Oracle was responsible for my first complaint, while I was doing my first internship in the US. Because once I used my private laptop with the VirtualBox Extension Pack while connected to the work network. The incredible legal/licensing team got in touch because they identified this use. Since than I avoid Oracle like plague.
They just went ahead and sent us an invoice. Sales by extortion... so I made sure to replace our JRE in places (where Oracle snuck in) and uninstall anything else Oracle across our fleet.
A great deal of Spring is based on classpath scanning and reflection; I don't think any such thing as ServiceLoader exists in golang, and my experience with the golang reflection has been "this is clearly solving some other problem than the one I have"
> Why do you think Microsoft is now back in Java land with their own distribution
Because they have enough engineers to throw at any big environment where they can potentially expand in the future and having own distribution for an app layer lays foundations for new Azure services? (edit: checked after the response; first paragraph: "Java at Microsoft spans from Azure to Minecraft, across SQL Server to Visual Studio Code" - yeah, I think I got it)
So .NET was born out of legal issues with Java, and those critical issues happen to be written in Java instead of .NET, by the company that created .NET in first place, so much for "Dotnet - it's already ahead..."
And here are some examples where .NET is hardly ahead, it isn't even there.
Among other several use cases outside mainstream computing, there are many JVM vendors out there, in the similar vein as C and C++ ones.
And naturally the elephant in the room, Android with its Android Java flavour, with Xamarin not really offering a good development experience, to the point Xamarin rants are quite easy to find on the interwebs (it remains to be seen if MAUI is any better).
Oh yeah when I worked at Oracle they'd do these kinds of shakedowns even on stuff people were paying to host. This was pre OCI though, dunno if they're still doing it. Felt like something the mob would do.
Nice company you have there, shame if something were unlicensed eh?
It wasn't originally their product. It came with the Sun Microsystems acquisition. Sun themselves acquired Virtualbox close to selling to Oracle. Sun never monetized their products well, hence their demise.
I recall SGI were eaten more by Windows NT + off the shelf OpenGL graphics card than Linux. (But Linux also, of course. All non display output which was ran on SGI/Irix could be ran cheaper on Linux.)
Same still last year, except now the unit cost nearly doubled. We pay for a handful of VMware licenses instead now, which is 10x cheaper (more expensive per license, but you don't need a literal hundred of them). I'm convinced that the only reason for this is so that Oracle can send invoices to companies using the evaluation license for this ridiculous minimum amount without it seeming worth a challenge in court when one only has four machines and doesn't need a hundred licenses.
Something similar happened to me, but with Qt. I installed Qt Open Source at home to compile OpenMSX debugger (a hobby project to which I have contributed). I don't know why I used my work email account instead of my personal one. The next day at work, we received a call from Qt with threats saying that we had to buy a licence.
Still by law firm ORACLE; this software thing is just a side business to extract licence fees out of companies that thought they could use this for free.
And if they find out you've been using it commercially (even just your home machine you have a non-running copy on connecting to your company's VPN network) without an existing licence, they're squeezing your balls in open court.
I looked it up, $50 per licence with a 100 licence minimum.
Shame, Id pay per licence if I could, but instead I’ll probably just block their traffic and breach their licence. I doubt they can legally enforce those terms in Australia.
They might not be able to enforce shrinkwrap terms but they can definitely (threaten to) sue for copyright infringement. (Which could be a criminal charge too depending on how cozy your government is currently with the US)
Sure, but I know virtualbox well. I’d love to use kvm but the seamless file sharing and network bridging on virtual box is near seamless, regardless of how hacky it is.
Has anyone had luck getting decent GUI performance (macOS host, Linux guest)? I don't need 3D, just sane 2D performance.
The last time I tried this, it was so bad that I had to drastically decrease the window size to get reasonable performance. As in, it would basically lock up above a certain window size, and no reasonable amount of waiting would get it to respond. (And yes, I fiddled with all of the obvious knobs for CPU/memory/graphics/etc.) I figure in this day and age of AWS and the like, we should have very, very good open source virtualization software, but no amount of fiddling seems to get it to work well for me.
