If you want $20,000 fast, you can try hacking the Nintendo Switch, and Nintendo will pay up that amount stat.
Nintendo said it would pay rewards to those who unearth legitimate exploits, bugs, and vulnerabilities on its new hybrid console, released early last month.
That's according to a posting by the company on HackerOne, which signals that Nintendo is expanding its bug bounty program it originally commenced on the 3DS, where it asked people to scour for possible vulnerabilities.
Nintendo Switch Bug Bounty Program
The concept of bug bounties isn't new, and it's actually pretty clever. Instead of companies sitting idly by, waiting for a skilled hacker to expose vulnerabilities on their consoles, why not pay steep amounts for those who can do it? Not only will it prevent the company from releasing piecemeal updates to brick sustained hackings, but it will also prevent widespread piracy.
Depending on what issue you bring to Nintendo's attention, you could have a great payday waiting: from $100 up to $20,000. There are three key things Nintendo wants to prevent: piracy, cheating, and dissemination of inappropriate content to children, which Nintendo has always been pretty staunch against.
Specifically, Nintendo is looking for these three things: privilege escalation from userland, kernel takeover, and ARM TrustZone takeover. It's also looking for Userland takeover with regard to Switch applications published by Nintendo.
The HackerOne posting shows three reports have already been submitted to Nintendo, which the company has resolved accordingly. Seeing as the Switch is still in its very early shelf life, the reports might allude to 3DS exploits. Nintendo hasn't revealed what platforms the three reports are for, to that end.
If you think you have a potential exploit that went past Nintendo's radar, then prompt them, and you may receive some sweet cash. Nintendo will determine the reward based on the quality of a report and the importance of information shared. For the report to qualify as high-quality, the vulnerability must be shown by providing a proof-of-concept, even better if it's a functional exploit code. If a proof-of-concept is unavailable, a report may still be submitted, but the proof-of-concept should follow within three weeks after the initial submission.
The Switch is Nintendo's latest console, one that offers both traditional home console play and a handheld experience. Its selling point is the immediate "switch" between the two — just lift the console up from its dock, and you can take home console-level games on the go.
It launched with the generously lauded Legend of Zelda: Breath of the Wild, with more big-name titles on the way, such as Mario Kart 8 Deluxe, Splatoon 2, Arms, and Super Mario Odyssey, among others. It's poised to unveil more games this E3, an annual high-profile games conference where unveilings usually occur. Perhaps it'll reveal a new Pokémon game for the Switch, as reports suggests. Time will tell.
Thoughts about Nintendo's bug bounty program for the Switch? Feel free to sound off in the comments section below!