Epic And Google Clash Over Fortnite Vulnerability
When it comes to mobile gaming there's a lot of money at stake. Big studios pump a lot of money into trying to lure about a billion people who are eye-deep in their handset's touchscreen. However, just because you toss out a mobile app for iOS or Android devices doesn't mean that it's going to be free of issues. Recently, Epic Games and Google have been clashing over the mobile version of Fortnite. More specifically, the companies are going at it over the issue of a perceived vulnerability within the mobile app.
Ars Technica is reporting that Google has supposedly identified a "Man-in-the-disk" or MITD vulnerability within the installer for Fortnite. This is despite the fact that Fortnite is not available on Google Play's distribution store. Why? Well, Epic Games decided to bypass the Google Play store because CEO Tim Sweeney believed that the studio and the game was big enough to do without a distribution platform like Google Play. Gamers are well enough aware of Fortnite that Epic could afford to distribute it directly from their own website instead of going through other third-party distribution outlets.
Forfeiting going through third-party conduits means that Epic Games does not have to pay a 30% distributors fee to sell its game through Google Play. It's the same as Epic avoiding having Fortnite on Steam, wherein the company would have to pay a 30% distributors fee to Valve. Instead, Epic has refrained from these distribution pipelines in order to connect directly with users.
However, Google has hounded the Fortnite client to check for security vulnerabilities. The company noted that the vulnerability wasn't picked up by the Samsung security API, and that this could lead to security problems. Specifically, it was a bug that could be exploited in the APK when installing the program, and it was brought to the attention of Epic via a filing on August 15th.
The next day Epic took note of the vulnerability and issued a hotfix to address the issue in the Fortnite installer for mobile devices.
Things got a little hairy between the two because Epic requested that Google not share the bug report with the public until 90 days later, which would give gamers enough time to update the installer. Google, however, decided to publish the report findings seven days after Epic fixed the bug for the Battle Royale game. And while the bug is fixed, making the vulnerability public means that some nefarious individual could technically use that as a means to compromise installers that have not been updated.
Epic Games' Tim Sweeney told the media that Google publishing the findings so soon after the bug was fixed was "irresponsible."
CINEMABLEND NEWSLETTER
Your Daily Blend of Entertainment News
Essentially there's a moral quandary at play here between Epic not finding what could have been a potentially dangerous Fortnite vulnerability for mobile users, and Google publicly sharing the information before the patched installer was thoroughly saturated.
Some are arguing that Google did this as a way to nudge Epic to put Fortnite on the Google Play store so that the installer could regularly be checked for updates through Google's distribution platform, while others argue that Epic not wanting to pay the distribution fee has potentially put mobile users of Fortnite at risk. It's a tricky scenario, no doubt.
Staff Writer at CinemaBlend.
Harrison Ford Explains Why He Was ‘A Little Concerned’ Taking Over As Thunderbolt Ross For Captain America 4, But I’m More Excited By The Director Hyping Him Up As Red Hulk
Tom Selleck 'Can't Figure Out' Why CBS Is Ending Blue Bloods, And He Even Proposed A Plan For How They Could Keep It Around
I Was Shook When Jerry Bruckheimer Made A Wild Claim About Daisy Ridley's The Young Woman And The Sea Screenings, But Then I Remembered What He Said About Top Gun: Maverick