George Hotz | |
|---|---|
 Hotz in 2016 | |
| Born | George Francis Hotz (1989-10-02)October 2, 1989 (age 36) Glen Rock, New Jersey, U.S. |
| Other names | geohot, tomcr00se |
| Years active | 2007–present |
| Known for |
|
| Website | Official website |
George Francis Hotz (born October 2, 1989), aliasgeohot, is an Americansecurity hacker, entrepreneur,[1] andsoftware engineer. He is known for developingiOS jailbreaks,[2][3] reverse engineering thePlayStation 3, and for the subsequentlawsuit brought against him by Sony. From September 2015 until November 2025, he worked on hisvehicle automationmachine learning companycomma.ai.[4] Since November 2022, Hotz has been working on tinygrad, a deep learning framework.
Hotz attended the Academy for Engineering and Design Technology at theBergen County Academies, amagnetpublic high school inHackensack, New Jersey.[5] Hotz is an alumnus of theJohns Hopkins Center for Talented Youth program.[6] Hotz also briefly attendedRochester Institute of Technology[7] andCarnegie Mellon University.
In August 2007, seventeen-year-old George Hotz became the first person reported to remove theSIM lock on an iPhone.[8][9][10][11] He traded his second unlocked 8 GB iPhone to Terry Daidone, the founder of CertiCell, for aNissan 350Z and three 8 GB iPhones.[12]
In October 2009, Hotz releasedblackra1n. It was compatible with all iPhone and iPod Touch devices runningiOS 3.1.2.[13][14]
On July 13, 2010, Hotz announced the discontinuation of his jailbreaking activities, citing demotivation over the technology and the unwanted personal attention.[15] Nevertheless, he continued to release new software-based jailbreak techniques until October 2010.[16]
One of his last works, limera1n, was publicly disclosed in October 2010.[17]
In December 2009, Hotz announced his initial intentions to breach security on thePlayStation 3.[18] On January 22, 2010, he announced that he had gained read and write access to the machine's system memory as well ashypervisor level access to the machine's CPU.[19][20]
On January 26, 2010, Hotz released theexploit to the public. On March 28, 2010, Sony responded by announcing their intention to release a PlayStation 3firmware update that would remove theOtherOS feature from all models,[21] a feature that was already absent on the newer Slim revisions of the machine.[22]
On July 13, 2010, Hotz posted a message on his Twitter account stating that he had abandoned his efforts.[23]
On December 29, 2010, hacking group fail0verflow did a presentation at the 27thChaos Communications Congress where they exposed a mistake of Sony in their usage ofECDSA signatures without publishing the corresponding private key. This key was used by Sony to prevent piracy.[24][25] On January 2, 2011, Hotz posted a copy of the private key of the PlayStation 3 on his website.[26] These keys were later removed from his website as a result oflegal action by Sony against fail0verflow and Hotz. In response to his continued publication of PS3 exploit information, Sony filed on January 11, 2011, for an application for a temporary restraining order (TRO) against him in the US District Court of Northern California.[27][28][29]
Hotz published his commentary on the case, including a song about the "disaster" of Sony.[30] Sony in turn has demanded that social media sites, including YouTube, hand over IP addresses of people who visited Geohot's social pages and videos, the latter being the case only for those who "watched the video and 'documents reproducing all records or usernames and IP addresses that have posted or published comments in response to the video".[31]
PayPal granted Sony access to Geohot's PayPal account contribution transactions,[32] and the judge of the case granted Sony permission to view the IP addresses of everyone who visited geohot.com. In April 2011, it was revealed that Sony and Hotz had settled the lawsuit out of court, on the condition that Hotz would never again resume any hacking work on Sony products.[33]
In June 2014, Hotz[34] published aroot exploit software hack forSamsung Galaxy S5 devices used in the US market.[35] The exploit is built around the CVE-2014-3153 vulnerability,[36][37] which was discovered by hacker Pinkie Pie, and it involves an issue in thefutex subsystem that in turn allows forprivilege escalation. The exploit, known astowelroot, was designated as a "one-click Android rooting tool".[37]
Although originally released for the Verizon Galaxy S5, the root exploit was made compatible with most Android devices available at that time. For example, it was tested and found to work with the AT&T Galaxy S5, Nexus 5, and Galaxy S4 Active. Updates continued to be applied to the root exploit to increase its capabilities with other devices running Android.[38] Updates to the Android operating system closed the source of the exploit. Samsung officially responded to the towelroot exploit by releasing updated software designed to be immune from the exploit.[39]
Hotz made a meaningful side income from public donations solicited for his security exploits.[9]
Hotz worked atFacebook between May 2011 and January 2012.[40][41][9][42]
On July 16, 2014,Google hired Hotz to work with theProject Zero team[43] where he developed Qira fordynamically analysing application binaries.[44]
Hotz was employed at thestartupVicarious from January until July 2015.[45]
In 2022, shortly after theacquisition of Twitter by Elon Musk, Hotz announced that he had joinedthe company for a 12-week internship, with the task of fixing Twitter search as well as removing the pop up log-in screen displayed to users scrolling without being logged in to an account.[46] On December 20, after less than 5 weeks at the role, he resigned, stating “appreciate the opportunity, but didn’t think there was any real impact I could make there”.[47][48]
