Nintendo just paid off 3 people for the HackerOne Program

01b07c077f.png

Last year, Nintendo debutted its HackerOne program that involved giving a bounty of range of $100 - $20,000 to hackers that disclose their system exploits and vulnerabilities for the 3DS. Everyone thought it wouldn't work out for Nintendo, but just around last month the program was extended to include the Nintendo Switch too.

Just recently as you can see in the picture, three people were rewarded so far, however the amounts paid will not be made public. It seems as if a few hackers wouldn't mind giving out their newfound exploits for some easy cash, hopefully for the sake of the Switch hacking scene, it isn't the same with our own resident hackers.

A few examples of what information Nintendo is interested in receiving:
  • System vulnerabilities regarding Nintendo Switch
    • Privilege escalation from userland
    • Kernel takeover
    • ARM® TrustZone® takeover
  • Vulnerabilities regarding Nintendo-published applications for Nintendo Switch
    • Userland takeover
  • System vulnerabilities regarding the Nintendo 3DS family of systems
    • Privilege escalation on ARM® ARM11™ userland
    • ARM11 kernel takeover
    • ARM® ARM9™ userland takeover
    • ARM9 kernel takeover

:arrow:Source
 
Last edited by Chary,

retrofan_k

Well-Known Member
Member
Joined
May 31, 2013
Messages
2,077
Trophies
2
Location
Caves
XP
2,462
Country
Belarus
One word "Traitors":P. Nah, but if there is money on the table, it's easy to take the bait.

Personally, if I was a dev, I wouldn't disclose my findings, etc, as I would be doing it for fun and a hobby like I do with exploiting and modding consoles, as a end user with what the scene provides.

Just goes to show Nintendo are not confident in their own technical department and have to rely on the public for help.
 

Joom

 ❤❤❤
Member
Joined
Jan 8, 2016
Messages
6,067
Trophies
1
Location
US
Website
mogbox.net
XP
6,075
Country
United States
Just goes to show Nintendo are not confident in their own technical department and have to rely on the public for help.
You do know that they're not the only company with a bug bounty, right? Also, stuff like this is great for resumes, which apparently a lot of you can't comprehend. Wait until you have a mortgage and a family, or even school debt, and you want your skills to be recognized by someone that can put you on a decent career path.
 

marksteele

Well-Known Member
Member
Joined
Jan 16, 2011
Messages
824
Trophies
1
XP
632
Country
Canada
it should be interesting if this changes how "hobby hackers" (people not in it for the money) release their work. I know the mentality right now is "save it for as many firmware versions as possible" but if the bug bounty program starts to take off I don't know if that will be viable anymore.
 

DinohScene

Gay twink catboy
Global Moderator
Joined
Oct 11, 2011
Messages
22,512
Trophies
4
Location
Восторг
XP
22,606
Country
Antarctica
I hate snitch, they make me sick.

Those aren't snitches.
Their white hats who hack to expose security problems which will later benefit everyone.

You wouldn't mind your bank getting hacked by a white hat if it means your money would be stored more securely do you now?
 

Joom

 ❤❤❤
Member
Joined
Jan 8, 2016
Messages
6,067
Trophies
1
Location
US
Website
mogbox.net
XP
6,075
Country
United States
When i finally get the switch should i or should i not sell my expluts xD
You have to weigh the benefits of monetary gain and the admiration of teenagers. Honestly, if anyone feels conflicted about doing either, then posting a write up for someone else to interpret and create a POC around that might be better for your conscience.
 

Alkéryn

Moon Dweller ~
Member
Joined
Mar 15, 2015
Messages
1,665
Trophies
1
Age
25
Location
Albategnius, Moon
XP
2,392
Country
France
You have to weigh the benefits of monetary gain and the admiration of teenagers. Honestly, if anyone feels conflicted about doing either, then posting a write up for someone else to interpret and create a POC around that might be better for your conscience.
Meh by the time i get my hands on the system it will already be hacked
I'm not against piracy but i won't support it either, don't want to have trouble with nintendo
But i would rather make an exploit public than giving it to Nintendo except if they would pay more than 20 000
 

Taleweaver

Storywriter
Member
Joined
Dec 23, 2009
Messages
8,684
Trophies
2
Age
43
Location
Belgium
XP
8,062
Country
Belgium
Jeez...I know this forum is the home of pirates and script kiddies, but the replies here are still pretty immature. Traitor...snitch...wall of shame...Say, geniusses: this isn't exactly helping that so-called "cause" of you. If you're really interested in what hackers do, at least have the fucking decency to recognize a job well done, even if it isn't in your own interest.

As it turns out, there were vulnerabilities found in the kernel, and they are now patched. So? Unless you're skilled enough to find vulnerabilities/exploits/hacks yourself, don't tell others what they should or shouldn't be doing with them. This isn't the first time this community turns out to be pretty much the opposite of what the word 'community' is supposed to be about (I've seen a good handful decent hackers being boo-ed for doing something else than openly releasing everything they had), but this may very well be the last time. No, not because "all the hackers turn out to be greedy bitches" but because the people they could release their exploits are hardly more than a bunch of ungrateful bastards. :angry:


(no, I haven't discovered exploits myself, and yes I've used some that others have released...but I'd be glad if talented hackers got something more than just the paper thin "gratefulness" that this community provides)
 

Joom

 ❤❤❤
Member
Joined
Jan 8, 2016
Messages
6,067
Trophies
1
Location
US
Website
mogbox.net
XP
6,075
Country
United States
@Taleweaver, more importantly there will always be more provided there's interest. The way I feel is "so what?" because someone else will come along and release something that satiates the droolies.
 

Reecey

Mario 64 (favorite game of all time)
Member
Joined
Mar 7, 2010
Messages
5,864
Trophies
2
Location
At Home :)
XP
4,431
Country
It's basically a wall of shame. Can't wait to see familiar usernames, though for their sake they might choose something else to hide from the crowd.
It is a wall of shame basically to many but not for some and I'm even surprised they post usernames etc..even though they are random nonsense and probably would never be traced! but hay I'm all for hacking etc.. but at a later date maybe, not at its birth and growing so early. I think its a good thing at this time too let the Switch develop and then homebrew at a much later date I think seeing hacking on a system this early would only spell out DOOM so I'm all for it, they have made the honest and right step forward by reporting, its good!. I don't want to see this system hacked for many years to come yet! well at least 3 years would be good else I would think Nintendo would hang up there gloves with the handheld/console department which would be very sad indeed for many.
 
Last edited by Reecey,
  • Like
Reactions: Deleted User

Site & Scene News

Popular threads in this forum

General chit-chat
Help Users
  • No one is chatting at the moment.
    K3Nv2 @ K3Nv2: Sorry for accidentally bending over