Published Date: 2018-08-27
| Postmortem Analysis | |
|---|---|
| Timeline | 1. The software failure incident happened in August 2018. [74795, 74867, 74480] |
| System | 1. Epic Games' Android version of Fortnite installer [74795, 74867, 74480] 2. Google's Android platform security measures [74795, 74867, 74480] |
| Responsible Organization | 1. Epic Games [74795, 74867, 74480] 2. Google [74795, 74867, 74480] |
| Impacted Organization | 1. Android users were impacted by the software failure incident reported in the news articles [74795, 74867, 74480]. |
| Software Causes | 1. A vulnerability in the Fortnite installer for Android allowed hackers to replace the app with a fake version, known as a "man-in-the-disk" attack [74867]. 2. The vulnerability was due to the Fortnite installer granting a fake app all the permissions it requested, bypassing the usual permission step in the Google Play Store [74480]. 3. Epic Games bypassed the Google Play Store, requiring users to download the game and "sideload" the app on their Android devices, which exposed users to potential security risks [74867, 74480]. |
| Non-software Causes | 1. The decision by Epic Games to bypass the Google Play Store and use their own installer for Fortnite on Android, leading to the vulnerability [74795, 74867, 74480] 2. Google's policy of disclosing vulnerabilities to the public after a certain period, even if the developers request more time to patch the issue [74795, 74867] 3. The financial incentive for Epic Games to avoid giving Google a 30% cut of in-game sales by not using the Google Play Store [74795, 74867] |
| Impacts | 1. The software failure incident involving a vulnerability in Epic Games' Fortnite installer for Android led to a situation where hackers could hijack the game's installation software to load malware [74795, 74867]. 2. Epic Games had to rush to create a fix for the vulnerability and distribute it to users after Google's security team shared details of the bug with them [74795]. 3. Google's decision to disclose the vulnerability publicly just a week after the patch was made available caused a dispute between Epic Games and Google, with Epic criticizing Google for not waiting longer before sharing the news [74795, 74867]. 4. The incident highlighted the risks associated with sideloading apps outside of the official Google Play Store, as it exposed users to potential security threats [74867]. 5. Epic Games' choice to bypass the Google Play Store to avoid giving Google a cut of sales led to the need for users to download the game through Epic's own installer, which contributed to the vulnerability issue [74795, 74867]. 6. The incident raised concerns about the security implications of popular apps like Fortnite teaching users to sideload apps, potentially normalizing risky practices [74867]. 7. Fake versions of Fortnite apps emerged following the release of the game for Android devices, with scammers taking advantage of the situation to distribute adware-laden versions of the game [74867]. |
| Preventions | 1. Utilizing Google's Play Store for distributing the Fortnite app could have prevented the software failure incident by ensuring a more secure and controlled environment for app installations [74867]. 2. Implementing a more thorough security review process for the Fortnite installer to detect and address vulnerabilities before the app's release could have prevented the incident [74480]. 3. Following standard security practices, such as promptly addressing reported vulnerabilities and applying patches in a timely manner, could have prevented the software failure incident from being exploited [74867]. |
| Fixes | 1. Epic Games fixed the vulnerability with a patch on Aug. 16 and requested that Google keep it under wraps for 90 days so players would have plenty of time to install the patch before the vulnerability became public [74867]. 2. Epic Games immediately acknowledged its mistake and fixed the bug with version 2.1.0 of the launcher on Aug. 16 [74480]. | References | 1. Epic Games 2. Google 3. Independent cyber-security experts 4. Microsoft 5. Apple 6. Samsung 7. Troy Hunt 8. Professor Steven Murdoch 9. Tim Sweeney 10. Craig Williams 11. Ciscos' Talos Intelligence Group 12. Scott Helme 13. Android Central 14. University College London |
| Category | Option | Rationale |
|---|---|---|
| Recurring | one_organization, multiple_organization | (a) The software failure incident having happened again at one_organization: The incident of a software vulnerability affecting the Android version of Fortnite due to the game's installer was reported by Google [74795]. Epic Games, the developer of Fortnite, chose to bypass the Google Play store and distribute the game through its own installer. This decision led to a vulnerability that could be exploited by hackers to load malware onto users' devices. Google discovered this vulnerability and notified Epic Games about it, prompting Epic Games to release a fix for the issue [74795]. (b) The software failure incident having happened again at multiple_organization: The incident involving a software vulnerability in the Android version of Fortnite highlights the risks associated with sideloading apps outside of the official Google Play Store [74867]. While Epic Games chose this route to avoid sharing revenue with Google, it exposed users to potential security threats. The vulnerability discovered in Fortnite's installer by Google is a type of attack known as a "man-in-the-disk" attack, which could allow malicious apps to replace legitimate ones on users' devices. This incident underscores the broader issue of security risks associated with downloading apps from sources other than official app stores [74867]. |
