Discussion in 'Article Discussion' started by bit-tech, 28 Aug 2018.
IIRC, Google's standard disclosure wording is: "This bug is subject to a 90 day disclosure deadline. After 90 days elapse or a patch has been made broadly available, the bug report will become visible to the public."
Epic's complaint is that while the patch was indeed made broadly available, because their deployment of Fortnite does not include any mechanism for auto-updating or even auto-notifying (i.e. it will remain on an old version until it is run manually to pull an update), Google should have waited the maximum timeframe. Which speaks more to Epic's failure to include an update mechanism than anything else, and is a good object lesson in "if it's not updated, it's not secured".[/quote]
Epic is full of it, they should be quiet. Literally nobody waits 90 days after patch is out. No need to look far away for an example. Details of Spectre and Meltdown came out at same moment patches arrived to Linux & Windows. Nobody waited for you to run apt-get dist-ugprade or Windows Update.
SPECTRE is a bad example there: a disclosure date was agreed, then one person jumped the gun and everyone had to scramble to release things ahead of schedule.
Separate names with a comma.