The only way I've been able to get good virtualized 2D performance without providing a GPU directly to the VM has been to use a display manager where you can disable compositing. Otherwise, you end up having to use a software 3D rasterizer like LLVMpipe, which can be quite slow.
The native display managers for XFCE, MATE, and (I believe) KDE allow you to disable compositing. GNOME and Unity's native display managers don't (AFAIK). I have no idea if display compositing can be disabled on macOS.
Check out VirGL and the virtio-gpu projects. Is already available in qemu if you're willing to do some work. Virtualized OpenGL (and soon Vulkan?) access to the host GPU inside the VM.
e: my memory slips me, I've already run vulkan apps in qemu.
Granted this was ChromeOS[0], but ultimately it's the same qemu. You just need the right flags and for the guest to have a mesa driver aware of virtio-gpu.
Chromeos uses crosvm, not qemu. Qemu uses virgl to provide opengl, but I think vulkan is still in the works. You can use crosvm on Linux too,works pretty well, it uses a newer version of virgl to provide vulkan.
I use 4K screens. Virtualbox is literally unusable at those resolutions. I have to run VMs at 1080p and upscale them in Virtualbox. At 4k, simple actions such as opening the start menu take several seconds.
VMWare does this much better, but is a pain to run on up-to-date kernels.
I discovered a few days ago that VMware now offer a 'Fusion 12 Player', which is free (as in beer) albeit you have to register to get the download + key. Might be worth looking into that?
Vmware has the best implementation of a paravirtualized GPU IMO, and has for probably a decade. Somehow this rarely comes up, but VMware itself seems to only begrudgingly want to sell their workstation products at this point.
I had an issue thinking UI was slow, but it turned up that mouse pointer integration issue - simple check: get a USB mouse and inject that USB device into VM.
Still not as good (as I remember VMware would provide), but better!
BTW, tested 7.0 just now -- anecdotally Ubuntu's UI does not feel any faster and somehow still depends on the resolution not the size of the window being moved
It might have been because the guest was trying to do 3D compositing without acceleration. 3D acceleration was in really bad shape in VirtualBox 6, being completely unusable on nVidia cards and buggy elsewhere. The release notes say they finally fixed it so I'm excited to give it another shot.
If you want great video performance you are doing it wrong. You can watch videos probably but I've never gotten good sound performance out of it. Most of my development is backend and web and it's fine for that. You absolutely have to not skimp on ram, cores, and need at least an SSD. I find it acceptable for what I do (rust windows programming) when I give it enough cpus on the 8 core system. Sure it's not straightup native but it's okay. You have obviously install all the guest additions (open source ones) to get about the best you're going to expect.
GUI performance was never great, but neither was it that bad either. Certainly nothing like you've described. This is with Windows and Linux hosts, running Linux or BSD guests
Virtualbox 6.0 had PCI passthrough on Linux hosts. I was using it. Then I have updated to 6.1 to discover that they have removed it. I am afraid of going to 7 and see that other things are missing too :-)
What value does vm encryption have? I’d rather encrypt my host and leave my vms unencrypted, given it would be possible to back door virtual box binaries given an unencrypted file system, or keylog keys assuming a remote breach.
You could have a VM where you do your secret stuff, and then shut it down when you are done and nobody can access it without the key.
It doesn't help against sophisticated keyloggers on the host (although I'd assume you would have a little bit of protection if you don't normally work as admin). It is more for the case that your PC gets stolen, or confiscated by authorities.
I think my PCs which shipped with full disc encryption are secure (Windows, macOS), but I never looked into it in detail. And I don't know for sure who could access it besides me (my job, Microsoft/Apple, law enforcement). My old shared desktop PC is definitely not encrypted. I only really have confidence in the Linux laptop I set up.
So for me it would be a privacy and comfort win to just have a small VM for sensitive stuff which is easy to encrypt.
I used to encrypt ubuntu or home directory, these days I just use virtualbox's vm encryption, worked well so far.
virtualbox over the years is very helpful to me and I'm grateful for it. The only problem I had is that it can not handle high throughput under stress(e.g. build full Android release leads to filesystem corruption), for 99% of the time it is very usable.
