Nintendo just paid off 3 people for the HackerOne Program

01b07c077f.png

Last year, Nintendo debutted its HackerOne program that involved giving a bounty of range of $100 - $20,000 to hackers that disclose their system exploits and vulnerabilities for the 3DS. Everyone thought it wouldn't work out for Nintendo, but just around last month the program was extended to include the Nintendo Switch too.

Just recently as you can see in the picture, three people were rewarded so far, however the amounts paid will not be made public. It seems as if a few hackers wouldn't mind giving out their newfound exploits for some easy cash, hopefully for the sake of the Switch hacking scene, it isn't the same with our own resident hackers.

A few examples of what information Nintendo is interested in receiving:
  • System vulnerabilities regarding Nintendo Switch
    • Privilege escalation from userland
    • Kernel takeover
    • ARM® TrustZone® takeover
  • Vulnerabilities regarding Nintendo-published applications for Nintendo Switch
    • Userland takeover
  • System vulnerabilities regarding the Nintendo 3DS family of systems
    • Privilege escalation on ARM® ARM11™ userland
    • ARM11 kernel takeover
    • ARM® ARM9™ userland takeover
    • ARM9 kernel takeover

:arrow:Source
 
Last edited by Chary,

Flame

Me > You
Global Moderator
Joined
Jul 15, 2008
Messages
7,212
Trophies
3
XP
18,386
Man, it's hilarious to see people getting all paranoid about something we don't even know what they patched lol.

i know what they patched...

the ability to run PS4 and Xbone emulators...


DAMN YOU WHITE HAT SNITCH HACKERS!
 
Last edited by Flame,

MadMageKefka

Well-Known Member
Member
Joined
Apr 28, 2016
Messages
1,672
Trophies
0
Age
36
Location
World of ruin
XP
1,915
Country
United States
Eh, it's not like they rat Nintendo out to the Yakuza and the Yakuza to Nintendo ;p
Still, they are finding exploits that would otherwise be used by the hacking community and exposing them to the people who can put a stop to it. They are being a "buzzkill." It's like if you're trying to have a party while your parents are away, but you have a maid that finds out and tells your parents, putting a stop to the party. Sure, its her job to do so in order to help prevent the house from being destroyed, but she's still a snitch, right?
 

MadMageKefka

Well-Known Member
Member
Joined
Apr 28, 2016
Messages
1,672
Trophies
0
Age
36
Location
World of ruin
XP
1,915
Country
United States
Back in my day, a snitch was a rat. Helping to make the console more secure is nowhere near that.
"Helping" by exposing is EXACTLY what a snitch is, though. Like, if you snitch, or "rat out" a murderer, you're helping make the town more secure, right? Doesn't make you less of a snitch.
 

Flame

Me > You
Global Moderator
Joined
Jul 15, 2008
Messages
7,212
Trophies
3
XP
18,386
"Helping" by exposing is EXACTLY what a snitch is, though. Like, if you snitch, or "rat out" a murderer, you're helping make the town more secure, right? Doesn't make you less of a snitch.

if i tell you the address of this white hat hackers, will you "take them out" for us?
 

Lumince

Well-Known Member
Member
Joined
Aug 15, 2015
Messages
2,343
Trophies
1
XP
3,721
Country
United States
"Helping" by exposing is EXACTLY what a snitch is, though. Like, if you snitch, or "rat out" a murderer, you're helping make the town more secure, right? Doesn't make you less of a snitch.
Omg, are you serious lol? I know you arent angry. But they arent :rofl2: Its exposing something that could harm the console more than anything lol Full access to the system OS is something nintendo doesn't want. Exploits and murderers are 2 way different concepts... You are showing nintendo their security flaws. Not ratting out someone for killing someone else. See the difference? They are snitches when you didn't even know about the exploits in the first place. No one else had anything to do with the exploits. So they arent snitching on anyone :wtf:
Idk what I was typing there...
 
Last edited by Lumince,

DinohScene

Gay twink catboy
Global Moderator
Joined
Oct 11, 2011
Messages
22,515
Trophies
4
Location
Восторг
XP
22,641
Country
Antarctica
Still, they are finding exploits that would otherwise be used by the hacking community and exposing them to the people who can put a stop to it. They are being a "buzzkill." It's like if you're trying to have a party while your parents are away, but you have a maid that finds out and tells your parents, putting a stop to the party. Sure, its her job to do so in order to help prevent the house from being destroyed, but she's still a snitch, right?

But 99% of the "hacking" community wants piracy and the 1% that actually does care about homebrew is either developing for the console or on an android platform.

They still aren't snitches imho.
 
  • Like
Reactions: Kioku and Lumince

lisreal2401

Well-Known Member
Member
Joined
Jun 4, 2013
Messages
853
Trophies
1
Age
27
XP
2,889
Country
United States
This is fine as long as they allow exploits to be released after they've been patched. It's common for hackers to do this - inform the company and then release the exploit after it's patched. Best example was the JTAG on Xbox 360.

EDIT: I bet you that safehax implementation on 11.3 was an example of this.
 

Wolololo

Member
Newcomer
Joined
Jan 24, 2014
Messages
10
Trophies
0
Age
42
XP
172
Country
Hmm, work hard on an exploit and sell it for money to a respectable company, helping them making their system more secure, or give it away for free to a community made of 99% of kids who don't care about anything but piracy... tough choice.