| Phase (Design/Operation) | design, operation | (a) In the software failure incident related to the Fortnite Android version, the failure due to the development phase can be attributed to the design aspect. Epic Games chose to bypass the Google Play store and develop its own installer for Fortnite on Android to avoid giving Google a cut of sales. This decision led to a vulnerability where hackers could hijack the game's installation software to load malware, as highlighted by Google's security team [74795, 74867]. (b) The software failure incident also involved operational issues. Users had to sideload the Fortnite app on their Android devices instead of downloading it through the official Google Play Store. This operational method increased the risk of malware attacks, as apps outside of the Play Store are more likely to contain malware. Additionally, the Fortnite installer automatically granted permissions to apps requesting access to various phone functions, potentially compromising user data [74867, 74480]. |
| Boundary (Internal/External) | within_system, outside_system | (a) within_system: - The software failure incident related to the Fortnite Android version was primarily within the system. Epic Games chose to bypass the Google Play store and use its own installer for distributing the game, which led to a vulnerability being discovered [74795, 74867]. - Google identified a vulnerability in the Fortnite installer that could allow a hacker to replace the app with a fake version, known as a "man-in-the-disk" attack. This vulnerability was within the system and required a piece of malware on the phone to exploit it [74480]. (b) outside_system: - The software failure incident also had contributing factors originating from outside the system. Google's disclosure rules dictate when vulnerabilities should be made public, and in this case, Google decided to disclose the vulnerability to the public a week after Epic Games fixed it, which was seen as a contributing factor from outside the system [74795, 74867]. - Epic Games accused Google of being "irresponsible" in disclosing the flaw affecting the Android version of Fortnite, indicating a conflict between the two companies that originated from outside the system [74795]. |
| Nature (Human/Non-human) | non-human_actions, human_actions | (a) The software failure incident occurring due to non-human actions: - The software failure incident in the articles was primarily due to a vulnerability in the Fortnite installer for Android devices that could be exploited by hackers to load malware [74867]. - Google identified a vulnerability in the Fortnite installer that could allow a rogue app to be installed and launched, potentially accessing the phone's data without the user's knowledge [74480]. - The vulnerability, known as a "man-in-the-disk" attack, could replace the real Fortnite app with a fake one after security checks were completed [74480]. (b) The software failure incident occurring due to human actions: - Epic Games chose to bypass the Google Play Store for Fortnite on Android, requiring users to download the game and "sideload" the app on their devices instead [74867]. - Epic Games' decision to bypass the Google app store was driven by the desire to avoid giving Google a 30% revenue cut, leading to potential security risks for users [74867]. - Epic Games requested Google to delay disclosing the vulnerability for 90 days after the patch was made available, but Google disclosed it publicly after a week, leading to criticism from Epic Games CEO Tim Sweeney [74867]. - There was a debate between Epic Games and Google regarding the responsible disclosure timing of the vulnerability, with Epic Games suggesting that Google should have practiced more responsible disclosure [74867]. |
