George Hotz

From Wikipedia, the free encyclopedia
Jump to: navigation, search
George Hotz
George Hotz.jpg
Born George Francis Hotz Jr.
(1989-10-02) October 2, 1989 (age 24)
Glen Rock, New Jersey, USA
Nationality American
Other names geohot, million75, mil, dream hax0r, tomcr00se
Alma mater Carnegie Mellon University
Bergen County Academies

George Francis Hotz (born October 2, 1989), alias geohot, is an American hacker known for unlocking the iPhone, allowing the phone to be used with other wireless carriers, contrary to AT&T and Apple's intent.[1][2] Additionally, he developed the limera1n jailbreak tool, which used his limera1n bootrom exploit. He is also noted for hacking the PlayStation 3 and subsequently being sued by and settling with Sony. He is currently a student at Carnegie Mellon University.

Personal life[edit]

Hotz grew up in Glen Rock, New Jersey, the son of Marie Minichiello and George Hotz.[3] He has one sister, Julia.[4] He attended the Bergen County Academies, a magnet public high school. He was in AEDT (Academy for Engineering and Design Technology).[5] He graduated with a 2.7 GPA and completed his required community service 3 hours before graduation.[citation needed] Hotz is an alumnus of the Johns Hopkins Center for Talented Youth program.

Additionally, George Hotz attended the Rochester Institute of Technology for a short period of time[when?]. He started his major as a Biotechnology - Bioinformatics option major in August 2007, but withdrew from the institution soon after.

In March 2012, Hotz was booked and charged with felony marijuana possession in Sierra Blanca, Texas on his way to SXSW conference in Austin.[6][7] The charges were later dropped.

Hacking Apple iOS devices[edit]

In June, 2007, Hotz became the first person to carrier unlock an iPhone.[8][9] According to Hotz's blog, he traded his 2nd unlocked 8 GB iPhone to Terry Daidone, the founder of Certicell, for a Nissan 350Z and three 8 GB iPhones. Hotz said he wanted to give the iPhones to the other members of the team who created the hack with him. Hotz's hardware-based unlocking technique has largely been replaced by software unlocking that does not require dis-assembly of the iPhone.[10] On February 8, 2008, Hotz developed the software unlock for the iPhone's new bootloader version 4.6 that was previously only achievable with a "testpoint based hardware unlock". On July 3, 2009, Hotz announced purplera1n, the first public software exploit for jailbreaking the iPhone 3GS. Details were posted on his blog.

On October 13, 2009, at 3:20AM Hotz released blackra1n, a jailbreak for all iPhones and iPod Touches. The only caveat was that the iPod touch third generation would need a "tethered jailbreak" to work. On October 30, 2009, Hotz released Blackra1n RC2, an update to his previous blackra1n utility. This version allows MC Model iPod Touch 2G (8 GB iPod Touch, third generation) and new-bootrom iPhone 3GS users to jailbreak their iPod touches as well. (tethered jailbreak only) On October 31, 2009, Hotz announced the impending release of Blackra1n RC3, this version to include blacksn0w which would allow SIM unlock of all iPhones using Blacksn0w RC1. Blacksn0w released on November 3, 2009.

On March 27, 2010, Hotz established a website for his newest jailbreak software, limera1n. On June 24, 2010, Hotz wrote on Twitter that he had no plans to release a new jailbreak. He has told people looking for a jailbreak release to 'keep an eye on Spirit,[11] the currently used program for 3.1.x jailbreaking. On July 10, 2010, Hotz published that he had been able to jailbreak an iPhone 4 running iOS 4.0. As evidence, he provided a picture of the device executing Cydia. On July 13, 2010, Hotz announced his retirement from jailbreaking, saying that it's not fun as it used to be, and people were taking too serious something he used to do just as a distraction.[12]

On October 8, 2010, Hotz confirmed he was releasing a Jailbreak on 10/11/10, one day after the release of Greenpois0n. He also posted a picture of limera1n running on an iPhone 3GS, iPod Touch fourth generation, iPhone 4 and on the iPad. On October 9, 2010, Hotz released limera1n Beta 1 – without support for the 3GS (due to a problem with the bootrom). This suspended the release of the SHAtter exploit in the form of greenpois0n, due for release the next day. On the limera1n website, he claims this was to make the Chronic Dev team "do the right thing" – presumably implying that they should save their jailbreak exploit for fifth generation devices. He later went on to release three more betas, containing support for iPhone 3GS models, along with various bug fixes and other stability enhancements. On October 11, 2010, Hotz released what appears to be the final version of his jailbreak (RC1b).[13] Hotz also put on his website that the Mac version of this jailbreak is "coming in 7 years", but was released about 2 weeks later.[14]

