George Hotz

From Wikipedia, the free encyclopedia
Jump to: navigation, search
George Hotz
George Hotz.jpg
Born George Francis Hotz Jr.
(1989-10-02) October 2, 1989 (age 24)
Glen Rock, New Jersey, USA
Nationality American
Other names geohot
Alma mater Carnegie Mellon University
Bergen County Academies
Website
www.geohot.com

George Francis Hotz (born October 2, 1989), alias geohot, is an American hacker known for unlocking the iPhone, allowing the phone to be used with other wireless carriers, contrary to AT&T's and Apple's intentions.[1][2] He developed the limera1n jailbreak tool and bootrom exploit for iOS. He is also noted for his technical efforts and publicity with reverse engineering the PlayStation 3 video game console, and for subsequently being sued by and settling with Sony.

Personal life[edit]

He attended the Bergen County Academies, a magnet public high school. He was in AEDT (Academy for Engineering and Design Technology).[3] Hotz is an alumnus of the Johns Hopkins Center for Talented Youth program.[4]

iOS device security[edit]

In August 2007, seventeen year old George Hotz became the first person reported to carrier unlock an iPhone.[5][6][7][8] According to Hotz's blog, he traded his second unlocked 8 GB iPhone to Terry Daidone, the founder of Certicell, for a Nissan 350Z and three 8 GB iPhones.

In September 2007, an anonymous group achieved a software-only unlocking method to complement Hotz's hardware-based unlocking method.[9]

On July 13, 2010, Hotz announced the discontinuation of his jailbreaking activities, citing demotivation over the technology and the unwanted personal attention.[10] Nevertheless, he continued to release new software-based jailbreak techniques through October 2010.

PlayStation 3 security[edit]

In December 2009, Hotz announced his initial intentions to breach security on the Sony PlayStation 3. Five weeks later, on January 22, 2010, he announced that he had performed his first theoretical achievement. This consists of the initial read and write access to the machine's system memory as well as hypervisor level access to the machine's CPU.[11]

On January 26, 2010, Hotz released the exploit to the public. On March 28, 2010, Sony responded by announcing their intention to release a PlayStation 3 firmware update that would retroactively remove the OtherOS feature from all models,[12] a feature that was already absent on the newer Slim revisions of the machine.

On July 13, 2010, never having achieved any method of reading, installing, or modifying software on the PS3, Hotz posted a message on his Twitter account stating that he had abandoned his efforts of trying to crack the PS3 any further due to the system security's extreme difficulty.[13]

On December 29, 2010, notable hacking group fail0verflow, known for the reverse engineering of security models found in consumer electronics devices, performed an academic presentation at the 27th Chaos Communications Congress technical conference, of their accomplishments with the PlayStation 3. They presented the methods they'd devised for having successfully penetrated the device's security model, yielding the root signing and encryption keys. These keys are the essential element of a full (and even minimally usable) breach, capable of installing and running any new software on any PlayStation 3 unit.[14][15]

On January 2, 2011, Hotz posted a copy of the root keys of the PlayStation 3 on his website.[16] These keys were later removed from his website as a result of legal action by Sony against fail0verflow and himself. In response to Hotz's continued publication of PS3 exploit information, Sony filed on January 11, 2011 for an application for a temporary restraining order (TRO) against him in the US District Court of Northern California.[17] On January 14, 2011, Hotz appeared in an interview on G4's The Loop, where he explained his involvement with the PlayStation 3.[18][19]

Sony lawsuit[edit]

After the root keys of the console were published, Sony initiated litigation against George Hotz and predecessor PlayStation 3 hacking group known as fail0verflow. Hotz published his commentary on the case, including a song about the "disaster" of Sony.[20] Sony in turn has demanded social media sites, including YouTube, to hand over IP addresses of people who visited Geohot's social pages and videos; the latter being the case only for those who "watched the video and 'documents reproducing all records or usernames and IP addresses that have posted or published comments in response to the video'".[21]

PayPal has granted Sony access to Geohot's PayPal account,[22] and the judge of the case granted Sony permission to view the IP addresses of everyone who visited geohot.com. In April 2011, it was revealed that Sony and Hotz had settled the lawsuit out of court, on the condition that Hotz would never again resume any hacking work on Sony products.[23]

At the end of April 2011, hackers broke into the PlayStation Network and stole personal information of some 77 million users. Hotz denied any responsibility for the attack, and said "Running homebrew and exploring security on your devices is cool; hacking into someone else's server and stealing databases of user info is not cool".[21]

Career[edit]

In addition to having made a meaningful side income from public donations solicited for his free-of-charge iPhone software,[6] Hotz has been employed at Facebook and Google.

