Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Oracle settles with the FTC over 'deceptive' Java security promises

Katherine Noyes | Dec. 22, 2015
Once finalized, the order could impose a civil penalty of US$16,000 per violation

Oracle declined to comment.

"Java was something they got with Sun whether they wanted it or not, and it didn’t get that much attention as a result," noted Rob Enderle, principal analyst with Enderle Group.

"Oracle really doesn’t do consumer-focused products, and they really aren’t set up for them," he added.

It's unlikely Oracle intended to mislead on this, Enderle suggested. Much more likely is that "they simply didn’t fully think through what they were saying."

The key violation here was actually remedied in 2014, noted Al Hilwa, a program director with IDC, but "this is a settlement after the fact, and the issue relates to the period when Oracle’s software did not remove prior versions of Java."

The settlement sets a precedent for software vendors, he added. Meanwhile, there's considerable awareness throughout the industry that the majority of security issues are related to older versions of software, Hilwa noted.

"In a sense, we have shifted in the industry to a view where software is organic and is constantly updated throughout its deployment lifecycle," he said.

 

Previous Page  1  2 

Sign up for CIO Asia eNewsletters.