Hacking the PlayStation 3[edit]

Towards the end of 2009, Hotz announced his efforts to hack the Sony PlayStation 3, a console widely regarded as being the only fully locked and secure system of the seventh generation era. Hotz opened a blog to document his progress, and five weeks later, on January 22, 2010, he announced that he had successfully hacked the machine by enabling himself read and write access to the machine's system memory and having hypervisor level access to the machine's processor. Hotz detailed functions that his work could allow, such as homebrew and PlayStation 2 emulation (a feature removed by Sony in newer revisions of the console to tackle production costs and to increase profits).[15] On January 26, 2010, Hotz released the exploit to the public. It was done on the original firmware (OFW) 3.15, then using his codes he made it into a 3.15 CFW, or Custom Firmware. It requires the OtherOS function of the machine, and consists of a Linux kernel module and gaining control of the machine's hypervisor via bus glitching. Hotz wrote that "Sony may have difficulty patching the exploit". On March 28, 2010, Sony responded by announcing their intention to release a PlayStation 3 firmware update that would remove the OtherOS feature from all models,[16] a feature that was already absent on the newer Slim revisions of the machine. Hotz then announced plans of a custom firmware, similar to the custom firmware for the PlayStation Portable, to enable Linux and OtherOS support, while still retaining the features of newer firmwares.

On April 7, 2010, Hotz posted a video on the internet detailing his claimed progress with custom firmware on the machine, and showing a PlayStation 3 running with the OtherOS feature enabled on firmware 3.21. He named his custom firmware as 3.21OO, and suggested that it may also work on newer Slim models of the console. However, he didn't announce a release date for the custom firmware or mention whether he was working on the same hack for the latest firmware version of 3.41. It was never released. On July 13, 2010, Hotz posted a message on his Twitter account stating that he was giving up trying to crack the PS3 any further.[17] However, on January 2, 2011, he posted the root keys of the PlayStation 3 on his website.[18] These keys were later removed from his website as a result of legal action by Sony (see below). On January 6, 2011, he showed a demo of running homebrew applications on PS3 firmware 3.55 without using any jailbreak USB dongles, based on the discovery of the security exploit by the fail0verflow team.[19] On January 7, 2011, he showed off a demo video running homebrew applications on PlayStation 3 custom firmware 3.55.[20] On January 11, 2011, Sony filed an application for a temporary restraining order (TRO) against Hotz in the US District Court of Northern California.[21] The timeline of the lawsuit is continued below. On January 14, 2011, Hotz appeared in an interview on G4′s The Loop, where he explained why he jailbroke the Sony PlayStation 3.[22]

Sony lawsuit[edit]

After the root keys of the console were published, Sony took George Hotz to court. Subsequently Hotz has made a video on YouTube rapping a song about the "disaster" of Sony. Sony in turn has demanded social media sites, including YouTube, to hand over IP addresses of people who visited Geohot's social pages and videos; the latter being the case only for those who "watched the video and 'documents reproducing all records or usernames and IP addresses that have posted or published comments in response to the video'".[23]

PayPal has granted Sony access to Geohot's PayPal account,[24] and the judge of the case granted Sony permission to view the IP addresses of everyone who visited In April 2011, it was revealed that Sony and Hotz had settled the lawsuit out of court, on the condition that Hotz would never again resume any hacking work on Sony products.[25]

At the end of April 2011, hackers broke into the PlayStation Network and stole personal information of some 77 million users. Hotz denied any responsibility for the attack, and said "Running homebrew and exploring security on your devices is cool; hacking into someone else's server and stealing databases of user info is not cool".[23]

Employment by Facebook[edit]

On June 27, 2011, ZDNet freelance reporter, Emil Protalinski reported that according to a Facebook spokesman, Hotz had been hired by the company.[26] However, according to a CNET article, he had actually been employed since May, which was confirmed by Facebook.[27] It is unknown what his role at the company was. In January 2012, Hotz was no longer employed by Facebook.[8][28]

