Epic v. Google: everything we learned in Fortnite court
See all Stories
Kleidermacher on how bad actors could have taken advantage of the Fortnite launcher bug.
From the RAW MEETING NOTES earlier:
the installation really is a two-part issue - it’s a fortnite problem as well as a Samsung problem - Fortnite downloads to a public storage space, and Samsung has a whitelist that can easily be spoofed.
Samsung should be doing an actual signature check.
On why Google disclosed the bug publicly before 90 days:
“It is common in security research teams to disclose vulnerability information after the vulnerability is fixed,” so that others can learn from it and contribute to security research that protects others later.
Won’t say I told you so, but then, why did Google move to a 90-days-no-matter-what timeline in 2020?
