George Francis Hotz, alias geohot, is an
American hacker known for unlocking the
iPhone, allowing the phone to be used
with other wireless carriers, contrary
to AT&T's and Apple's intentions. He
developed the limera1n jailbreak tool
and bootrom exploit for iOS. He is also
noted for his technical efforts and
publicity with reverse engineering the
PlayStation 3 video game console, and
for subsequently being sued by and
settling with Sony.
Personal life 
He attended the Bergen County Academies,
a magnet public high school in
Hackensack, New Jersey. He attended
Academy for Engineering and Design
Technology. Hotz is an alumnus of the
Johns Hopkins Center for Talented Youth
program. Hotz also attended Carnegie
Mellon University.
iOS device security 
In August 2007, seventeen-year-old
George Hotz became the first person
reported to carrier-unlock an iPhone.
According to Hotz's blog, he traded his
second unlocked 8 GB iPhone to Terry
Daidone, the founder of Certicell, for a
Nissan 350Z and three 8 GB iPhones.
In September 2007, an anonymous group
achieved a software-only unlocking
method to complement Hotz's
hardware-based unlocking method.
On July 13, 2010, Hotz announced the
discontinuation of his jailbreaking
activities, citing demotivation over the
technology and the unwanted personal
attention. Nevertheless, he continued to
release new software-based jailbreak
techniques until October 2010.
PlayStation 3 security 
In December 2009, Hotz announced his
initial intentions to breach security on
the Sony PlayStation 3. Five weeks
later, on January 22, 2010, he announced
that he had performed his first
theoretical achievement. This consists
of the initial read and write access to
the machine's system memory as well as
hypervisor level access to the machine's
CPU.
On January 26, 2010, Hotz released the
exploit to the public. On March 28,
2010, Sony responded by announcing their
intention to release a PlayStation 3
firmware update that would retroactively
remove the OtherOS feature from all
models, a feature that was already
absent on the newer Slim revisions of
the machine.
On July 13, 2010, never having achieved
any method of reading, installing, or
modifying software on the PS3, Hotz
posted a message on his Twitter account
stating that he had abandoned his
efforts of trying to crack the PS3 any
further due to the system security's
extreme difficulty.
On December 29, 2010, notable hacking
group fail0verflow, known for the
reverse engineering of security models
found in consumer electronics devices,
performed an academic presentation at
the 27th Chaos Communications Congress
technical conference, of their
accomplishments with the PlayStation 3.
They presented the methods they'd
devised for having successfully
penetrated the device's security model,
yielding the root signing and encryption
keys. These keys are the essential
element of a full breach, capable of
installing and running any new software
on any PlayStation 3 unit.
On January 2, 2011, Hotz posted a copy
of the root keys of the PlayStation 3 on
his website. These keys were later
removed from his website as a result of
legal action by Sony against
fail0verflow and himself. In response to
Hotz's continued publication of PS3
exploit information, Sony filed on
January 11, 2011 for an application for
a temporary restraining order against
him in the US District Court of Northern
California. On January 14, 2011, Hotz
appeared in an interview on G4's The
Loop, where he explained his involvement
with the PlayStation 3.
= Sony lawsuit =
After the root keys of the console were
published, Sony initiated litigation
against George Hotz and predecessor
PlayStation 3 hacking group known as
fail0verflow. Hotz published his
commentary on the case, including a song
about the "disaster" of Sony. Sony in
turn has demanded social media sites,
including YouTube, to hand over IP
addresses of people who visited Geohot's
social pages and videos; the latter
being the case only for those who
"watched the video and 'documents
reproducing all records or usernames and
IP addresses that have posted or
published comments in response to the
video".
PayPal has granted Sony access to
Geohot's PayPal account, and the judge
of the case granted Sony permission to
view the IP addresses of everyone who
visited geohot.com. In April 2011, it
was revealed that Sony and Hotz had
settled the lawsuit out of court, on the
condition that Hotz would never again
resume any hacking work on Sony
products.
At the end of April 2011, an anonymous
hacker broke into the PlayStation
Network and stole personal information
of some 77 million users. Hotz denied
any responsibility for the attack, and
said "Running homebrew and exploring
security on your devices is cool;
hacking into someone else's server and
stealing databases of user info is not
cool".
