Apache's Ongoing Licensing Bout with Sun
The recently updated Java Specification Requests (JSRs) show that the licensing battle between the Apache Software Foundation and Sun Microsystems (the force behind Java) still hasn't ended after raging for seven years.
Sun's table of JSR reviews per company show nice little green check
marks next to Google, Fujitsu, HP and many others. Apache is the only one marked with a big red X. The vote log for Apache includes the statement,
"Apache must regretfully vote 'No' for JSR-316, as we contend that the spec lead - Sun Microsystems - is not complying with the JSPA [Java Specification
Participation Agreement] with respect to Java SE TCK [Technology Compatibility Kit] licensing. We believe that members of the JCP [Java Community Process] that do not comply with the letter and spirit of the governing rules should not be allowed to lead JSRs." The Java Community Process is a collaborative wherein participating developers and organizations decide about the further development of the Java programming language.
Apache Harmony, an Apache Software Foundation (ASF) project, is tasked to address any disharmony with Open Source Java SE. Developers have been
complaining that the test kit license for Java SE didn't meet the principles of free software and was too restrictive in its usage. According to the ASF,
Harmony has been using the Apache license instead of the General Public License (GPL) and the Java Compatibility Kit (JCK) license should be made
compatible. The first public complaints in this regard go as far back as 2002.
At least some parts of the Java community are pretty annoyed. The JavaLobby blog from Irish developer James Sugrue looks into the reason for the conflict and ends, "With the OpenJDK available
anyway, does Harmony still have a place in the community?" Other commentators have been looking for solutions. Red Hat, for example,
supplemented its "yes" vote with the comment, "in the future, for any submitted JSR (by Sun Microsystems or not), we will specifically expect the
spec lead to provide clear information on that aspect and take the answer in account when casting our vote."
3ROS attack tool lowers the technical bar so anyone can be an intruder.
Mozilla's latest browser offers powerful new privacy feature
If attackers are on your system, saving your passwords in a password vault is no protection.
Faulty hash algorithm persists, despite efforts by experts to raise awareness.
Powerful man-in-the-middle attack is now targeting online shopping.
Another high-profile coder says the kernel team needs a kinder, gentler culture.
Bug database has a bug of its own that could allow an intruder to create an unauthorized account.
Report focuses federal resources on achieving universal Internet access.
Leading browser makers say “no” to porous encryption algorithm