a business on open source. When properly accounted for, open source can be much costlier than closed source alternatives. The basic reason is simple: open source software stacks take time to maintain.

Most organizations that use open source software have full time people dedicated to maintaining the software, just like organizations that use closed source software. However, in open source shops, the internal developers/analysts/etc (the _users_ of the software) also must maintain the software. This is where the hidden costs of open source lie. In many cases, using open source software forces everyone to become a developer, or at least a sys admin, whether they want to or not.

If someone's primary job is to analyze data for a business, they should spend most of their time either performing analysis, sharing results, or furthering their analysis skills. Instead, we've seen analysts (I work in genomics) that use open source software spend up to 80% of their time just maintaining their tools and working around limitations imposed by them. When commercial tools are available that perform the same function but without the hassle, few open source advocates will even consider them, even if the cost is significantly less than the cost of the time they spend messing with open source tools.

Oracle's probably not the best company to be leading this conversation, but it's important enough that the software community should engage in it. There was a time when commercial and open source solutions coexisted peacefully. It'd be nice to see some balance return.

-Chris

Re:not entirely false (0)

Anonymous Coward | 1 year,14 days | (#45135713)

Your entire post could just as easily apply to closed-source software. Amazing!

They are preparing for healthcare.gov post mortem (0)

Anonymous Coward | 1 year,14 days | (#45135387)

It looks like Oracle could not handle the load and now they are saying Oracle is better than open source solutions. It might be that two month are needed to port data from Oracle database into something bigtable-like and they are afraid.

Let's see if I've got this. (5, Insightful)

thevirtualcat (1071504) | 1 year,14 days | (#45135397)

Oracle: "We're buying Sun. Next step is to dismantle (MySQL,) close (Solaris, Java,) dissolve (OpenOffice) and generally disrupt all of Sun's open source properties that we can."

Community: "What? You can't do that!"

Oracle: "Watch us!"

Community: "Well, we'll just fork it."

Oracle: "S---! The forks (MariaDB, Percona, OpenIndiana, LibreOffice) and their pre-existing competitors (Linux, FreeBSD, Dalvik) are getting more popular than our versions! READY THE FUD CANNONS!"

certainly theres an alternative. (1)

nimbius (983462) | 1 year,14 days | (#45135403)

worthy of mentioning...

unbreakable linux?
MySQL?
solaris? you know the project you guys killed for no apparent reason?

And no one is listening... (1)

MikeRT (947531) | 1 year,14 days | (#45135409)

Oracle has been losing mindshare in the government market for years. They cost too damn much and people are starting to realize that PostgreSQL, MySQL and MS SQL Server really do the exact same damn thing as Oracle for 95% of the meaningful use cases out there. Add on to that that a highly qualified system administrator can learn how to become a decent administrator of any of those with a little ramp up time and of course Oracle is scared of open source (and Microsoft but that's a different story).

Prove it (1)

Nethemas the Great (909900) | 1 year,14 days | (#45135411)

...calling it more insecure than company developed products.

Prove it. Lets see the source.

NSA? (1)

Anonymous Coward | 1 year,14 days | (#45135445)

The NSA has a much easier time getting backdoors set up through corporate code rather than community code. I wonder if they put any pressure on Oracle to say this.

Burning the candle at both ends. (4, Insightful)

Dega704 (1454673) | 1 year,14 days | (#45135453)

Says the company that borrows from an open source project and puts the word "unbreakable in front of it..... In any case I suppose their point is supported by the fact that current government spending on proprietary software is soooo efficient. :S

Glad we forked LibreOffice off (1)

Anonymous Coward | 1 year,14 days | (#45135461)

I think we all knew they were evil, so this is no surprise to me. Although I hope our government asks the French police how Ubuntu is working out for them, because last time they made a statement, they were saving a *lot* of money.

So why not sell their open source commodities? (1)

mark-t (151149) | 1 year,14 days | (#45135467)

If open source is so bad, surely maintaining open source projects is a liability, so why not sell them off to an interested party who's willing to take that headache away for them? I'm sure they'd find a few interested parties if the price was right.

I really can't stand hypocrites.

The Copy-Paste Consultant Company? (0)

Anonymous Coward | 1 year,14 days | (#45135471)

A company I worked for had some Oracle consultants hired (in order to teach the opaque mess that was their cobbled-together app-server and portal at the time). What they produced was obviously pasted from code examples they had available, instead of actually understanding the code. As useful as telemarketers, then, except far more expensive.

They sound kind of like the Daleks (3, Insightful)

Daetrin (576516) | 1 year,14 days | (#45135483)

Community developed code is insecure! Community developed code is inferior! Open source must be exterminated! Exterminate! Exterminate!

Of course in the show the Daleks are supposed to be a huge threat, but they're also kind of laughable. Slow, clumsy, thrown together using whatever crap happened to by lying around at the time.

So i guess that kind of fits Oracle and its software as well.

like, duh (1)

roc97007 (608802) | 1 year,14 days | (#45135489)

> Oracle claims that TCO (total cost of ownership) goes up with the use of open source.

Sure. In related news, Weston Bakeries says that homemade bread is more expensive and not nearly as high quality as Wonder Bread.

> 'Government-sponsored community development approaches to software creation lack the financial incentives of commercial companies to produce low-defect, well-documented code.'

Yeah, because community development doesn't care about bugs because they can sell you the software and then sell you massively profitable service contracts to fix their products.

Hey.... Waaaait a minute!

Open Source is closed source you can look at. (0)

Anonymous Coward | 1 year,14 days | (#45135503)

Pick a project submit a patch, politics takes over, and it's rejected. Just look at webp support for Firefox.