Don't get me wrong, I'm on the side of using the hack for homebrews, but that's probably because I'm not the one who's found the exploit ;)

But as a hacker, the fears I would have are:
- revealing a critical exploit to Nintendo, only to realize they'll only give me like $100 for it. Was it worth screwing over the community for that? Was it worth the time? (Hint, some sites on the scene would pay/donate more than $100 for the privilege to be the first to reveal and distribute the hack, with no strings attached)
- giving a company my personal information, while clearly admitting to be a skilled reverse engineer: no way to go back to the scene after that, constant fear of being "flagged" by the company. So it's a one way door
 

evandixon

PMD Researcher
Developer
Joined
May 29, 2009
Messages
1,725
Trophies
0
Website
projectpokemon.org
XP
2,313
Country
United States
Here's another way to think about it: if Switch hacks are made public too soon and piracy becomes rampant, game companies may be less likely to make games for the Switch, which could lead to its premature death.

(That said, I would still love to see hacks.)
 
  • Like
Reactions: HylianMario

Lumince

Well-Known Member
Member
Joined
Aug 15, 2015
Messages
2,343
Trophies
1
XP
3,721
Country
United States
Here's another way to think about it: if Switch hacks are made public too soon and piracy becomes rampant, game companies may be less likely to make games for the Switch, which could lead to its premature death.

(That said, I would still love to see hacks.)
Nah, you secretly want the switch to die :rofl2:
 

Reecey

Mario 64 (favorite game of all time)
Member
Joined
Mar 7, 2010
Messages
5,864
Trophies
2
Location
At Home :)
XP
4,435
Country
Not really. Career hackers, aka white hats, are better off releasing findings early for the sake of a higher bounty and building their resume (like I said). Their priority isn't making sure people at home can circumvent security for mundane homebrew.

Also, to all of you bitching, I'll be sitting back and waiting for you to release an exploit for the "community" since this is such a big deal.
But that's exactly what we don't want "releasing findings early for the sake of a higher bounty" soon as they "leak" there work that will get worked on and will eventually develop into something more which in tern will result to piracy without a doubt on a level that cannot be turned back! tbh I say to "anyone" who buys a console on its release this early hoping or looking through the homebrew & hacking sections for homebrew/piracy are quite honestly very sad and need to get a life! I have said this before I "NEVER" buy a console on the intentions of it being hacked and don't let my signature fool you into thinking just that, I only enjoy that side of the device years down the line when it is something to have a play at but talking about "hacking" with the Switch this early on in its development stage is just plain sad and quite wrong I mean why buy the console in the first instance, just on the off chances of it being hacked early, it just amazes me!. I buy my games to support the developers and the console manufactures so why shouldn't that person be any different, if it happens say 4 - 5 years down the line then what the hell, its pretty much redundant at that stage anyway.
 
Last edited by Reecey,

Site & Scene News

Popular threads in this forum

General chit-chat
Help Users
  • No one is chatting at the moment.
  • ZeroT21 @ ZeroT21:
    it wasn't a question, it was fact
  • BigOnYa @ BigOnYa:
    He said he had 3 different doctors apt this week, so he prob there. Something about gerbal extraction, I don't know.
    +1
  • ZeroT21 @ ZeroT21:
    bored, guess i'll spread more democracy
  • LeoTCK @ LeoTCK:
    @K3Nv2 one more time you say such bs to @BakerMan and I'll smack you across the whole planet
  • K3Nv2 @ K3Nv2:
    Make sure you smack my booty daddy
    +1
  • LeoTCK @ LeoTCK:
    telling him that my partner is luke...does he look like someone with such big ne
    eds?
  • LeoTCK @ LeoTCK:
    do you really think I could stand living with someone like luke?
  • LeoTCK @ LeoTCK:
    I suppose luke has "special needs" but he's not my partner, did you just say that to piss me off again?
  • LeoTCK @ LeoTCK:
    besides I had bigger worries today
  • LeoTCK @ LeoTCK:
    but what do you know about that, you won't believe me anyways
  • K3Nv2 @ K3Nv2:
    @BigOnYa can answer that
  • BigOnYa @ BigOnYa:
    BigOnYa already left the chat
  • K3Nv2 @ K3Nv2:
    Biginya
  • BigOnYa @ BigOnYa:
    Auto correct got me, I'm on my tablet, i need to turn that shit off
  • K3Nv2 @ K3Nv2:
    With other tabs open you perv
  • BigOnYa @ BigOnYa:
    I'm actually in my shed, bout to cut 2-3 acres of grass, my back yard.
  • K3Nv2 @ K3Nv2:
    I use to have a guy for that thanks richard
  • BigOnYa @ BigOnYa:
    I use my tablet to stream to a bluetooth speaker when in shed. iHeartRadio, FlyNation
  • K3Nv2 @ K3Nv2:
    While the victims are being buried
  • K3Nv2 @ K3Nv2:
    Grave shovel
  • BigOnYa @ BigOnYa:
    Nuh those goto the edge of the property (maybe just on the other side of)
  • K3Nv2 @ K3Nv2:
    On the neighbors side
    +1
  • BigOnYa @ BigOnYa:
    Yup, by the weird smelly green bushy looking plants.
    K3Nv2 @ K3Nv2: https://www.the-sun.com/news/10907833/self-checkout-complaints-new-target-dollar-general-policies...