Nintendo just paid off 3 people for the HackerOne Program

01b07c077f.png

Last year, Nintendo debutted its HackerOne program that involved giving a bounty of range of $100 - $20,000 to hackers that disclose their system exploits and vulnerabilities for the 3DS. Everyone thought it wouldn't work out for Nintendo, but just around last month the program was extended to include the Nintendo Switch too.

Just recently as you can see in the picture, three people were rewarded so far, however the amounts paid will not be made public. It seems as if a few hackers wouldn't mind giving out their newfound exploits for some easy cash, hopefully for the sake of the Switch hacking scene, it isn't the same with our own resident hackers.

A few examples of what information Nintendo is interested in receiving:
  • System vulnerabilities regarding Nintendo Switch
    • Privilege escalation from userland
    • Kernel takeover
    • ARM® TrustZone® takeover
  • Vulnerabilities regarding Nintendo-published applications for Nintendo Switch
    • Userland takeover
  • System vulnerabilities regarding the Nintendo 3DS family of systems
    • Privilege escalation on ARM® ARM11™ userland
    • ARM11 kernel takeover
    • ARM® ARM9™ userland takeover
    • ARM9 kernel takeover

:arrow:Source
 
Last edited by Chary,

Cha0tic

Well-Known Member
Member
Joined
Mar 14, 2013
Messages
733
Trophies
1
Age
30
XP
1,864
Country
United States
What people are finding security vulnerabilities and turning them into Nintendo so it can get fixed?
And that's a bad thing? Setting exploits aside for homebrew etc...
This is a good thing, you want Nintendo to fix these things.
They aren't snitches, you all need to grow up.

It may slow down the mod scene but at the expense of a more secure console. Last thing you need it a vulnerability being exploited in a bad way. Then you'd wish it was fixed.

Nintendos priority is making a and having a safe console that's not vulnerable to exploits, not making sure there are vulnerabilities to mod.
 

GerbilSoft

Well-Known Member
Member
Joined
Mar 8, 2012
Messages
2,395
Trophies
2
Age
34
XP
4,249
Country
United States
I am going to piss on their graves tbh. These people would rather fuck over a whole community for money. What we do is not ethical, but in a sense, what they do isn't either.
And this sort of reply is exactly why they did this. Get a payment of up to $10k from Nintendo, or deal with entitled "fans" who bitch at them for not hacking things fast enough.
 
D

Deleted User

Guest
I am going to piss on their graves tbh. These people would rather fuck over a whole community for money. What we do is not ethical, but in a sense, what they do isn't either.
People don't understand anything nowadays. If you want to contribute to something to make it even better, then why not do it? It's idiotic to say that you will piss on their graves for them just helping out Nintendo with patching useless shit which wouldn't be even useful for average user.
 

SnakeOil992

Walking bruh moment
Member
Joined
Feb 10, 2016
Messages
677
Trophies
0
Age
25
Location
Alpha Halo
XP
2,049
Country
Greece
And this sort of reply is exactly why they did this. Get a payment of up to $10k from Nintendo, or deal with entitled "fans" who bitch at them for not hacking things fast enough.
When did I bitch at them? I respect every developer/hacker here, unlike some very special people.
 
  • Like
Reactions: Soulsilve2010

the_randomizer

The Temp's official fox whisperer
Member
Joined
Apr 29, 2011
Messages
31,284
Trophies
2
Age
38
Location
Dr. Wahwee's castle
XP
18,967
Country
United States
I am going to piss on their graves tbh. These people would rather fuck over a whole community for money. What we do is not ethical, but in a sense, what they do isn't either.

And pissing on their graves doesn't make you a better man either, it's putting yourself down to a lower level, but I digress.
 

Mr. Wizard

Ending the spread of bullshit one thread at a time
Member
Joined
Mar 20, 2015
Messages
1,814
Trophies
0
Location
E8 lattice
XP
1,532
Country
Canada
It says nothing about which system was exploited.
What's to stop them from waiting a few months and covertly leaking the exploit anyway with no ties to them? Basically all they have given up are their bragging rights...
 

Lumince

Well-Known Member
Member
Joined
Aug 15, 2015
Messages
2,343
Trophies
1
XP
3,722
Country
United States
I hate snitch, they make me sick.
Hahaha, we are lucky that people actually release this stuff. If you didnt find it you cant call them a snitch :rofl2: It wasn't yours to begin with. If they wanted to they could just sell everything that they have stock piled up and anything they find for the switch. Im surprised they having since the way the community acts towards devs that like to share exploits.
 

