Last year, Nintendo debutted its HackerOne program that involved giving a bounty of range of $100 - $20,000 to hackers that disclose their system exploits and vulnerabilities for the 3DS. Everyone thought it wouldn't work out for Nintendo, but just around last month the program was extended to include the Nintendo Switch too.

Just recently as you can see in the picture, three people were rewarded so far, however the amounts paid will not be made public. It seems as if a few hackers wouldn't mind giving out their newfound exploits for some easy cash, hopefully for the sake of the Switch hacking scene, it isn't the same with our own resident hackers.

A few examples of what information Nintendo is interested in receiving:

• System vulnerabilities regarding Nintendo Switch
  • Privilege escalation from userland
  • Kernel takeover
  • ARM® TrustZone® takeover
• Vulnerabilities regarding Nintendo-published applications for Nintendo Switch
  • Userland takeover
• System vulnerabilities regarding the Nintendo 3DS family of systems
  • Privilege escalation on ARM® ARM11™ userland
  • ARM11 kernel takeover
  • ARM® ARM9™ userland takeover
  • ARM9 kernel takeover

Source

 

[Reecey]

Lol, then just look better at the videos and you'll see that there's switch buttons in top left corner, so it's switch version that looks bad.

Edit: I see you mean the arrow keys on the left!. I've never played the wiiu version so I'm not sure of the difference between the two! Well it still looks shit and mine looks 10x better even without it being docked. Must be really badly made video, then that's all I can say..

--------------------- MERGED ---------------------------

It's like everyone in this thread intentionally refuses to read the actual bug bounty rules and just acts like they can report any old bug that's already public and receive tons of money. It doesn't work that way.

Never mind that a game "cheat" like the infinite arrow glitch probably doesn't count, since that doesn't affect the system in general.

It got patched though, seems quite a coincidence it was fixed after the hacker program count, could still be passed maybe as "game modification" with cheating

 

[Krupa]

In before sellouts! I don't care about backups, but I hope that homebrew devs won't abandon the scene just for $20k.

 

[AmandaRose]

Was I the only one who got confused by the title?? Paid off here in Scotland means they lost their job not that they received payment for doing something lol.

 

[gamesquest1]

Was I the only one who got confused by the title?? Paid off here in Scotland means they lost their job not that they received payment for doing something lol.

really I know laid off means "lost your job", paid off I have only ever heard in refer someone being paid to either do something, or paid to not do something

 

[RustInPeace]

Everybody betray me, I fed up with dis whirl.

 

[AmandaRose]

really I know laid off means "lost your job", paid off I have only ever heard in refer someone being paid to either do something, or paid to not do something

Here paid off is only ever used to describe someone who has been fired or made redundant that is why it confused me lol (as in when you are made redundant and receive money because of it you are paid off from your job)

 

[Deleted User]

Here paid off is only ever used to describe someone who has been fired or made redundant that is why it confused me lol (as in when you are made redundant and receive money because of it you are paid off from your job)

Oh, okay.

 

[Kioku]

In before sellouts! I don't care about backups, but I hope that homebrew devs won't abandon the scene just for $20k.

I hope they do. So many ungrateful kids in any scene.

 

[gamesquest1]

Here paid off is only ever used to describe someone who has been fired or made redundant that is why it confused me lol (as in when you are made redundant and receive money because of it you are paid off from your job)

oh yeah I have heard of it in that sense, but that's still getting money to not kick up a stink as they have to terminate your employment early/with short notice, in that sense its the same as if you say something like "the police were paid off to stay away from the docks on that night" its essentially just money for doing something (or not doing something)

 

[Deleted User]

Those aren't snitches.
Their white hats who hack to expose security problems which will later benefit everyone.

You wouldn't mind your bank getting hacked by a white hat if it means your money would be stored more securely do you now?

There is almost no personal information stored on a 3ds compared to a computer, bank, smartphone,... Etc.

 

[DinohScene]

There is almost no personal information stored on a 3ds compared to a computer, bank, smartphone,... Etc.

I'm talking about white hack hackers and their motives to hack.
Not about what's stored on a system.

 

[Platinum Lucario]

I don't know anything about the lives of those people that just got paid by Nintendo on HackerOne for finding exploits. But for some reason, I can't help but think that they're people that have been born into a rich family. Perhaps even coldblooded, cruel anti-piracy extremists too? Maybe they're part of the same scamming rings that have been operating, with creating phishing websites with advertisement surveys on them? Who knows?

But I do know this: Nothing will stop our efforts in creating Homebrew and develop exploits for system hardware. If we can get more people educated into programming and hardware modding, as well as board modding too, then the amount of hardware hackers for creating Homebrew will increase tenfold. Let's not let this drain our efforts, we can try harder and pass our knowledge onto others who will create public exploits for us.

