Fortnite developer calls Google irresponsible
Epic Games' chief executive said that Google should have postponed sharing the news publically:
"We asked Google to hold the disclosure until the update was more widely installed," tweeted Tim Sweeney. "They refused, creating an unnecessary risk for Android users in order to score cheap PR points."
"We asked Google to hold the disclosure until the update was more widely installed," tweeted Tim Sweeney. "They refused, creating an unnecessary risk for Android users in order to score cheap PR points."
There’s a technical detail here that’s important. The Fortnite installer only updates when you run it or run the game. So if a user only runs it every N days, then the update won’t be installed for N days. We felt N=90 would be much safer than N=7.
— Tim Sweeney (@TimSweeneyEpic) August 26, 2018
Google's policy is to publically disclose details of bugs and vulnerabilities 90 days after reporting them to the developers responsible if they have not been tackled, but only waits seven days after a patch is made "broadly available" to spill the beans. According to a transcript, Google's security team shared details about the security flaw with Epic on August 15. The developer got in touch two days later, saying it's "working around the clock" to fix the issue and requesting a full 90 days before Google discloses anything with the public. However, the search engine giant denied the request.
Tim Sweeny says his company is grateful that it was made aware of the issue in a timely manner, but criticizes Google for being so quick to spill the beans to everyone, "citing unnecessary risk for Android users."
Epic Games urges everyone playing Fortnite to enable two-factor verification on their Fortnite accounts.
source: BBC
