Nintendo expands bug bounty program to include the Switch

Shawn Knight

Posts: 12,597   +124
Staff member

Nintendo is wasting little time in turning to the white hat hacker community for help in providing a secure environment for people to enjoy games and services on the Switch.

The Japanese gaming giant has expanded its bug bounty program through HackerOne to include its new console, offering up a range of rewards in exchange for information regarding potentially dangerous security vulnerabilities that could lead to piracy, cheating and the sharing of content that may be inappropriate for children.

The company rolled out its bug bounty program for the 3DS in December.

Nintendo is specifically interested in system vulnerabilities regarding things like privilege escalation from userland, kernel takeover and ARM TrustZone takeover.

Qualifying vulnerabilities can earn security researchers anywhere between $100 and $20,000. Nintendo says the reward amount depends on the “importance” of the information and the quality of the report – for example, importance is higher if the vulnerability is severe, easy to replicate and so on.

According to the HackerOne website, Nintendo has only rewarded three individuals with bounties – all of which took place two days ago. The amount of those bounties and what issues they were for was not disclosed.

Nintendo launched its Switch console worldwide on March 3, 2017, and is off to a great start thus far. Shortly after launch, it was rumored that the company would be doubling down on production in order to keep up with demand.

Permalink to story.

 

namesrejected

Posts: 398   +302
If I were to find an exploit, I would first set up crowdfunding for its release. I would give Nintendo the exploit if they were to offer more than the crowdfunding. If crowdfunding offered more, I would release to the public.