Security researchers are being asked to find vulnerabilities in Nintendo’s aging handheld.
The latest generation of gaming hardware are all connected devices, reliant on the Internet for downloading games, patches, and of course multiplayer experiences. Because of this, security needs to be robust, which Sony learned the hard way back in 2011 when the PlayStation Network got hacked.
Nintendo is arriving late, but finally decided to embrace the very active security research community by offering rewards in return for finding and reporting 3DS vulnerabilities.
Just like Qualcomm last month, Nintendo is teaming up with bug bounty platform Hackerone to coordinate the program. The goal of the program is to limit piracy, cheating, and the “dissemination of inappropriate content to children.”
With that in mind, Nintendo is offering rewards of between $100 and $20,000 in return for discovering vulnerabilities in the following areas:
- Privilege escalation on ARM11 userland
- ARM11 kernel takeover
- ARM9 userland takeover
- ARM9 kernel takeover
The Japanese company is also interested in vulnerabilities allowing access to the ARM11 userland through Nintendo-published applications, as well as hardware vulnerabilities that allow for “low-cost cloning” and “security key detection via information leaks.”
If you’re wondering what the term “userland” means, it’s basically the area of the system where commercial games are allowed to run. Some vulnerabilities are already known about that allow non-commercial games (usually termed homebrew games) to run within that area of the system. Clearly Nintendo does not want that to happen.
Nintendo isn’t making public how the vulnerability reward calculation is done, so anyone submitting a vulnerability will just have to wait and see how much Nintendo thinks it is worth. Obviously, the more serious the vulnerability, the higher the payout, but a lot will depend on submission of a functioning exploit to back up the vulnerability claim.
The 3DS has been around since 2011, and many see it as on its way out as a platform. So the obvious question is: why has Nintendo chosen to start a bug bounty program for it now? My guess is that it’s a test to see how well it works. If it results in a number of new vulnerabilities being discovered, then Nintendo will likely roll out a similar bug bounty program quickly for the Switch, which is expected to launch in March next year.