Fortnite developer calls Google irresponsible
Fortnite's journey to Android has been an interesting one. After becoming a huge sensation on consoles and PC, the battle royale game landed on iOS earlier and 2018, and just this month made its way to Android. But the delay was not the surprising part, nor was the timed exclusivity for Samsung phones. The most surprising thing was that, in order to install Fortnite, you had to download it from Epic Games instead of the Google Play Store.
Last week, Google publically released information about a vulnerability in Epic's Fortnite installer that could be used by hackers to load malware onto users' phones. Google even provided Epic with a video evidence that showed Fortnite installed on a Samsung handset using the official installer, and when the game was opened, a malicious app would launch instead.
Epic Games urges everyone playing Fortnite to enable two-factor verification on their Fortnite accounts.
Epic Games' chief executive said that Google should have postponed sharing the news publically:
"We asked Google to hold the disclosure until the update was more widely installed," tweeted Tim Sweeney. "They refused, creating an unnecessary risk for Android users in order to score cheap PR points."
"We asked Google to hold the disclosure until the update was more widely installed," tweeted Tim Sweeney. "They refused, creating an unnecessary risk for Android users in order to score cheap PR points."
There’s a technical detail here that’s important. The Fortnite installer only updates when you run it or run the game. So if a user only runs it every N days, then the update won’t be installed for N days. We felt N=90 would be much safer than N=7.
— Tim Sweeney (@TimSweeneyEpic) August 26, 2018
Google's policy is to publically disclose details of bugs and vulnerabilities 90 days after reporting them to the developers responsible if they have not been tackled, but only waits seven days after a patch is made "broadly available" to spill the beans. According to a transcript, Google's security team shared details about the security flaw with Epic on August 15. The developer got in touch two days later, saying it's "working around the clock" to fix the issue and requesting a full 90 days before Google discloses anything with the public. However, the search engine giant denied the request.
Tim Sweeny says his company is grateful that it was made aware of the issue in a timely manner, but criticizes Google for being so quick to spill the beans to everyone, "citing unnecessary risk for Android users."
source: BBC
FCC OKs Cingular\'s purchase of AT&T Wireless
Things that are NOT allowed:
To help keep our community safe and free from spam, we apply temporary limits to newly created accounts: