Home > HUAWEI > You’ll have to disable a recommended Android security setting to install Fortnite "Smashing Security"

You’ll have to disable a recommended Android security setting to install Fortnite "Smashing Security"

The Verge has confirmed reports that Android users wanting to play the hit game “Fortnite” won’t be able to get it from the official Google Play store:

“Epic Games announced today that it will not distribute its massively popular game Fortnite on Android through Google’s Play Store marketplace. Instead, the company plans to directly distribute the software to players through the official Fortnite website, where Android users can download a Fortnite Installer program to install the game on compatible devices.”

I can understand Epic Games feeling mightily miffed that Google tries to take a 30% cut from any sales in its online store, but encouraging Android users to download apps from non-official sources is not a good idea.

Sign up to our newsletterSecurity news, advice, and tips.

Fortnite is already available for the Sony PlayStation 4, Xbox One, Nintendo Switch, iPads and iPhones from their respective official online stores.

But Android offers users an easy route for getting apps from stores that have perhaps not been so careful in vetting their wares.

If you dig into your Android’s settings, you’ll find an option to install programs from “unknown sources”.

If you enable that option, Google is good enough to display a loud warning message:

“Your phone and personal data are more vulnerable to attack by apps from unknown sources. You agree that you are solely responsible for any damage to your phone or loss of data that may result from using these apps.”

You’ll have to disable a recommended Android security setting to install Fortnite

Interestingly, Epic Games founder Tim Sweeney tweets that things will work slightly differently if you’re one of the (small percentage) of Android users that is running the latest version of the operating system:

“A “download” button is coming to Fortnite.com . On the latest Android Oreo devices, this goes directly to a download link which installs the game following user acceptance of several security prompts – no “unknown sources” involved.”

“On earlier Android versions, the button goes to a page with instructions on enabling “unknown sources” followed by a download button, which only works once that’s enabled.”

I don’t know if this workaround for Android Oreo users is supposed to reassure me or not.The truth is that anything that makes it easier to install apps from unapproved sources actually makes me feel more uneasy.

Google’s policing of the official Android marketplace has often fallen short, but there is no doubt that installing apps from unofficial sources exposes your Android device to greater risks.

I’m not trying to suggest that I think it’s likely Epic Games will goof up and distribute a malicious version of their hit game.

But I do worry that some users might be so desperate to play Fortnite that they might forget to disable the “unknown sources” after installation, or that this will encourage more users to take a more laissez-faire attitude as to whether it’s wise to install apps regardless of their source in future.

And there will, inevitably, be online criminals who will try to trick Android users into thinking they are downloading the real Android edition of Fortnite, but instead installing malware.

Listen to more discussion about this topic in this episode of the “Smashing Security” podcast:

Smashing Security #90: 'Fortnite for Android, and the FCC's DDoS BS'

Listen on Apple Podcasts | Google Podcasts | Pocket Casts | Spotify | Other... |RSSMore episodes...

Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.

Graham Cluley •@gcluley

Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companiessince the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent security analyst, he regularly makes media appearances and is an international public speaker on the topic of computer security, hackers, and online privacy.Follow him on Twitter at @gcluley, or drop him an email.

Prev: Google mandates two years of security updates for popular phones in new Android contract

Next: United Telelinks plans Rs 2,150 crore investment in Andhra Pradesh TELECOMLEAD NEWSLETTER