On June 27, 2011, ZDNet freelance reporter, Emil Protalinski reported that according to a Facebook spokesman, Hotz had been hired by the company to an unknown role.[24] However, according to a CNET article, he had actually been employed since May, which was confirmed by Facebook.[25] In January 2012, Hotz was no longer employed by Facebook.[6][26]

On July 16, 2014, Google reportedly hired George Hotz to work in their software security auditing team. Called Project Zero, the team "hopes to find zero-day vulnerabilities before the NSA".[27]

Recognitions[edit]

George Hotz was a finalist at the 2004 ISEF competition in Portland, Oregon with his project "The Mapping Robot". Recognition included interviews on the Today Show and Larry King.[28] Hotz was a finalist at the 2005 ISEF competition, with his project "The Googler".[29] Continuing with robots, Hotz competed in his school's highly successful Titanium Knights battlebots team.

Hotz competed in the 2007 Intel International Science and Engineering Fair, a science competition for high school students, where his 3D imaging project, entitled "I want a Holodeck", received awards and prizes in several categories including a $20,000 Intel scholarship.[30] He travelled to Sweden to speak about the project at the Stockholm International Youth Science Seminar.[31]

Hotz has received considerable attention in mainstream media, including interviews on the Today Show, Fox, CNN, NBC, CBS, G4, ABC,[32] CNBC,[2] and articles in several magazines, newspapers, and websites, including Forbes,[33] and BBC.[34]

In March 2008, PC World magazine listed George as one of the top 10 Overachievers under 21.[35]

In August 2013, George attended DEFCON with Carnegie Mellon's Plaid Parliament of Pwning (PPP). PPP placed first in the CTF at DEFCON. George competed alone in CSAW 2013 where he took first place under the pseudonym tomcr00se.

See also[edit]

  • Blackra1n, an iPhone jailbreak application produced by George Hotz

References[edit]

