Re: Epic Games threatens to sue security researchers

[Mark Rein <mrein () epicgames com>]

In-Reply-To: <01ce01c2d1f1$1beebef0$858370d4 () wks jubii dk>

Thor,

I have sent your company an apology for those completely unfortunate 
comments that I sincerely regret. We did provide an official statement 
and I was not, at the time, aware that my verbal reaction, in a moment of 
shock and surprise, was being captured for the article. 

The comment was a complete over-reaction to seeing the list of games 
including future games that have not yet been published. It had nothing 
to do with the security issues themselves, the validity of the report, or 
the way Pivx presented it to us. Pivx gave us more than fair enough 
warning of the bugs and we simply failed to fix them in the allotted 
time. We released a statement last week to the Unreal community 
indicating that "we fucked up" in not addressing these concerns within 
the given time and that we were already testing a patch with the security 
issues corrected. In addition the official statement we gave pointed out 
that we were fixing the holes and that the Pivx report was fair and 
accurate. Licensees were already provided with the source code for the 
security fixes. 

Again this was a moment-of-stupidity reaction and I sincerely apologize 
to Pivx and the entire security community. Epic has already stated that 
we will take these matters far more seriously in the future. 


Mark Rein,
Epic Games Inc.

Visit us at http://www.epicgames.com