Oracle and the Responsibility for Code
Since then the value of Oracle has risen about 45%, sales are up by 63%, and profits are up 56%, on an annual basis. The market is offering a premium multiple of 16.44 for those earnings, against less than 12 for Apple (AAPL) .
The belief is that since Oracle sells database software and high-end hardware to scaled enterprises, its earnings are more certain going forward than those of a mere consumer device maker, and Sun is a big reason for this.
But is it? Oracle's hardware sales are trending down, as noted in reporting on its most recent fiscal quarter by ITWorld. Oracle was not a hardware company before buying Sun.
Oracle's response is it also acquired key software assets with Sun. These included some of the "crown jewels" of the open source movement -- the mySQL database, the OpenOffice office suite, the OpenSolaris operating system, and Java, the write-once, run-anywhere computer language.
How is that working out? Not so well.
Monty Widenius, the outspoken mySQL co-founder, told The Register in November that Oracle is breaking its promises and, in the process, sabotaging his own open source fork of the code, called MariaDB.OpenOffice has been given over to the Apache Software Foundation after European developers became so angry with Oracle's management they created their own fork of the code, called LibreOffice. Last week I linked to former Sun evangelist Simon Phipps' story about efforts to fork OpenSolaris.
But this is nothing next to what has happened with Java.
Last week the U.S. Computer Emergency Response Team, or US-CERT, issued this release telling users to disable Java 7 in their browsers due to a security threat they could not find a way to fix. Criminals are already using the flaw to infect computers, as InfoWorld noted. Even the U.S. Department of Homeland Security is issuing warnings.
The current version of Java, called Java 7, was first released in the summer of 2011, long after the Sun acquisition closed. This happened on Oracle's watch. The company has released a "fix" for the problem, but security pros are telling reporters including Charlie Osborne of ZDNet this does not go far enough, that it's best to assume Java is insecure and stop using it.
This crisis has been building for months. Slate had an article about disabling Java back in August.