Why companies offer a hacking bounty — and why there are challenges

Want to make a cool $20,000?

All you have to do is hack the Nintendo 3DS, a handheld console that’s been out for a few years already. A listing on HackerOne spells everything out: Hackers will receive a cash payment for discovering a vulnerability in the system, which does let gamers make purchases and stores private information like your age and gender. There’s a range for this, of course — some discoveries will pay $100. Also, anyone who files a report must follow the exact template.

It makes you wonder — why would a major Japanese corporation offer a reward like this? Why is it even worth the expense, especially when you know they have internal security researchers?

To read this article in full or to leave a comment, please click here