Nintendo is offering up to $20,000 to those who discover vulnerabilities in the Nintendo Switch. The company previously offered that much money to those who found security flaws in the Nintendo 3DS.
Available through Hacker One, Nintendo is offering anywhere between $100 and $20,000 for vulnerabilities found with the Nintendo Switch hardware or software. Some examples given by the company include system vulnerabilities such as “privilege escalation from userland,” “kernel takeover” and takeover of “ARM TrustZone” while some vulnerabilities of “Nintendo-published applications” for the Nintendo Switch include “userland takeover.” The company is also interested in finding exploits regarding privacy and cheating.
Given that it took Nintendo some years to begin offering bug bounties for the 3DS and the Wii U, many will be glad to see the company being more proactive about its newest console. Especially as the Nintendo Switch has already been hacked and that only required the use of an existing iOS exploit that had just been repurposed for the new gaming system. Although that particular exploit was only used to show that it could be done and to look at the Switch’s operating system code, the new bug bounty should help Nintendo to identify where and how more malicious exploits can be unleashed.
This is also important given the growing (negative) reputation of the Nintendo Switch’s physical body. Since the console launched last month, players have reported several hardware issues with the system. These include at least one case of the blue screen of death and complaints about cracks near the power button. Perhaps the most well-known is that the console’s Joy-Con controllers have a synchronization problem that makes them disconnect form the console (though this has since been fixed with a bit of foam).
It would be nothing short of disastrous if the Switch also garnered a reputation as being a hacker’s playground, leaving users vulnerable to all kinds of hacks and exploits that could see their personal and payment data getting into the wrong hands. So, the sooner this bug bounty offers up some results and the sooner Nintendo gets around to patching them, the better.
Source: Hacker One