Mike Coppola/Getty Images for Samsung
Tim Sweeney, CEO of Epic Games.
- The CEO of Epic Games, the game studio that makes battle-royale game "Fortnite," has accused Google of irresponsibly exposing a flaw in the game's security to score "cheap PR points."
- "Fortnite" came to Android phones this summer, and Epic Games chose not to host it through the Google Play app store to avoid giving Google a 30% cut of its sales.
- A Google engineer publicly identified a weakness in the security of "Fortnite" for Android.
- Epic Games CEO Tim Sweeney said revealing the flaw so quickly did nothing but give hackers a chance to exploit it.
CEO of Epic Games Tim Sweeney has spent days tweeting his discontent after a Google engineer exposed a security flaw in the code for the Android version of "Fortnite."
Responding to people on Twitter, Sweeney spent the weekend and Monday pointing out that Google was irresponsible in how quickly it revealed the flaw.
He also said that Epic Games had asked Google to hold off on publishing until it had completed an upgrade which patched up the bug, but Google refused.
Sweeney added that Google's rapid publishing of the flaw was an attempt to "score cheap PR points."
He even said the decision to announce the bug put more gamers at risk, as it could have alerted hackers to the opportunity to hack those who hadn't yet received the update.
But that wasn't the end of his complaints. He was also disappointed at how much information Google published about the security flaw. Sweeney said the company could have alerted the public to the weakness without releasing specific details about the code.
When a beta version of "Fortnite" launched on Android this summer, Epic Games made the bold decision to skip the Google Play store. Instead, players download the game directly from the game's website. Sweeney told Business Insider that this was because the 30% store tax Google charges is disproportionate.
Business Insider has contacted Google for comment.
Get the latest Google stock price here.
Android is an open platform. We released software for it. When Google identified a security flaw, we worked around the clock (literally) to fix it and release an update.
The only irresponsible thing here is Google's rapid public release of technical details.
- Tim Sweeney (@TimSweeneyEpic) August 25, 2018We asked Google to hold the disclosure until the update was more widely installed. They refused, creating an unnecessary risk for Android users in order to score cheap PR points.
- Tim Sweeney (@TimSweeneyEpic) August 25, 2018I grant that Google finding a flaw in our software and sourcing stories about the fact of it is a valid PR strategy.
But why the rapid public release of technical details? That does nothing but give hackers a chance to target unpatched users.
- Tim Sweeney (@TimSweeneyEpic) August 25, 2018Google could have disclosed the fact that a vulnerability was discovered without disclosing sufficient technical details that hackers could readily exploit it.
- Tim Sweeney (@TimSweeneyEpic) August 28, 2018