Lumince

Well-Known Member
Member
Joined
Aug 15, 2015
Messages
2,343
Trophies
1
XP
3,722
Country
United States
At least I wouldn't choose to get paid.
If you did it as a hobby and was like "hmm I could make extra spending money on this hobby, wouldn't you though? Anyone that says they wouldn't do it are probably lying or just think its not right it keep things to themselves. They did the work and could sell it if they wanted to :rofl2: I would the the exact same thing.

--------------------- MERGED ---------------------------

Not really. Career hackers, aka white hats, are better off releasing findings early for the sake of a higher bounty and building their resume (like I said). Their priority isn't making sure people at home can circumvent security for mundane homebrew.

Also, to all of you bitching, I'll be sitting back and waiting for you to release an exploit for the "community" since this is such a big deal.
We need more people like you in this community tbh :rofl2:
 

Joom

 ❤❤❤
Member
Joined
Jan 8, 2016
Messages
6,067
Trophies
1
Location
US
Website
mogbox.net
XP
6,075
Country
United States
It is a wall of shame I'm even surprised they post usernames etc..even though they are random nonsense! but hay I'm all for hacking etc.. but at a later date maybe, not at its birth and growing so early. I think its a good thing at this time too let the Switch develop and then homebrew at a much later date I think seeing hacking on a system this early would only spell out DOOM so I'm all for it, they have done the right thing by reporting!.
Not really. Career hackers, aka white hats, are better off releasing findings early for the sake of a higher bounty and building their resume (like I said). Their priority isn't making sure people at home can circumvent security for mundane homebrew.

Also, to all of you bitching, I'll be sitting back and waiting for you to release an exploit for the "community" since this is such a big deal.
 

Shokan

Member
Newcomer
Joined
Mar 6, 2017
Messages
12
Trophies
0
Age
37
XP
163
Country
Canada
You have to weigh the benefits of monetary gain and the admiration of teenagers. Honestly, if anyone feels conflicted about doing either, then posting a write up for someone else to interpret and create a POC around that might be better for your conscience.

True, some people just can't seem to realize that the hacking scene is home of a variety of interest. Hackers aren't simply good: produce / share stuff and bad: virus / trojan. Some work for their very own private interest as a hobby. Some are willing to share openly their achievement for free and some others use their talent as a job, hired by Symantec, Nintendo etc.. or simply get paid as freelance.

Few may work only for money or for the thrill but some others are politically engaged : alter-globalization, whistleblower of the 21 century etc..
 

retrofan_k

Well-Known Member
Member
Joined
May 31, 2013
Messages
2,077
Trophies
2
Location
Caves
XP
2,462
Country
Belarus
Jeez...I know this forum is the home of pirates and script kiddies, but the replies here are still pretty immature. Traitor...snitch...wall of shame...Say, geniusses: this isn't exactly helping that so-called "cause" of you. If you're really interested in what hackers do, at least have the fucking decency to recognize a job well done, even if it isn't in your own interest.

As it turns out, there were vulnerabilities found in the kernel, and they are now patched. So? Unless you're skilled enough to find vulnerabilities/exploits/hacks yourself, don't tell others what they should or shouldn't be doing with them. This isn't the first time this community turns out to be pretty much the opposite of what the word 'community' is supposed to be about (I've seen a good handful decent hackers being boo-ed for doing something else than openly releasing everything they had), but this may very well be the last time. No, not because "all the hackers turn out to be greedy bitches" but because the people they could release their exploits are hardly more than a bunch of ungrateful bastards. :angry:

You do realize some people post for fun/ banter (hence my tongue imoji) and not take matters seriously sometimes.B-)
 
  • Like
Reactions: Deleted User

Lumince

Well-Known Member
Member
Joined
Aug 15, 2015
Messages
2,343
Trophies
1
XP
3,722
Country
United States
I am going to piss on their graves tbh. These people would rather fuck over a whole community for money. What we do is not ethical, but in a sense, what they do isn't either.
Its there work... Not yours... They could say screw it and sell it the way this community acts...
 
D

Deleted User

Guest
Its there work... Not yours... They could say screw it and sell it the way this community acts...
They're not really selling. They're giving exploit
Code:
 and they receive bounty as an reward for finding an exploit. If they would be selling, then it would be called "Nintendo SellMeYourHacks program"
 
  • Like
Reactions: Lumince

Site & Scene News

Popular threads in this forum

General chit-chat
Help Users
    K3Nv2 @ K3Nv2: Pump the chocolate into my veins