Rooting the AT&T and Verizon Galaxy S5 
In June 2014, Hotz published a root
exploit software hack for Samsung Galaxy
S5 devices used in the US market. The
exploit is itself built around Linux
kernel CVE-2014-3153, which was
discovered by hacker Pinkie Pie, and it
involves an issue in the Futex subsystem
that in turn allows for privilege
escalation. The exploit, known as
towelroot, was designated a "one-click
Android rooting tool" by the hacking
community because it was designed to be
installed quickly like an App; other
rooting hacks were typically uploaded
from a nearby PC with a cable and
necessitated rebooting the device with a
special set of key presses.
Although originally released for the
Verizon Galaxy S5, the root exploit was
made compatible with most Android
devices available at that time. For
example, it was tested and found to work
with the AT&T Galaxy S5, Nexus 5, and
Galaxy S4 Active. Updates continued to
be applied to the root exploit to
increase its capabilities with other
devices running Android. Updates to the
Android operating system closed the
source of the exploit. Samsung
officially responded to the towelroot
exploit by releasing updated software
designed to be immune from the exploit.
Career 
In addition to having made a meaningful
side income from public donations
solicited for his exploits, Hotz has
been employed at Facebook and Google.
On June 27, 2011, ZDNet freelance
reporter, Emil Protalinski reported that
according to a Facebook spokesman, Hotz
had been hired by the company in an
unknown role. However, according to a
CNET article, he had actually been
employed since May, which was confirmed
by Facebook. In January 2012, Hotz was
no longer employed by Facebook.
On July 16, 2014, Google hired Hotz to
work in their software security auditing
team called Project Zero, which "hopes
to find zero-day vulnerabilities before
the NSA". Hotz worked in Project Zero
for 5 months where he developed Qira -
an open source program for dynamically
analysing application binaries.
In January 2015, Vicarious hired Hotz to
develop AI algorithms where he worked
for 7 months.
Other activities & recognition 
Hotz was a finalist at the 2004 ISEF
competition in Portland, Oregon with his
project "The Mapping Robot". Recognition
included interviews on the Today Show
and Larry King. Hotz was a finalist at
the 2005 ISEF competition, with his
project "The Googler". Continuing with
robots, Hotz competed in his school's
highly successful Titanium Knights
battlebots team.
Hotz competed in the 2007 Intel
International Science and Engineering
Fair, a science competition for high
school students, where his 3D imaging
project, entitled "I want a Holodeck",
received awards and prizes in several
categories including a $20,000 Intel
scholarship. He travelled to Sweden to
speak about the project at the Stockholm
International Youth Science Seminar.
Hotz has received considerable attention
in mainstream media, including
interviews on the Today Show, Fox, CNN,
NBC, CBS, G4, ABC, CNBC, and articles in
several magazines, newspapers, and
websites, including Forbes, and BBC.
In March 2008, PC World magazine listed
Hotz as one of the top 10 Overachievers
under 21.
In August 2013, Hotz attended DEFCON
with Carnegie Mellon's Plaid Parliament
of Pwning. PPP placed first in the
DEFCON Capture the Flag tournament.
Later in 2013, Hotz also competed in
CSAW 2013. Working alone, Hotz took
first place under the pseudonym
tomcr00se.
In August 2014, Hotz once again competed
alongside Carnegie Mellon's Plaid
Parliament of Pwning at DEFCON. PPP won
the DEFCON CTF tournament for a second
year in a row and also placed first in
the DEFCON "Crack Me If You Can"
tournament.
See also 
Blackra1n, an iPhone jailbreak
application produced by George Hot
References 
External links 
Settlement in George Hotz Case
Will Geohot Return To PS3 Scene After He
Quit Facebook?
GeoHot Released PS3 Exploit – By
TheTechJournal.com
YouTube Video of Hotz's Unlocked iPhone
YouTube Video demo of PlayStation 3 CWF
3.21OO
Hotz's Website
NJ teen unlocks iPhone + YouTube Video
GeoHot's guide to iPhone unlocking