| Dimension (Hardware/Software) | software | (a) The software failure incident occurring due to hardware: - There is no specific mention of the software failure incident in the provided articles being attributed to hardware issues. Therefore, it is unknown if the incident was caused by hardware failures. (b) The software failure incident occurring due to software: - The software failure incident reported in the articles is primarily attributed to software-related factors. The incident involved a vulnerability in Epic Games' original Fortnite installer for Android, which could have been exploited by hackers to install malware [Article 74480]. - Google disclosed a vulnerability in the Fortnite installer that could allow a rogue app to be installed and launched, potentially accessing a user's phone data without their knowledge [Article 74480]. - Epic Games bypassed the Google Play Store for distributing Fortnite on Android, leading to security concerns and the need for users to sideload the app, which increased the risk of malware attacks [Article 74867]. - Google's security team shared a way to fool the games' Android installer into loading malware with Epic Games, prompting the developer to work on a fix [Article 74795]. - Epic Games requested Google to delay the disclosure of the vulnerability until the update was widely installed, but Google rejected the request and made the information public sooner [Article 74795]. |
| Objective (Malicious/Non-malicious) | non-malicious | (a) The software failure incident in the articles is non-malicious. The vulnerability in the Fortnite installer for Android was discovered by a Google engineer, and Google immediately notified Epic Games about it. Epic Games acknowledged the mistake and fixed the bug promptly [74867, 74480]. (b) The software failure incident was not malicious but rather a result of a vulnerability that could have been exploited by malicious actors. The vulnerability allowed for a "man-in-the-disk" attack, where a rogue app could be installed and given access to a user's data without their knowledge. However, there is no indication that anyone was actually affected by this vulnerability [74480]. |
| Intent (Poor/Accidental Decisions) | poor_decisions | (a) The intent of the software failure incident: - The incident involving the Fortnite Android installer being vulnerable to a "man-in-the-disk" attack was primarily due to poor decisions made by Epic Games in bypassing the Google Play Store [74795, 74867, 74480]. - Epic Games chose to distribute Fortnite for Android outside of the Google Play Store to avoid giving Google a 30% cut of sales, which led to the vulnerability [74795, 74867]. - Epic Games' decision to sideload the app exposed users to risks, as apps outside of the Play Store are more likely to contain malware [74867]. - Google's security team identified the vulnerability and notified Epic Games, who fixed the issue promptly [74480]. - There was a debate between Epic Games and Google regarding the timing of disclosing the vulnerability to the public, with Epic Games criticizing Google for not waiting longer before making it public [74867]. - Epic Games' CEO, Tim Sweeney, questioned Google's responsible disclosure timing and accused Google of trying to score cheap PR points [74867]. - The vulnerability was fixed within a week, but the incident highlighted the risks associated with distributing apps outside of official app stores [74480]. |
| Capability (Incompetence/Accidental) | development_incompetence | (a) The software failure incident occurring due to development incompetence: - Epic Games faced a vulnerability in the Android version of Fortnite due to a flaw in the installer software that could be exploited by hackers to load malware [74795]. - Google discovered a vulnerability in Epic Games' original Fortnite installer for Android, allowing a rogue app to be installed and launched, potentially accessing the phone's data without user knowledge [74480]. - Epic Games bypassed Google's Play Store for Fortnite on Android, leading to security concerns and vulnerabilities [74867]. (b) The software failure incident occurring accidentally: - Google disclosed a vulnerability in Epic Games' Fortnite installer for Android, which could have been exploited by malicious apps due to a flaw in the installer [74480]. - Epic Games faced a security flaw in the Android version of Fortnite, which was discovered by a Google engineer shortly after the game's release on Android [74867]. |
| Duration | temporary | (a) The software failure incident in the articles was temporary. The incident was related to a vulnerability in Epic Games' original Fortnite installer for Android, which could have been exploited by hackers to install and launch a rogue app on users' devices [74480]. Google identified this vulnerability and notified Epic Games, who promptly fixed the issue with a patch on August 16 [74480]. There was a one-week window when users could have been affected by the vulnerability, but there is no indication that anyone was actually affected [74480]. Additionally, Google shared details of a flaw affecting the Android version of Fortnite, where hackers could hijack the game's installation software to load malware. Google's security team demonstrated a way to fool the game's Android installer into loading malware, and Epic Games responded by distributing a fix after working around the clock to create it [74795]. This incident was also temporary as a fix was provided by Epic Games in response to the vulnerability reported by Google. |