Virtualbox VM encryption can be useful if the host hypervisor is compromised and the unauthorized party uploads data on disk that the host can trivially access (as is frequently the case with ransomware).
I don’t understand your comment at all. Ransomware can encrypt and encrypted virtual machine. If the host is compromised at a privilege level able to read or modify the VM, the vm is also implicitly compromised.
> If the host is compromised at a privilege level able to read
Multi-user systems exists, compromise may be at user-level. Sure, if you have root/SYSTEM level access then all bets are off, but defense is like an ogre - it has layers.
In what scenario can you read/modify virtual box vms on a shared system in which you can’t read enough of a user profile to compromise an active user session to compromise encrypted credentials?
Can you name any scenarios where virtualbox is used in a multi user environment where bare metal shell/fs access is possible that are actually real world? If so I would be telling those entities their architecture is wrong and they would probably save on TCO by re-engineering things.
Defence in depth is a legitimate argument under some use cases, but your argument seems to be in favour of over engineering redundant or theoretical security controls rather than creating actual defensible environments.
> In what scenario can you read/modify virtual box vms on a shared system in which you can’t read enough of a user profile to compromise an active user session to compromise encrypted credentials?
Any type of shared storage, eg NFS/SMB share or even a local disks/RAID for storing VMs.
Also:
>> When Oracle VM VirtualBox has just started up the encrypted VM cannot be opened and it stays inaccessible. Also, the encrypted VM stays inaccessible if it was just registered without a password or the password is incorrect. The user needs to provide the password using VirtualBox Manager or with the following VBoxManage command:
>> VBoxManage encryptvm uuid|vmname addpassword --password filename|- --password-id ID
If such a thing were to run on the host hypervisor, it would be reading an encrypted virtual disk file, not its unencrypted contents (since it would be encrypted at rest on the host).
I suppose it would be possible for the ransomware to be aware of Virtualbox and somehow manipulate Virtualbox's management plane to get access to unencrypted disk data, but unless you're the victim of a targeted ransomware attack, that's pretty unlikely.
You can also rot13 the files to the same effect. Works unless they specifically target your files and are aware of the encryption. Heck, it might be more "secure" because this practice would be more obscure than the encryption they built in.
I don’t think there is anything stopping anyone from building a competing extension pack which is 100% open source, and includes whatever useful features Oracle’s has (RDP is the most obviously useful; some people would benefit from the PXE support). One could potentially reuse code from other (GPL-compatible) open source projects in doing so.
Also, one could make a fork which just rebrands it and removes all references to non-open source components - a bit like what Oracle themselves do to RHEL.
While I agree with this in principal, I'd guess the folks who have the low-level programming chops to execute such a thing are probably a very small list, and of those finding ones which want to spend their weekends(?) trying to keep up with VirtualBox releases (in Subversion of all things!) would be an even smaller list
I think a “just rebrand it and remove all mention of Oracle’s proprietary extension pack” fork wouldn’t require much “low level programming chops” at all. You could probably even automate a lot of it, with manual intervention only required for branding-related changes (which I assume would be rare). My biggest concern about doing it would be the macOS kexts - will Oracle’s trademark policy allow you to redistribute their kext binaries along with a fork, or force you to rebuild them under a new ID? If the later, will Apple approve it (for any special entitlements it might use)? Not an issue for Linux and Windows builds anyway.
Even stuff like RDP, I haven’t looked at the VirtualBox code in detail, but I assume there would be some interfaces to isolate display clients from the low-level technical details of the graphics card emulation-so it might not actually require as much “low-level chops” as you might think.
But your last point about not many people want to spend their weekends on it is spot-on: I myself am not volunteering to do any of this. Between my day job and a young family, don’t have as much time for personal projects as I used to, and what time I do have I’d rather expend towards other goals.
They can't? You mean Oracle can send you an invoice for using the VirtualBox GPL version your Linux distro provides for free? Never heard of that before, could you please share more details?
Is there a documented case of Oracle suing somebody for using VirtualBox on a company network? They have no way of knowing if it is some private person on a guest WiFi or if it is used in production. I know Oracle is famously litigious, but I've only heard about this in cases of CAD software.
