Feeds

Java fragmentation threatens as Oracle-Apache talks stall

No 'Harmony' for Android

3 Big data security analytics techniques

Updated Google's Android will continue to run an unauthorized version of Java for the foreseeable future — something the Apache Software Foundation has warned will fragment the community.

Talks between the ASF and database giant Oracle on tests that could certify the open source version of Java running on Android have made no progress, the group told us.

Android implements ASF's Project Harmony — specifically, a Virtual Machine called Dalvik built on a subset of Harmony that recompiles Harmony class libraries for mobile devices with limited resources.

The ASF told The Reg that it has been in discussions to finally certify Harmony with Oracle, and other members of the Java Community Process (JCP), for the last few months.

Lack of movement poses a real problem. The big dog of Java mobile is Java Micro Edition (Java ME), which is on three million devices such as BlackBerries. Google's Android is growing fast, though, with a nine per cent share of the US smartphone market according to comScore and Nielsen.

If Android's growth continues — and it will with Google as its parent and OEMs such as Motorola and HTC delivering devices — it promises to establish a large base. And that will mean two Java camps: the tested and certified versus the untested and uncertified.

ASF president Justin Erenkrantz warned that if Harmony continues to go untested and uncertified, Java developers should be worried about fragmentation if the two camps drift further apart over time as more features are added to both Harmony and Android.

This is the second time Android's been snagged by fragmentation. Last year, Android's driver code was kicked out of the Linux kernel tree by Linux developer Greg Kroah-Hartman, who argued that Android is incompatible with the main project. Now there's genuine concern that Google's Linux and the main Linux kernel are growing apart.

"For now, it is pretty easy to take your standard Java library and use it on your Android device. However, as optimizations and innovations appear within the Android platform as well as within Harmony, this will inevitably lead to a fragmentation," Erenkrantz said.

"While this has not stopped Google innovating with Dalvik JVM (as an example), it does mean that it's not something that can officially be fed back into the rest of the 'certified' Java ecosystem.

"As the divide becomes inevitably larger between J2ME [now Java ME] and Android, developers will be forced to either add the complexity of making their applications work on both from the same code base, splitting the codebases, or simply choose one platform over the other."

ASF has promised to make things difficult for Oracle on the JCP until the matter is resolved. Erenkrantz said the ASF — a JCP member with voting power — will reject changes on specs for new versions of Java, claiming that they violate the group's governing agreement.

"Until Oracle agrees to permit permissive licensed implementations to receive a compatibility kit without 'field of use' restrictions, Apache will continue to try to educate the community on why harnessing innovation inside of the 'certified' Java ecosystem is so important but only if it doesn't restrict where the code can be utilized," Erenkrantz warned.

And that's what this whole thing boils down to. The tools used to validate independent implementations of Java such as Harmony are the Test Compatibility Kits (TCKs), which — unlike the rest of Java — are not available under an open source license.

ASF says Harmony cannot be certified as compatible with the official Java Standard Edition (Java SE) spec because of the field of use terms that accompany the TCKs. These would restrict how and where Harmony is used and - in this case - would limit Harmony to only running on desktop machines.

ASF says restrictions on the Harmony codebase would mean it cannot distribute Harmony to users under the Apache License.

The problem has fallen in Oracle's lap since it bought Sun Microsystems. Sun had overall stewardship of Java, leadership of most Java projects in the JCP, and power of veto on the JCP. It was Sun's decision to not open source the TCKs at the time it opened the rest of Java in a move that sparked a four-year public feud with the ASF. Today, just one open-source version of Java SE has been certified: OpenJDK, that was led by Sun.

Erenkrantz said: "Until this situation is resolved, we lack the ability to have [Harmony] certified and be considered on the same terms as OpenJDK."

ASF's president called the impasse and potential fallout disheartening. "Since this problem is rooted in legal and political issues, it's disheartening to see that developers are going to be forced to [choose between Android/Harmony and Java ME] for largely non-technical reasons. It simply didn't have to be this way," he said.

Oracle was asked for its side of the story, but — once again — declined to comment. ®

This article has been updated to clarify that it's TCK field of use restrictions that prohibit the ASF's ability to certify.

SANS - Survey on application security programs

More from The Register

next story
Android engineer: We DIDN'T copy Apple OR follow Samsung's orders
Veep testifies for Samsung during Apple patent trial
This time it's 'Personal': new Office 365 sub covers just two devices
Redmond also brings Office into Google's back yard
Batten down the hatches, Ubuntu 14.04 LTS due in TWO DAYS
Admins dab straining server brows in advance of Trusty Tahr's long-term support landing
Microsoft lobs pre-release Windows Phone 8.1 at devs who dare
App makers can load it before anyone else, but if they do they're stuck with it
Half of Twitter's 'active users' are SILENT STALKERS
Nearly 50% have NEVER tweeted a word
Windows XP still has 27 per cent market share on its deathbed
Windows 7 making some gains on XP Death Day
Internet-of-stuff startup dumps NoSQL for ... SQL?
NoSQL taste great at first but lacks proper nutrients, says startup cloud whiz
Windows 8.1, which you probably haven't upgraded to yet, ALREADY OBSOLETE
Pre-Update versions of new Windows version will no longer support patches
Microsoft TIER SMEAR changes app prices whether devs ask or not
Some go up, some go down, Redmond goes silent
Red Hat to ship RHEL 7 release candidate with a taste of container tech
Grab 'near-final' version of next Enterprise Linux next week
prev story

Whitepapers

Designing a defence for mobile apps
In this whitepaper learn the various considerations for defending mobile applications; from the mobile application architecture itself to the myriad testing technologies needed to properly assess mobile applications risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.