Nintendo is now offering a minimum $100 bounty for users who find and properly report vulnerabilities with the Nintendo 3DS. The company posted the offer on HackerOne, which you can find in full in the source link below.
Here’s what the company writes:
Nintendo’s goal is to provide a secure environment for our customers so that they can enjoy our games and services. In order to achieve this goal, Nintendo is interested in receiving vulnerability information that researchers may discover regarding Nintendo’s platforms. Currently, in the context of the HackerOne program, Nintendo is only interested in vulnerability information regarding the Nintendo 3DS™ family of systems and is not seeking vulnerability information regarding other Nintendo platforms, network service, or server-related information.
Nintendo explains that they’re looking to prevent application dumping, game copying, game modifications, save modifications and the “dissemination of inappropriate content to children.”
My only question is, “why the Nintendo 3DS now?”
The Nintendo 3DS is already wide open for hackers and homebrew users. The platform is approaching six years old. The Nintendo Switch, while Nintendo’s cagey about it, will likely push the Nintendo 3DS further down the relevance ladder.
Why go for this now? I don’t have an answer, and I imagine most in the hacking community are a little stumped by this choice, too.
Will those bug seekers even go for snitching to Nintendo? I won’t claim to understand that culture, but I’d imagine that’s frowned upon in some circles.