  1. ^ Stone, Brad; John Biggs (August 25, 2007). "With Software and Soldering, AT&T's Lock on iPhone Is Undone". New York Times. p. C-1. Retrieved April 3, 2010. 
  2. ^ a b "Interview with 17 year old iPhone hacker". CNBC. September 30, 2007. 
  3. ^ McKay, Martha (August 24, 2007). "Tech whiz cracks code tying it to AT&T network". Bergen County, New Jersey: The Record. Archived from the original on October 14, 2007. Retrieved October 20, 2011. 
  4. ^ "GEORGE HOTZ". Retrieved March 24, 2014. 
  5. ^ title=Unlocked iPhone Video on YouTube
  6. ^ a b c "Machine Politics: The man who started the hacker wars.","The New Yorker", May 7, 2012, accessed April 30, 2012
  7. ^ Kronfeld, Melissa Jane; Liddy, Tom (August 25, 2007). "IHACKED YOU! CODE-CRACKING N.J. KID 'FREES' APPLE CELL". New York Post. Post Wire Services. Retrieved October 20, 2011. 
  8. ^ Unlocked Iphone
  9. ^ "Code to unlock iPhone cracked". CNN. September 1, 2007. Retrieved August 2, 2014. 
  10. ^ GeoHot says Goodbye to iPhone Community. Tech-exclusive.com (July 13, 2010). Retrieved on April 15, 2011.
  11. ^ Fildes, Jonathan (January 25, 2010). "PlayStation 3 'hacked' by iPhone cracker". BBC News. Retrieved January 25, 2010. 
  12. ^ PS3 Firmware (v3.21) Update – PlayStation Blog
  13. ^ The PS3 just too difficult to crack – GamingBolt.com: Video Game News, Reviews, Previews and Blog. GamingBolt.com. Retrieved on February 16, 2011.
  14. ^ "Console Hacking 2010: PS3 Epic Fail". Chaos Communication Congress. fail0verflow. December 29, 2010. Retrieved August 2, 2014. 
  15. ^ 27C3 - Chaos Communication Congress 2010 - fail0verflow on YouTube
  16. ^ "Geohot: Here is your PS3 Root Key! – Now with "HELLO WORLD" proof!". PSX-SCENE. 
  17. ^ Motion for TRO. Scribd.com (January 12, 2011). Retrieved on February 16, 2011.
  18. ^ Sony vs. GeoHot Hacker Lawsuit. G4. January 13, 2011. Retrieved August 3, 2014. 
  19. ^ "GeoHot vs Sony – PS3 Jailbreak, Lawsuit and the Interview". Newsden. January 16, 2011. Archived from the original on July 24, 2012. Retrieved August 2, 2014. 
  20. ^ The Light It Up Contest on YouTube
  21. ^ a b Kravets, David (March 4, 2011). "Judge Lets Sony Unmask Visitors to PS3-Jailbreaking Site". Wired.com. Condé Nast Digital. Retrieved December 6, 2011. "A federal magistrate is granting Sony the right to acquire the internet IP addresses of anybody who has visited PlayStation 3 hacker George Hotz’s website from January 2009 to the present. Thursday’s decision by Magistrate Joseph Spero to allow Sony to subpoena Hotz’s web provider (.pdf) raises a host of web-privacy concerns. Respected for his iPhone hacks and now the PlayStation 3 jailbreak, Hotz is accused of breaching the Digital Millennium Copyright Act and other laws after he published an encryption key and software tools on his website that allow Playstation owners to gain complete control of their consoles from the firmware on up. Sony also won subpoenas (.pdf) for data from YouTube and Google, as part of its lawsuit against the 21-year-old New Jersey hacker, as well as Twitter account data linked to Hotz, who goes by the handle GeoHot." 
  22. ^ "George Hotz PayPal Subpoena Limited to California, Court Docs Reveal". 
  23. ^ Gilbert, Ben (April 11, 2011). "Sony and PlayStation 3 jailbreaker George Hotz settle out of court". Joystiq. AOL, Inc. Retrieved December 6, 2011. "After a short but rather storied history, infamous PlayStation 3 jailbreaker George "GeoHot" Hotz and Sony Computer Entertainment of America have settled their legal dispute, with a statement on the PlayStation Blog stating the two parties "reached an agreement in principle" around 10 days ago. According to said agreement, Hotz has "consented to a permanent injunction," meaning he super swears he won't do it again (legally speaking, of course), though no other terms are given. We were told by an SCEA rep that the terms of the settlement (beyond what was disclosed) are confidential." 
  24. ^ Protalinski, Emil (June 27, 2011). "Geohot reportedly now works for Facebook (update: Facebook confirms)". News & Blogs / Friending Facebook (ZDNet). Retrieved October 20, 2011. 
  25. ^ Reisinger, Don (June 28, 2011). "Geohot now a Facebook employee". The Digital Home (c|net). Archived from the original on October 16, 2011. Retrieved October 20, 2011. 
  26. ^ Famous iPhone Hacker George Hotz Has Left Facebook
  27. ^ Bright, Peter. "Google “Project Zero” hopes to find zero-day vulnerabilities before the NSA". Ars Technica. Condé Nast. Retrieved July 16, 2014. 
  28. ^ Society for Science & the Public – Intel ISEF – 2004 Portland SAO Award Winners. Societyforscience.org. Retrieved on February 16, 2011.
  29. ^ Photos - Intel Science and Engineering Fair 2005. Intel.com. Retrieved on April 15, 2011.
  30. ^ Grand Awards Ceremony of the Intel International Science and Engineering Fair 2007. Intel Education. Retrieved August 24, 2007.
  31. ^ (Swedish) Participants / SIYSS / Verksamhet / Förbundet Unga Forskare - Förbundet Unga Forskare. Web.archive.org (April 23, 2008). Retrieved on April 15, 2011.
  32. ^ YouTube – Teen 'Unlocks' iPhone From AT&T Network
  33. ^ Junior R&D - Forbes.com. Members.forbes.com. Retrieved on April 15, 2011.
  34. ^ Fildes, Jonathan (January 25, 2010). "PlayStation 3 'hacked' by iPhone cracker". BBC News. Retrieved January 25, 2009. 
  35. ^ Tynan, Dan. (March 9, 2008) Meet the Whiz Kids: 10 Overachievers Under 21 - Page 10. PCWorld. Retrieved on April 15, 2011.

External links[edit]