Just recently, Nintendo partnered up with San Francisco-based security firm HackerOne to launch a new vulnerability reward program for the Nintendo 3DS. In other words, Nintendo will pay a bounty ranging between $100 to $20,000 to all hackers - or “highly skilled researchers” - who can find and fix as many 3DS vulnerabilities and exploits as they possibly can.
According to the official Nintendo bounty listing, the program is only accepting bugs exclusively on the 3DS and is specifically seeking out vulnerabilities such as:
Piracy, including game application dumping and copied game application execution - such as the well-known “R4” cartridge exploit. Cheating, including game application modifications and save data modifications. Dissemination of inappropriate content to children. System and hardware exploits regarding the 3DS and its various models currently on the market. And any exploits regarding Nintendo-published applications for the 3DS.
This program may be worth it for those who believe they have something 3DS-related to offer to Nintendo. However, it must be noted vulnerabilities already known to the public don’t qualify for the reward and that the company “does not disclose how the reward amount is calculated”, meaning that each case could potentially be judged arbitrarily.
Given the issues Nintendo has had with video game piracy over the years, most recently with pirated copies of Pokemon Sun and Moon, it is no surprise that the big N is taking more extreme measures in an attempt to curb the problem. Taking into account how the Wii U was hacked on day one, piracy could very well have been a reason as to why the upcoming Nintendo Switch won’t play Wii U discs or 3DS cartridges.
It ultimately remains to be seen how successful Nintendo and HackOne’s vulnerability reward program will be, but there’s a chance that this thinking outside of the box approach may reap in the rewards that the big N is hoping for.