| Behaviour | crash, omission, value, other | (a) crash: - Article 74867 mentions a vulnerability in Epic Games' original Fortnite installer for Android that could have allowed a rogue app to access a user's phone data without their knowledge, which could lead to a crash of the system [74480]. (b) omission: - The software failure incident involved a vulnerability in the Fortnite installer that could have allowed a fake app to replace the real Fortnite app after security checks were complete, potentially leading to the omission of the intended functions of the system [74480]. (c) timing: - The incident involved a timing issue where Google disclosed a vulnerability in the Fortnite installer early, despite Epic Games requesting a 90-day period before disclosure to allow users to patch their devices, leading to concerns about the timing of the disclosure [74867]. (d) value: - The software failure incident could be categorized under the value behavior as it involved a vulnerability that could have allowed a fake app to gain access to a user's phone data, potentially leading to the system performing its intended functions incorrectly [74480]. (e) byzantine: - There is no specific mention of the software failure incident exhibiting a byzantine behavior in the articles. (f) other: - The software failure incident also involved Epic Games bypassing the Google Play Store for Fortnite distribution, which was considered an unorthodox and risky route, potentially leading to unexpected behavior not covered by the other options [74867]. |
| Layer | Option | Rationale |
|---|---|---|
| Perception | None | None |
| Communication | None | None |
| Application | None | None |
| Category | Option | Rationale |
|---|---|---|
| Consequence | property, delay, non-human, theoretical_consequence, other | (a) death: People lost their lives due to the software failure - There is no mention of any deaths resulting from the software failure incident in the provided articles [74795, 74867, 74480]. (b) harm: People were physically harmed due to the software failure - There is no mention of any physical harm to individuals due to the software failure incident in the provided articles [74795, 74867, 74480]. (c) basic: People's access to food or shelter was impacted because of the software failure - There is no mention of people's access to food or shelter being impacted by the software failure incident in the provided articles [74795, 74867, 74480]. (d) property: People's material goods, money, or data was impacted due to the software failure - The software failure incident led to a vulnerability that could have allowed a hacker to replace the Fortnite app with a fake version, potentially accessing users' data without their knowledge [74480]. (e) delay: People had to postpone an activity due to the software failure - Users may have had to delay playing Fortnite or taking action to secure their accounts due to the software vulnerability [74795, 74867, 74480]. (f) non-human: Non-human entities were impacted due to the software failure - The software failure incident primarily affected the security and functionality of the Fortnite app on Android devices, with potential risks to users' data and devices [74795, 74867, 74480]. (g) no_consequence: There were no real observed consequences of the software failure - The software failure incident did have consequences, particularly related to the security vulnerability in the Fortnite installer on Android devices [74795, 74867, 74480]. (h) theoretical_consequence: There were potential consequences discussed of the software failure that did not occur - The potential consequences discussed included the risk of malware being loaded onto devices through the software vulnerability, as well as the impact of disclosing the vulnerability before all users could patch their devices [74795, 74867, 74480]. (i) other: Was there consequence(s) of the software failure not described in the (a to h) options? What is the other consequence(s)? - The software failure incident highlighted the debate between Epic Games and Google regarding responsible disclosure timing and the potential risks to users' security and privacy [74795, 74867, 74480]. |
| Domain | utilities, entertainment | (a) The failed system was related to the entertainment industry, specifically the hit game Fortnite developed by Epic Games. The incident involved a vulnerability in the Android version of the game, which required users to download the game through Epic's own installer rather than the Google Play store [74795, 74867, 74480]. (g) The incident also had implications for the utilities industry, as it involved the distribution of software for a popular game that attracts millions of players. The method of sideloading the game outside of the official Google Play store raised security concerns and highlighted potential risks associated with downloading apps from sources other than the official platform [74867]. (m) The incident could be related to the technology industry, as it involved the distribution and installation of software for a mobile game on the Android platform. The vulnerability in the installer and the subsequent security issues highlighted the importance of secure software distribution practices in the technology sector [74795, 74867, 74480]. |
Article ID: 74795
Article ID: 74867
Article ID: 74480