I'm all for being professional and paying for your tools, but it seems VirtualBox is in the class of "haha I'm not paying for that" like TeamViewer and WinRAR.
Looks like Fraunhoffer and Dolby intend to go after any commercial product using Opus, and demand fees. They claim this is only for hardware devices … for now. As to software, they only state they do not intend to go after open source software. But since Virtualbox is also commercial software, Oracle is at risk.
VirtualBox itself is GPL3 licensed. However the Addon for fast USB etc. which is an extra download is proprietary. To my understanding Sun tried to open source that as well, but it contained third party code they couldn't open up.
Oh nice, then I don't need that extension anymore. (RDP, disk encryption, netboot seem to be proprietary only, which aren't things I use on that layer in the stack)
Does it support WSL2 inside VM? If you want to use it with USB 2.0 commercially: can you buy a single commercial license or do you still need to buy with "minimum order quantity: 100" for US$50.00 each[1]?
Anyone have suggestion on how to run a Linux Window manager on ARM OSX? I’ve tried running the native x11 client and several virtual machines, and they all felt sluggish compared to native.
I guess I’ll eventually dual boot, but it would nice to have iMessage as an alt-tab.
Sounds strange I know but without doubt what works best for me is freexrdp. It's good enough to feel native if you do not use 3d acceleration or heavy 2d acceleration. Even videoplayback is okay.
On OSX then just use any RDP client to your liking to connect to the vm/container.
UTM is really good. It’s basically just a nice GUI around QEMU. But their bundled version of QEMU also includes a patch to get SPICE working, the homebrew and Macports versions don’t have SPICE working so clipboard access and auto display resizing doesn’t work. Or at least I couldn’t get them to work.
The Ubuntu ARM image from their “gallery” works perfectly out of the box so is a good starting point.
This is a good hack, and it works better than a lot of alternatives, albeit Linux-on-Linux VMs have arguably few uses since systemd-nspawn exists (so you can just --bind the Pipewire socket in the VM)
I'd say that Docker has replaced more Linux-on-Linux VMs than has systemd-nspawn. That said, I'm seriously interested in what GP is doing that he's forwarding audio. Maybe testing desktop distros? Circumventing DRM? Multiseating an office with thinclients?
Docker is fine and dandy, but sometimes you just need to run an Ubuntu container that has to be persistent to run a few tests. debootstrap + systemd-nspawn -bD is amazing at that.
I am also curious about why GP needs audio in Linux VMs - I did similar tricks too but with Windows VMs, in order to pass-through my microphone to shoddy Windows-only corporate chat apps, but I never had the same necessity under Linux to be honest.
>I am also curious about why GP needs audio in Linux VMs
$dayjob requires an Ubuntu installation with certain security characteristics and certain software installed. And I'm not going to install Ubuntu or do any of those other things to my actual machines :)
I also have a Docker container (well, podman container) of Ubuntu, for running closed-source applications like Discord and Steam. For that one I do indeed just volume-mount the PA socket instead of ssh-forwarding it.
I moved from vbox to qemu/kvm. Windows UI was much faster on vbox thanks to its 3D acceleration solution. That is kind of translation layer which utilizes/shares your host GPU. I couldn't get such performance gains with qemu/kvm. Possibly it is available with dedicated GPU passed thru to the guest, but my laptop only has one GPU taken by the host.
This is indeed a real sore spot for qemu/kvm. VMware has good tech here as well.
One thing you may be able to do is use GVT-g to use a time slice of your Intel iGPU and pass that through. But it doesn't work on all Intel iGPUs and will never be available on newer Intel hardware.
I have read a bit about SR-IOV and MxGPU of AMD, but they also seem to be not available in consumer grade Ryzen 7 laptops. So far I need Windows to do some minor MSVS dev or Edge web testing which is absolutely manageable with software emulation.
UTM. It's qemu under the hood and will emulate x86 if you want it to. (Or other architectures, it runs Mac OS 9 under an emulated PowerPC perfectly. Great fun.)