Sure, you can maintain your patch and keep applying it to every release that comes out, but ...

This just in... (1)

nightfire-unique (253895) | 1 year,14 days | (#45135507)

McDonalds proclaims home-cooked meals more expensive and difficult to make than eating at their restaurant.

What do you expect?? (4, Insightful)

Stone316 (629009) | 1 year,14 days | (#45135509)

Do you expect them to say open source has a lower TCO? They are bidding/positioning themselves for contracts. If you were a real estate agent on a client interview and asked about a competitor, would you give them a glowing review? I doubt it.

There are many factors which contribute to TCO and the code itself is just one piece.

Security, both OpenSource and Oracle have fallen short in this area. In some cases Oracle has left security bugs sitting for a very long time. Sometimes until called on it publicly. However, with open source your relying on the code maintainers to put in a fix quick. Alot of times they do but that depends on the software and how actively supported it is. Sure, you can modify the code yourself but that affects TCO.

We have both Oracle and open source software in house. Based on our experiences i'm not sure that the open source software has a lower TCO than its more commercial alternative. The upfront costs to open source are cheaper but the long term support costs were higher. Before I get flamed, i'm talking about a particular open source product. Since i'm posting from work i'll leave specifics out of it. But the point is, just because its open source doesn't always mean overall TCO is lower. You have to do the analysis on a product by product basis and factor in both upfront and long term costs.

CORRUPTION (1)

Anonymous Coward | 1 year,14 days | (#45135529)

As a former Oracle RDBMS user, I know that EXACTLY THE OPPOSITE is true:

You could shoot down the Oracle Listener by

$ telnet oraserver.myEmployer.com 1521

and some random typing on the keyboard. No passwords or accounts required whatsoever.

If you can do that, it is almost sure that one could build an exploit out of that thing.

The fact that Oracle can get away with this kind of shit claims is just a testimony on the corruption of the Western World (which the US is the leader).

And yeah, I read Microsoft is equally shitty. MySQL can be crashed by "oversized" integers and the like.

Re:CORRUPTION (1)

vikingpower (768921) | 1 year,14 days | (#45135697)

That is funny. In the year 2000, I discovered a similar listener bug - it only existed on Windows NT, funnily enough. This is how it went ( remember that Win NT had something called "hardware profiles" ): define and instantiate a listener, with its default 1521 port, on hardware profile 1. Run it for a short time. Disable the hardware profile, activate another one. Now define and instantiate a listener, again with the default 1521 port. Now telnet on it. Type random characters. BSOD guaranteed on the host after some typing in the client telnet session. And that was PRODUCTION code, folks !

Larry's gone full SCO. (1)

Anonymous Coward | 1 year,14 days | (#45135565)

Never go full SCO.

Did I hear that right? (1)

Minwee (522556) | 1 year,14 days | (#45135575)

Have archaeologists discovered something with a _higher_ total cost of ownership than running Oracle?

I'm having trouble believing that is possible.

Company Calls Competing Product Inferior (1)

Arancaytar (966377) | 1 year,14 days | (#45135581)

Holy shit, this is incredible news!

Oracle is insane (1)

WaffleMonster (969671) | 1 year,14 days | (#45135593)

A company with the track record of Oracle does not get to have an opinion on who can write "secure" code.

Only true in some circumstances (1)

ErichTheRed (39327) | 1 year,14 days | (#45135611)

One of the things I have noticed about commercial software is this...if you pay enough money, they will make sure things work for you.

I'm not saying that's a good or bad thing, just relaying my experience. Our company is a big CA and Oracle customer, and we use a lot of their products in production. All of it is absolute crap, and extremely poorly documented. I can't believe how much work it is to get an Oracle instance running and properly secured/tuned compared to something like SQL Server. But, when you call, your problems are solved even if they have to drag the guy who wrote your problem module out of his cave. One CA product I work with uses a completely proprietary message queue interface to pass messages between different chunks of the product code, and it's over 20 years old. Like I mentioned, one phone call and a few logfiles later, and I had a fix for my problem. The software is God-awful and I can't stand working with it, but at least it's fixable. Who knows what dev resource they had to resurrect from the dead to make the change...but it was made.

Beyond the "scared proprietary dev shop" feelings this piece seems to indicate, I think Oracle is trying to make the point that OSS doesn't necessarily offer you the same level of "we'll move heaven and earth to make your product work." This can be a valid argument with executive types who want to minimize risk. Again, I am not saying it's right, and there are plenty of great support resources for Linux out there...look no further than Red Hat, that's what they make their money on. But, there still is the perception that if big support organizations aren't built around a product, it must be a hobbyist toy.

The other thing that I'm not so convinced that OSS is good at is the user experience. Developers don't make good GUI designers. Look at any line-of-business Java monstrosity you've had to use for work...it's just not a top priority. Of course, Microsoft managed to destroy 21 years of the Windows desktop with Win8, so closed source companies can screw up too.

Pay the people who knows (1)

robmv (855035) | 1 year,14 days | (#45135645)

The skill required to successfully and economically blend source code into a commercially viable product is relatively scarce. It should not be done directly at government expense

That is why you pay people like Red Hat, Suse, and many other OSS providers, and you know what Oracle, it is a lot cheaper than what you provide

The cycle continues (1)

sl4shd0rk (755837) | 1 year,14 days | (#45135647)

Overbloated software from private sector sold to government at exorbitant cost with large helping of vendor lock-in to ensure future licensing scheme and render alternatives incompatible.

How Can I Trust Them? (0)

Anonymous Coward | 1 year,14 days | (#45135673)

How do I know that closed, commercially developed code is lower defect and better documented? Am I meant to take Oracle's word for it?

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?