Employment by Google[edit]

On July 16, 2014, it was published that Google hired George Hotz to work on Project Zero.[29]

Rooting the AT&T and Verizon Galaxy S5[edit]

Hotz, known as geohot [30] on and also a Recognized Developer, discovered a root exploit itself built around Linux kernel CVE-2014-3153,[31] which was recently discovered by hacker Pinkie Pie, and it involves an issue in the Futex subsystem that in turn allows for privilege escalation. Although originally, released for the Verizon Galaxy S5, the root exploit will realistically be compatible with practically every device with an unpatched kernel–which at this point should be nearly every device not running a recent nightly build of a custom ROM with a patched kernel. As such, it has also already been tested and found to work with the AT&T Galaxy S5, Nexus 5, and Galaxy S4 Active. Despite initial issues, recent bug fix releases of the exploit have fixed compatibility issues with most models of the Galaxy Note 3.[32]

Other accomplishments and recognition[edit]

He was a finalist at the 2004 ISEF competition in Portland OR with his project "The Mapping Robot". Recognition included interviews on the Today Show and Larry King.[33] Hotz was a finalist at the 2005 ISEF competition, with his project "The Googler".[34] Continuing with robots, Hotz competed in his school's highly successful Titanium Knights battlebots team.

Hotz competed in the 2007 Intel International Science and Engineering Fair, a science competition for high school students, where his project, entitled "I want a Holodeck", received awards and prizes in several categories.[35] Hotz has received considerable attention in mainstream media, including interviews on the Today Show, Fox, CNN, NBC, CBS, G4, ABC,[36] CNBC,[2] and articles in several magazines, newspapers, and websites, including Forbes,[37] and BBC.[38]

In March 2008, PC World magazine listed George as one of the top 10 Overachievers under 21.[39] He entered the Rochester Institute of Technology in 2007, quickly after gaining notoriety for hacking the iPhone, but withdrew from the school after 1 quarter. In December 2007, Hotz travelled to Sweden to attend the Stockholm International Youth Science Seminar and talk about his 3D imaging invention (called Project Holodeck) that netted him a $20,000 Intel scholarship earlier that year.[40]

In August 2013, George attended DEFCON with Carnegie Mellon's Plaid Parliament of Pwning (PPP). PPP placed first in the CTF at DEFCON. George competed alone in CSAW 2013 where he took first place under the pseudonym tomcr00se.