But it's not quick. I would not attempt to run a modern Windows on it, I don't think it would work due to a lack of performance.
Is this comment supposed to indicate that’s expensive? A fast food meal to support the development of an intuitive GUI wrapper around a piece of software I may use for hours on end? There’s also a free download on their website.
It's both free and open source (https://github.com/utmapp/UTM). You can pay 10$ to get automatic updates, which IMHO is a very fair price and you are helping support the project.
I basically just want to continue using vagrant, ansible, and ubuntu on my M1 -- what's currently the best stack for that? I tried out Parallels, but there don't seem to be any reputable and up-to-date Ubuntu images for it.
Vagrant + vmware plugin + vmware fusion tech preview. All open source (and free). It does work on my M1 (e.g., I'm able to spin up 4 Ubuntu VMs on my M1 for playing around with Ansible and deployments. Each VM with its own static IP). Now, you either have to trust on one of the Vagrant images for ARM available on Vagrant Cloud, or bake our own using, for instance, Packer.
Bento is good (but they do not have the newest Ubuntu vagrant images for ARM afaik, hence the need to either trust in other not-so-well-known users or bake your own). Can't say about Roboxes.
Not sure why people downvoted, but I am also missing Vagrant. I need to configure multiple VMs for various testing, and having Vagrant to spin up a lot of VMs, and run everything I need, that is something I would want to see with vagrant and virtualbox again.
Vagrant allows you to configure a script that will create several VMs in the configuration you need. I, for example, use it to create a real Kubernetes cluster with 3 masters and several compute workers.
You mean on M1. On x86 it is pretty fast. Basic stuff is usable but try Java on a x86 VM on M1 (the Java program I need has a lot of .so compiled for x86 so no choice)
I was a big user of dual boot and VFIO, but thanks to the advent of Proton and the recent Wine improvements (DXVK, ...) I've found myself rebooting into Windows for gaming less and less over the course of the last few years. Sure, not everything works, but basically everything single player does with just a few hiccups.
Have you considered just not playing the games that require Windows? There are _plenty_ of really great Linux games. If not, I'd love to know why. I'm not being polemic, I'm not a gamer, but simply avoiding games that don't run on Linux seems rather easy today.
VMWare has actually a decent "forward-based" GPU virtualization support. The performance is bad (on my system, around 25% of native), but for old games, it's enough. I'm hoping that VirtualBox 7.0 will have similar performance (and support; it had 3d virtualization already, but it was very poor).
You _can_ use various hooks to dynamically bind and unbind on a single GPU system but that would be another degree of difficulty for newcomers (on top of potential buginess throughout the stack).
As to the latter part of your first sentence, I believe that virtio-gl works in the manner you describe. Thought it is Linux only. I have experimented with it on Proxmox and it works well enough.
VFIO does work, but it's hacky, so it's very inconvenient unless one has plenty of time and patience.
For example, AMD GPUs don't support rebar (took a while to figure out), and they used to have (I don't know if it's been definitely solved) a problem with reset, which caused random lockups when exiting the VM.
Additionally, power saving/device ownership must be handled. Which means: either one terminates the X session each time before starting/after stopping the VM (so X will handle the power management), or they leave the card owned by the vfio driver (but this makes the card run hot while sitting doing nothing, because the vfio driver doesn't handle the power management), or they swap drivers on the fly hoping that it will work fine (on nvidia, it's not a stable strategy; no idea on AMD).
And these are just a few issues. I've experienced others in the past, and it's very frustrating and time consuming.
With all these problems, a combination of dual boot (for demanding 3d tasks) and VMWare (for light ones) is much simpler, and stable. I hope to replace VMWare with VirtualBox for the latter use case.
VirtualBox is cross-platform; runs on Linux, Mac, Windows. Images are portable. As a sibling notes, the Windows built-in is Hyper-V. Or if you don’t like your money, VMWare.
The free player is what earlier on was the normal version of Fusion.
So you only lack the professional features like connect to a vSphere host, have the network editor and a few other smaller issues.
See the Compare tab at [0] for a complete list.
edit:
Oh.. and if you meant VMware Workstation Player then see this list [1]