Nintendo has made an unexpected move when it announced that the company will be giving a big amount of money to Switch owners that manage to find any vulnerability in the console. And in order to motivate anyone and everyone who might have something to contribute, Nintendo has offered a reward of $20,000.
The public security flaw hunt that Nintendo likes so much has officially been extended to the Nintendo Switch console. Compensation for finding any sort of vulnerability in its software is quite big, but it will still vary from $100 to $20,000, depending on the severity of the flaw itself. The bug hunt has already made many of the hunters work hard to find any sort of flaw.
Rewards were already offered for everyone who manages to find vulnerabilities found on Nintendo 3DS and the New 3DS. Rewards have been offered through the bug-hunting site called HackerOne, and the project was first launched in December 2016. Three people have already been rewarded, however, not much is known about the amount.
It would appear that Nintendo has a general idea about where the vulnerabilities might be detected, and as we found out, it’s interested in four different areas that include:
– Kernel Takeover
– Userland takeover
– Privilege escalation from userland
– ARM® TrustZone® takeover
The general policy is that everyone who reports a new vulnerability (that’s worth reporting), will be rewarded by the company as soon as the flaw is fixed, or in worst case scenario, in four months after the report has been submitted.
Big-time companies offering money for detecting flaws in their systems is not a new thing, and pretty much every big company out there has done it at one time. Some of them even did it on more than one occasion, and for others, it’s a regular practice. For example, Facebook and Google themselves have used this method of patching up their flawed systems. This is seen as one of many ways in which companies can progress, and bug hunters can earn quite a lot of money, depending on how serious the flaw they found was.
The reason that this works is mostly because more eyes see more things, and so the more people try to find vulnerabilities, the more of them will be found. A perfect system doesn’t exist, but that doesn’t mean that perfecting the systems is off the table.