Android security flaw sparks feud between Google and Fortnite

Alex LaFreniere


What began as a seemingly simple bug fix has developed into an all-out feud between Fortnite publisher Epic Games and tech giant Google. The spat comes on the heels of Fortnite’s recent debut on Android platforms.

On the heels of Fortnite’s August 15 launch for Android, Google ran a seemingly routine security check on Fortnite’s installer software, which uncovered a major design flaw that could potentially allow the install process to be hijacked by spyware, malware, or other malicious programs. The Google issue tracker page can be viewed here.

After being made aware of the issue, Epic Games quickly issued a patch the next day, six days after the initial Android launch. Android Fortnite players need not worry; anybody who has played since the release of the patch has already had it automatically installed. However, it’s when looking at the circumstances surrounding the bug and subsequent patch that things begin to get interesting.

After releasing the patch, Epic Games requested that Google delay publication of the issue report for 90 days. This 90-day delay is standard practice for such issues, but Google released the issue report a mere 7 days after the release of the patch, seemingly ignoring Epic’s delay request entirely.

Google’s own guidelines state that “After 90 days elapse or a patch has been made broadly available, the bug report – including any comments and attachments – will become visible to the public.” Since the patch was made “broadly available,” Google is technically adhering to its own guidelines by releasing the issue report early. Google also asserts that by not offering Fortnite as a download through the secure Play Store platform, Epic would be driving users towards potentially unsafe third party downloads. Epic Games CEO Tim Sweeney had other ideas regarding the report’s abrupt release.

Despite releasing Fortnite on Android, Epic Games made the well-publicized decision to circumvent Google’s Play Store. Not offering the game on the Play Store was a very public snub to Google’s omnipresent Android market. Sweeney was candid about the reasoning behind the decision, stating directly that he didn’t want to pay Google the 30% cut it requires of all apps being offered on the Play Store. You can download the game safely through Softonic:

Fortnite: Battle Royale Download Free ►

Sweeney stated “The developer pays all the costs of developing the game, operating it, marketing it, acquiring users and everything else. We’re trying to make our software available to users in as economically efficient a way as possible. That means distributing the software directly to them, taking payment through Mastercard, Visa, Paypal, and other options, and not having a store take 30 percent.”

With Fortnite raking in billions of dollars worldwide, the decision likely cost Google a significant amount of potential revenue. Sweeney asserts that his decision to circumvent the Play Store was what drove Google to both seek out the security flaw and release the issue report early. He implied as much in a series of tweets earlier this week, chastising Google for the decision.

The exchange has led to egg on the face of both parties, and Sweeney’s response could potentially be interpreted as lashing out to direct attention away from what was undeniably an extremely dangerous security flaw– one that existed undetected for several days before being patched. Sweeney asserts that the decision was Google’s public revenge, while Google asserts that it was simply due diligence. It’s become a very public feud, and one that is still developing. It seems likely that the rift between Epic Games and Google won’t be closing any time soon.

You may also like