Fortnite's journey to Android has been an interesting one. After becoming a huge sensation on consoles and PC, the battle royale game landed on iOS earlier and 2018, and just this month made its way to Android. But the delay was not the surprising part, nor was the timed exclusivity for Samsung phones
. The most surprising thing was that, in order to install Fortnite, you had to download it from Epic Games
instead of the Google Play Store.
Last week, Google publically released information about a vulnerability in Epic's Fortnite installer
that could be used by hackers to load malware onto users' phones. Google even provided Epic with a video evidence that showed Fortnite installed on a Samsung handset using the official installer, and when the game was opened, a malicious app would launch instead.
Epic Games' chief executive said that Google should have postponed sharing the news publically:
"We asked Google to hold the disclosure until the update was more widely installed," tweeted Tim Sweeney. "They refused, creating an unnecessary risk for Android users in order to score cheap PR points."
Google's policy is to publically disclose details of bugs and vulnerabilities 90 days after reporting them to the developers responsible if they have not been tackled, but only waits seven days after a patch is made "broadly available" to spill the beans. According to a transcript, Google's security team shared details about the security flaw with Epic on August 15. The developer got in touch two days later, saying it's "working around the clock" to fix the issue and requesting a full 90 days before Google discloses anything with the public. However, the search engine giant denied the request.
Tim Sweeny says his company is grateful that it was made aware of the issue in a timely manner, but criticizes Google for being so quick to spill the beans to everyone, "citing unnecessary risk for Android users."
Epic Games urges everyone playing Fortnite to enable two-factor verification on their Fortnite accounts.