George Hotz

Date

George Francis Hotz, born on October 2, 1989, is also known as geohot. He is an American computer security expert, business owner, and software developer. He is famous for creating tools to bypass restrictions on iOS devices, figuring out how the PlayStation 3 works, and facing a legal case from Sony.

George Francis Hotz, born on October 2, 1989, is also known as geohot. He is an American computer security expert, business owner, and software developer. He is famous for creating tools to bypass restrictions on iOS devices, figuring out how the PlayStation 3 works, and facing a legal case from Sony. From September 2015 to November 2025, he was employed by comma.ai, a company focused on vehicle automation using machine learning. Since November 2022, Hotz has been working on tinygrad, a program designed for deep learning tasks.

Education

Hotz studied at the Academy for Engineering and Design Technology at the Bergen County Academies, a special public high school in Hackensack, New Jersey. He graduated from the Johns Hopkins Center for Talented Youth program. He also studied for a short time at Rochester Institute of Technology and Carnegie Mellon University.

Security research

In August 2007, seventeen-year-old George Hotz became the first person reported to remove the SIM lock on an iPhone. He traded his second unlocked 8 GB iPhone to Terry Daidone, the founder of CertiCell, for a Nissan 350Z and three 8 GB iPhones.

In October 2009, Hotz released blackra1n. It worked with all iPhone and iPod Touch devices using iOS 3.1.2.

On July 13, 2010, Hotz announced he would stop his jailbreaking activities, saying he was no longer motivated by the technology and the unwanted attention it brought. However, he continued to share new jailbreak methods until October 2010.

One of his last works, limera1n, was made public in October 2010.

In December 2009, Hotz announced plans to break the security on the PlayStation 3. On January 22, 2010, he said he had gained access to the machine’s system memory and hypervisor level access to its CPU.

On January 26, 2010, Hotz shared the exploit with the public. On March 28, 2010, Sony announced plans to release a firmware update that would remove the OtherOS feature from all PlayStation 3 models, a feature already missing on newer models.

On July 13, 2010, Hotz posted on his Twitter account that he had stopped his efforts.

On December 29, 2010, a hacking group called fail0verflow presented a report at the 27th Chaos Communications Congress, revealing a mistake Sony made in using ECDSA signatures without sharing the private key. On January 2, 2011, Hotz posted the private key for the PlayStation 3 on his website. These keys were later removed after legal action by Sony against fail0verflow and Hotz. In response to Hotz’s continued sharing of PlayStation 3 exploit details, Sony asked a court to issue a temporary restraining order (TRO) against him in the US District Court of Northern California.

Hotz shared his thoughts about the case, including a song about Sony’s "disaster." Sony requested that social media sites like YouTube provide IP addresses of people who visited Hotz’s pages or watched his videos. This request applied only to those who "watched the video and 'documents reproducing all records or usernames and IP addresses that have posted or published comments in response to the video."

PayPal allowed Sony to access Hotz’s PayPal account transaction history. The court also allowed Sony to view the IP addresses of everyone who visited geohot.com. In April 2011, it was reported that Sony and Hotz reached a settlement out of court, with Hotz agreeing never to hack Sony products again.

In June 2014, Hotz released a root exploit for Samsung Galaxy S5 devices in the US market. The exploit used the CVE-2014-3153 vulnerability, discovered by hacker Pinkie Pie, which involved a problem in the futex subsystem that allowed users to gain higher access rights. The exploit, called towelroot, was described as a "one-click Android rooting tool."

Originally designed for the Verizon Galaxy S5, the exploit was later made compatible with most Android devices available at the time, including the AT&T Galaxy S5, Nexus 5, and Galaxy S4 Active. Updates were added to expand its use with other Android devices. Later Android updates fixed the security flaw. Samsung responded by releasing updated software to prevent the exploit from working.

Career

Hotz earned extra money through public donations related to his security work. He worked at Facebook from May 2011 to January 2012. On July 16, 2014, Google hired Hotz to join the Project Zero team, where he created Qira, a tool for analyzing software code in real-time. He was employed at the startup Vicarious from January to July 2015.