Hotz founded comma.ai in September 2015 to developadvanced driver-assistance systems usingmachine learning.[4] He demonstrated an early prototype, a self-drivingAcura ILX, on California'sInterstate 280, which resulted in a cease-and-desist letter from theCalifornia Department of Motor Vehicles.[49]
The company initially planned to sell an aftermarket device called the "comma one," but canceled it in October 2016 after theNational Highway Traffic Safety Administration requested information about its compliance withFederal Motor Vehicle Safety Standards.[50] A month later, comma.ai released its driving software,openpilot, asopen-source software.[51]
The company subsequently developed hardware devices to run openpilot, including the comma two (2020) and comma three (2021). In November 2020,Consumer Reports ranked openpilot above all other advanced driver-assistance systems, includingTesla Autopilot,Cadillac Super Cruise, and Ford Co-Pilot 360, particularly for driver engagement and ease of use.[52] As of 2025, openpilot supports over 300 vehicle models, with users having accumulated over 100 million miles driven.[53]
Hotz stepped down from day-to-day leadership of comma.ai in October 2022, citing that the company had matured beyond the stage where his skills were best suited, though he remained on the board.[54] He departed the company entirely in November 2025.[55]
Hotz founded tiny corp on November 5, 2022. tiny corp aims to portmachine learning instruction sets to hardware accelerators.[56][57]
On May 24, 2023, tiny corp announced that they raised $5.1M to build computers for machine learning and develop a neural network framework called tinygrad.[58] tinygrad, the neural network framework developed by tiny corp, aims to provide a balance between the simplicity ofAndrej Karpathy's micrograd framework and the functionality of thePyTorch framework.[59] tinygrad aims to realize performance gains over PyTorch through a number of optimizations, includingdynamic compilation, fusing of operations, and a greatly simplified backend.[60] tinygrad is currently used to enable comma.ai's openpilot framework to run on the company's dedicated hardware, which includes aSnapdragon 845 GPU.[61]
Additionally, tiny corp builds the tinybox, a $15,000 AI computer aimed at local model training and inference, serving as a personal compute cluster.[62]
Hotz was a finalist at the 2004Intel International Science and Engineering Fair (ISEF), a science competition for high school students, in Portland, Oregon with his project "The Mapping Robot". Recognition included interviews on theToday Show andLarry King Show.[63] Hotz was a finalist at the 2005 ISEF competition, with his project "The Googler".[64]
Hotz competed at the 2007 ISEF where his 3D imaging project, entitled "I want aHolodeck", received awards and prizes in several categories including a $20,000 Intel scholarship.[65] He travelled to Sweden to speak about the project at theStockholm International Youth Science Seminar.[66]
In March 2008,PC World listed Hotz as one of the top 10 Overachievers under 21.[67]
In August 2013, Hotz attended theDEF CON hacker convention with Carnegie Mellon's Plaid Parliament of Pwning (PPP). PPP placed first in the DEF CONCapture the Flag (CTF) tournament.[68] Later in 2013, Hotz also competed in the 2013New York University Tandon School of Engineering Cyber Security Awareness Week (CSAW). Working alone, Hotz took first place under the pseudonym tomcr00se.[69] In August 2014, Hotz once again competed as part of Carnegie Mellon's PPP to win the DEF CON CTF tournament for a second year in a row. The team also won the DEF CON "Crack Me If You Can" tournament.[70]
In 2013, Hotz began makinghip hop music on hisSoundCloud, tomcr00se. As of April 2025,[update] he has made 28 original songs and covers.[71]
Hotz also has aTwitch channel, where he frequently does programming livestreams. As of April 2025,[update] his twitch channel has over 83k followers.[72]
In February 2020, Hotz founded the cheapETH crypto currency.[73]
A federal magistrate is granting Sony the right to acquire the internet IP addresses of anybody who has visited PlayStation 3 hacker George Hotz's website from January 2009 to the present. Thursday's decision by Magistrate Joseph Spero to allow Sony to subpoena Hotz's web provider (.pdf) raises a host of web-privacy concerns. Respected for his iPhone hacks and now the PlayStation 3 jailbreak, Hotz is accused of breaching the Digital Millennium Copyright Act and other laws after he published an encryption key and software tools on his website that allow Playstation owners to gain complete control of their consoles from the firmware on up. Sony also won subpoenas (.pdf) for data from YouTube and Google, as part of its lawsuit against the 21-year-old New Jersey hacker, as well as Twitter account data linked to Hotz, who goes by the handle GeoHot.
After a short but rather storied history, infamous PlayStation 3 jailbreaker George "GeoHot" Hotz and Sony Computer Entertainment of America have settled their legal dispute, with a statement on the PlayStation Blog stating the two parties "reached an agreement in principle" around 10 days ago. According to said agreement, Hotz has "consented to a permanent injunction," meaning he super swears he won't do it again (legally speaking, of course), though no other terms are given. We were told by an SCEA rep that the terms of the settlement (beyond what was disclosed) are confidential.
{{cite web}}: CS1 maint: archived copy as title (link){{cite web}}: CS1 maint: archived copy as title (link)