  1. ^ Stone, Brad; John Biggs (August 25, 2007). "With Software and Soldering, AT&T's Lock on iPhone Is Undone". New York Times. p. C-1. Retrieved 2010-04-03. 
  2. ^ a b "Interview with 17 year old iPhone hacker". CNBC. September 30, 2007. 
  3. ^ Kronfeld, Melissa Jane; Liddy, Tom (2007-08-25). "IHACKED YOU! CODE-CRACKING N.J. KID 'FREES' APPLE CELL". New York Post. Post Wire Services. Retrieved 2011-10-20. 
  4. ^ "GEORGE HOTZ". Retrieved 24 March 2014. 
  5. ^ McKay, Martha (August 24, 2007). "Tech whiz cracks code tying it to AT&T network". Bergen County, New Jersey: The Record. Archived from the original on 2007-10-14. Retrieved 2011-10-20. 
  6. ^ above the law
  7. ^ The Register
  8. ^ a b "Machine Politics: The man who started the hacker wars.","The New Yorker", May 7, 2012, accessed April 30, 2012
  9. ^ Unlocked Iphone
  10. ^ Code to unlock iPhone cracked. Retrieved October 11, 2007.
  11. ^ Jailbreak by Spirit
  12. ^ GeoHot says Goodbye to iPhone Community. (2010-07-13). Retrieved on 2011-04-15.
  13. ^ "limera1n". Archived from the original on 2010-10-12. Retrieved 2012-01-12. 
  14. ^ "limera1n". Archived from the original on 2010-11-03. Retrieved 2012-01-12. 
  15. ^ Fildes, Jonathan (January 25, 2010). "PlayStation 3 'hacked' by iPhone cracker". BBC News. Retrieved January 25, 2010. 
  16. ^ PS3 Firmware (v3.21) Update – PlayStation Blog
  17. ^ The PS3 just too difficult to crack – Video Game News, Reviews, Previews and Blog. Retrieved on 2011-02-16.
  18. ^ "Geohot: Here is your PS3 Root Key! – Now with "HELLO WORLD" proof!". PSX-SCENE. 
  19. ^ "Geohot Releases dePKG – Firmware Package Decrypter". George Hotz. December 30, 2010. Retrieved January 13, 2012 through Internet archive. 
  20. ^ "Geohot Jailbreaks PlayStation 3 with Custom Firmware 3.55 (Video)". George Hotz. 
  21. ^ Motion for TRO. (2011-01-12). Retrieved on 2011-02-16.
  22. ^ GeoHot vs Sony – PS3 Jailbreak, Lawsuit and the Interview. Retrieved on 2012-10-30.[dead link]
  23. ^ a b Kravets, David (March 4, 2011). "Judge Lets Sony Unmask Visitors to PS3-Jailbreaking Site". Condé Nast Digital. Retrieved December 6, 2011. "A federal magistrate is granting Sony the right to acquire the internet IP addresses of anybody who has visited PlayStation 3 hacker George Hotz’s website from January 2009 to the present. Thursday’s decision by Magistrate Joseph Spero to allow Sony to subpoena Hotz’s web provider (.pdf) raises a host of web-privacy concerns. Respected for his iPhone hacks and now the PlayStation 3 jailbreak, Hotz is accused of breaching the Digital Millennium Copyright Act and other laws after he published an encryption key and software tools on his website that allow Playstation owners to gain complete control of their consoles from the firmware on up. Sony also won subpoenas (.pdf) for data from YouTube and Google, as part of its lawsuit against the 21-year-old New Jersey hacker, as well as Twitter account data linked to Hotz, who goes by the handle GeoHot." 
  24. ^ "George Hotz PayPal Subpoena Limited to California, Court Docs Reveal". 
  25. ^ Gilbert, Ben (April 11, 2011). "Sony and PlayStation 3 jailbreaker George Hotz settle out of court". Joystiq. AOL, Inc. Retrieved December 6, 2011. "After a short but rather storied history, infamous PlayStation 3 jailbreaker George "GeoHot" Hotz and Sony Computer Entertainment of America have settled their legal dispute, with a statement on the PlayStation Blog stating the two parties "reached an agreement in principle" around 10 days ago. According to said agreement, Hotz has "consented to a permanent injunction," meaning he super swears he won't do it again (legally speaking, of course), though no other terms are given. We were told by an SCEA rep that the terms of the settlement (beyond what was disclosed) are confidential." 
  26. ^ Protalinski, Emil (2011-06-27). "Geohot reportedly now works for Facebook (update: Facebook confirms)". News & Blogs / Friending Facebook (ZDNet). Retrieved 2011-10-20. 
  27. ^ Reisinger, Don (2011-06-28). "Geohot now a Facebook employee". The Digital Home (c|net). Archived from the original on 2011-10-16. Retrieved 2011-10-20. 
  28. ^ Famous iPhone Hacker George Hotz Has Left Facebook
  29. ^ Bright, Peter. "Google “Project Zero” hopes to find zero-day vulnerabilities before the NSA". Ars Technica. Condé Nast. Retrieved 16 July 2014. 
  30. ^
  31. ^ {
  32. ^
  33. ^ Society for Science & the Public – Intel ISEF – 2004 Portland SAO Award Winners. Retrieved on 2011-02-16.
  34. ^ Photos - Intel Science and Engineering Fair 2005. Retrieved on 2011-04-15.
  35. ^ Grand Awards Ceremony of the Intel International Science and Engineering Fair 2007. Intel Education. Retrieved August 24, 2007.
  36. ^ YouTube – Teen 'Unlocks' iPhone From AT&T Network
  37. ^ Junior R&D - Retrieved on 2011-04-15.
  38. ^ Fildes, Jonathan (January 25, 2010). "PlayStation 3 'hacked' by iPhone cracker". BBC News. Retrieved 2009-01-25. 
  39. ^ Tynan, Dan. (2008-03-09) Meet the Whiz Kids: 10 Overachievers Under 21 - Page 10. PCWorld. Retrieved on 2011-04-15.
  40. ^ (Swedish) Participants / SIYSS / Verksamhet / Förbundet Unga Forskare - Förbundet Unga Forskare. (2008-04-23). Retrieved on 2011-04-15.

External links[edit]