 

[mikey420]

I won't lie this isn't a terrible thing. These hacks we use to run custom software could potentially be used to steal personal data from the system. It's Nintendo's job to fix these flaws to protect their customers. I have no objection to a developer giving his exploit to the highest bidder. It's not like they often get much out of releasing it to the public. Usually they get bombarded by legal threats and hounded by ungrateful people who just want more. "Wha your hack no longer work on latest firm? But why I updated! Fix it now!"

 

[gamesquest1]

I don't know anything about the lives of those people that just got paid by Nintendo on HackerOne for finding exploits. But for some reason, I can't help but think that they're people that have been born into a rich family. Perhaps even coldblooded, cruel anti-piracy extremists too? Maybe they're part of the same scamming rings that have been operating, with creating phishing websites with advertisement surveys on them? Who knows?

But I do know this: Nothing will stop our efforts in creating Homebrew and develop exploits for system hardware. If we can get more people educated into programming and hardware modding, as well as board modding too, then the amount of hardware hackers for creating Homebrew will increase tenfold. Let's not let this drain our efforts, we can try harder and pass our knowledge onto others who will create public exploits for us.

or maybe they are a bit short on money like most people and don't have enough money for rent/food and saw an opportunity to profit from their expertise and put food on their table....or maybe their day job is developers making games for Nintendo system and releasing public hax would be detrimental to their own day jobs.

maybe they just want to hack for fun and see the public scene as toxic and wouldn't want to be involved in homebrew developments because of all the nasty name calling and demanding nature of the scene and would prefer to make a bit of money for the hours they pour into finding/developing exploits....because lets face it, its not like the scene would ever want to make it worth their while, the few times people have asked for even small donations to cover hardware the need to destroy for their work they get lambasted and called treacherous leeches.

even when it comes to teams like gateway who probably spent a fair bit of money in R&D (or money paying off other devs for exploits) people act like they should be killed for offering a piracy solution for a cost, many people don't seem to appreciate how much time and effort goes into developing hacks/exploits and working them into a end user friendly package, everyone seems to think devs just poop and cfw's pop out

TL : DR money will always win, and when your forced to choose between money and nothing but demands for more, faster, better, NOW! I would just settle for the money too

 

[alepman90]

Cheap ass Nintendo $20K only,any promising exploit with capable dev team could make that through crowdfunding if not even more

 

[linuxares]

You know, some of these people maybe aren't even normal "Hackers" in that sense that they're a part of the scene. They might be hobbiest that saw a chance to earn themselves some extra cash and points on a CV.

 

[chrisrlink]

Time to Lynch and Rob those assholes.

nah i prefer "accidents" as it's so called in the Tropico games after the first 2 meet their end I'm sure any dev would be scared shitless to even try to make a profit off exploits and watch them (nintendo) pay a low amount then threaten legal action if the dev warns others the've been screwed over

 

[GerbilSoft]

nah i prefer "accidents" as it's so called in the Tropico games after the first 2 meet their end I'm sure any dev would be scared shitless to even try to make a profit off exploits

And, once again, this is why devs end up selling their exploits instead of releasing them publicly. Ungrateful douchebags who threaten violence if they don't get their way.

 

[chrisrlink]

read my second part i edited too gerbil nintendo can threaten with a gag order (if they don't pay worth shit) to prevent the screwed devs from saying "hey nintendo fucked me over don't trust them",also why they don't post the amount paid

 

[Platinum Lucario]

or maybe they are a bit short on money like most people and don't have enough money for rent/food and saw an opportunity to profit from their expertise and put food on their table....or maybe their day job is developers making games for Nintendo system and releasing public hax would be detrimental to their own day jobs.

maybe they just want to hack for fun and see the public scene as toxic and wouldn't want to be involved in homebrew developments because of all the nasty name calling and demanding nature of the scene and would prefer to make a bit of money for the hours they pour into finding/developing exploits....because lets face it, its not like the scene would ever want to make it worth their while, the few times people have asked for even small donations to cover hardware the need to destroy for their work they get lambasted and called treacherous leeches.

even when it comes to teams like gateway who probably spent a fair bit of money in R&D (or money paying off other devs for exploits) people act like they should be killed for offering a piracy solution for a cost, many people don't seem to appreciate how much time and effort goes into developing hacks/exploits and working them into a end user friendly package, everyone seems to think devs just poop and cfw's pop out

TL : DR money will always win, and when your forced to choose between money and nothing but demands for more, faster, better, NOW! I would just settle for the money too

Another thing too, I normally do pay developers when they're contributing to homebrew and hacking, but also... there's a part of me that wants to program and develop as well, for reverse engineering stuff and contributing to homebrew and ROM hacks, and I am trying to learn programming, but it's just that I have trouble learning it.