In 2022, shortly after Elon Musk bought Twitter, Hotz joined the company for a 12-week internship. His tasks included improving Twitter search and removing a pop-up login screen shown to users who were not logged in. After less than five weeks, he left, saying, “I appreciate the opportunity, but didn’t think there was any real impact I could make there.”

Hotz started comma.ai in September 2015 to create advanced driver-assistance systems using machine learning. He tested an early self-driving car, an Acura ILX, on California’s Interstate 280, which led to a legal warning from the California Department of Motor Vehicles.

The company planned to sell a device called the “comma one” but canceled the plan in October 2016 after the National Highway Traffic Safety Administration asked about its safety standards. A month later, comma.ai released its driving software, openpilot, as free-to-use software.

The company later developed hardware to run openpilot, including the comma two (2020) and comma three (2021). In November 2020, Consumer Reports ranked openpilot higher than other systems, such as Tesla Autopilot, Cadillac Super Cruise, and Ford Co-Pilot 360, especially for driver engagement and ease of use. As of 2025, openpilot supports over 300 car models, with users driving more than 100 million miles using the system.

Hotz stepped down from daily leadership of comma.ai in October 2022, saying the company had grown beyond the stage where his skills were best suited. He remained on the board until November 2025, when he left the company entirely.

Hotz started tiny corp on November 5, 2022. The company focuses on adapting machine learning instruction sets for hardware accelerators. On May 24, 2023, tiny corp announced it raised $5.1 million to build computers for machine learning and develop a neural network framework called tinygrad. Tinygrad aims to combine the simplicity of a framework called micrograd with the features of PyTorch. It seeks to improve performance through methods like dynamic compilation, combining tasks, and a simplified system. Tinygrad is currently used to run comma.ai’s openpilot software on hardware, including a Snapdragon 845 GPU.

Additionally, tiny corp builds the tinybox, a $15,000 AI computer designed for local model training and use, acting as a personal computing cluster.

Other activities and recognition

Hotz was a finalist at the 2004 Intel International Science and Engineering Fair (ISEF), a science competition for high school students, in Portland, Oregon, with his project "The Mapping Robot." He was interviewed on the Today Show and Larry King Show. Hotz was a finalist at the 2005 ISEF competition with his project "The Googler."

In 2007, Hotz competed at the ISEF with his 3D imaging project, named "I want a Holodeck." He received awards and prizes in several categories, including a $20,000 Intel scholarship. He traveled to Sweden to present his project at the Stockholm International Youth Science Seminar.

In March 2008, PC World listed Hotz as one of the top 10 Overachievers under 21.

In August 2013, Hotz attended the DEF CON hacker convention with Carnegie Mellon's Plaid Parliament of Pwning (PPP). PPP won first place in the DEF CON Capture the Flag (CTF) tournament. Later that year, Hotz competed in the 2013 New York University Tandon School of Engineering Cyber Security Awareness Week (CSAW). Working alone, he took first place under the name tomcr00se. In August 2014, Hotz competed again with PPP and won the DEF CON CTF tournament for the second year in a row. The team also won the DEF CON "Crack Me If You Can" tournament.

In 2013, Hotz began making hip hop music on his SoundCloud account, tomcr00se. As of April 2025, he has created 28 original songs and covers.

Hotz also has a Twitch channel, where he often streams programming content. As of April 2025, his Twitch channel has over 83,000 followers.

In February 2020, Hotz founded the cryptocurrency called cheapETH.

More
articles

Powered by
Necessary cookies enable essential site features like secure log-ins and consent preference adjustments. They do not store personal data.
None
Functional cookies support features like content sharing on social media, collecting feedback, and enabling third-party tools.
None
Analytical cookies track visitor interactions, providing insights on metrics like visitor count, bounce rate, and traffic sources.
None
Advertisement cookies deliver personalized ads based on your previous visits and analyze the effectiveness of ad campaigns.
None
Powered by