Nintendo expands bug bounty program to Switch

Eric Abent - Apr 11, 2017, 12:17 pm CDT
0
Nintendo expands bug bounty program to Switch

Nintendo may not be the first company to come to mind when we’re talking about bug bounties, but looking at its new program for the Switch, maybe it should be. An extension of the bug bounties program it launched for the 3DS a few months back, Nintendo has partnered with HackerOne to find vulnerabilities in the Switch.

Depending on what you find, it could lead to a pretty substantial payday too. Rewards for this bug bounty program begin at $100 but can climb as high as $20,000, so if you bring a serious issue to Nintendo’s attention, you could certainly cash in.

Nintendo wants to prevent three key things with this bug bounty program: priacy, cheating, and “dissemination of inappropriate content to children.” Here’s what Nintendo is specifically looking for in regards to the Switch:

System vulnerabilities regarding Nintendo Switch
– Privilege escalation from userland
– Kernel takeover
– ARM TrustZone takeover

Vulnerabilities regarding Nintendo-published applications for Nintendo Switch
– Userland takeover

That page on HackerOne has recently been updated to show that Nintendo has paid three bounties since this campaign was kicked off four months ago. The amount of these rewards hasn’t been revealed, nor has Nintendo revealed the platform at the center of these bounties. It’s likely that these rewarded bounties are for the 3DS instead of the Switch, as the Switch hasn’t been commercially available for very long.

So, there you have it: Nintendo wants to hunt down vulnerabilities in the Switch and is willing to pay you for information. If you’d like to submit a report and try your luck with Nintendo’s reward system, you can go to the HackerOne campaign page by clicking the source link below.

SOURCE: HackerOne


Must Read Bits & Bytes