George Hotz: Security Hacker and Entrepreneur

George Hotz, also known as Geohot, is one of the most famous hackers in the world. He was born in October 1989 in the USA and first made international news at the age of 17 when he was able to successfully jailbreak an iPhone 8. Since then, he’s gone on to reverse engineer Sony PlayStation 3 and developed a root exploit software hack for Samsung Galaxy 5.

He had short stints working for Facebook and Google as a software security engineer, before leaving to focus on his startup, Comma.ai. The startup is working on disrupting the self-driving car industry.

Hotz attended high school at a magnet school in Hackensack, New Jersey From there he enrolled in the Academy for Engineering and Design Technology. He also graduated from the Johns Hopkins Center for Talented Youth and was a student at the Rochester Institute of Technology and Carnegie Mellon University for a short time.

Hotz always had a talent for technology, he was probably drawn to it because his father was a technology teacher at the local Catholic school. At the age of 14, he built a robot that could measure the dimensions of a room and was a finalist in the Intel International Science & Engineering Fair.  Several years after that he designed a robot that could read brain frequency and knew whether a person wanted it to turn right or left.

While still in high school, at just 17 years old, Hotz became the first person to unlock an iPhone. According to his personal blog, Hotz was able to jailbreak an 8GB iPhone, which he then traded for a car and three more iPhones.

Two years later, in 2009, Hotz released a jailbreak code, named blackrahn, that was compatible with iPhone and iPad devices running iOS 3.1.2.

The following year Hotz retired from the iPhone jailbreaking scene because he said he didn’t enjoy the attention and notoriety it was bringing him.

As Hotz was winding down his iOS jailbreak career, he announced that his next target was Sony PlayStation 3. His plan was to breach the device’s security and see what data he could collect. On January 22, 2010, Hotz announced that his mission was a success. He was able to bypass the security features and had complete access to the machine’s system memory and hypervisor level access to the PS3 CPU.

Four days later he released his exploits on a public forum. Sony responded to the security break in late March of the same year that it was releasing a firmware update that would remove the OtherOS feature from all PlayStation 3s, rendering his hack useless. Hotz announced on July 13 of the same year that he was no longer going after Sony PlayStation.

However, a few months later a hacking group known as failOverflow gave a presentation to the 27^th Chaos Communications Congress that exposed a major vulnerability is in the ECDSA signature. Sony published the signature without a key, that was supposed to be used to prevent piracy. Just after New Year’s 2011 Hotz published the private key on his Geohot website, allowing gamers to pirate and upload games to their PlayStation 3 consoles.

Sony took Hotz and failOverflow to court and filed a temporary restraining order against him. Hotz responded by publishing the details of the case on his social media channels, including a video on YouTube called “Disaster,” which was about Sony. The tech giant demanded that all social media sites give them the IP addresses and usernames of everyone that viewed the Geohot social media account and viewed the videos.

In the end, PayPal offered Sony the data from Geohot’s account, and the judge granted them permission to view all the IP addresses. The case never reached a verdict as Sony and Hotz reached an out-of-court settlement with Hotz promising never to hack another Sony product.

Hotz set his targets on Android for his next security hack and was successful in 2914. He published a root exploit software hack for the Samsung Galaxy S5. The hack was known as towelroot and was built around Linux kernel CVE-2014-3152, which allows for privilege escalation. The hack was designed as a “one-click Android rooting tool.”

Even though the hack targeted the Galaxy 5, it was compatible with other major brands running Android such as AT&T, Nexus, and Galaxy. Hotz continued to update the software so it would be compatible with more Android devices. However, it wasn’t long before Android updated its OS and patched the vulnerability.

Hotz founded Comma.ai in 2015 and started focusing on technology that would add self driving capabilities to any late model car. He tested his Artificial Intelligence algorithm in his 2016 Acura, and let it drive on a major California highway. Even though the test went well, Hotz received a cease-and-desist letter from the California Department of Motor Vehicles.

Hotz approached Elon Musk to see if Tesla wanted to purchase his algorithm. Hotz claimed that instead, Musk offered $12 million dollars if he could develop an autonomous driving system that could outperform the MobilEye technology Tesla was using. Musk, and Tesla, denied this report and said that all its components are developed in-house.

In 2016 the National Highway Traffic Safety Administration sent Hotz a letter informing him that his technology needed to comply with safety and security standards before it could go on the road. In response, Hotz released an open-source version of his autopilot algorithm, stating anyone can use it for research without a warranty.

Hotz continued to challenge Tesla, saying that he could create a better version of an autonomous vehicle, but at the same time he said that self driving cars “are a scam.” He claims that any actual self driving car is significantly worse than a car being driven by a person. Instead, his focus is on technology that works with a driver.

The original version of autopilot can be installed by purchasing three gadgets and installing the free open-source software. Autopilot is compatible with most late model Toyota and Honda cars, and it can be installed in under an hour. The technology allows the car to stay in its lane and maintain a steady speed, without the driver needing to touch the wheel.

Currently, Hotz is developing the fourth generation of Autopilot, which has worked out some of the kinks from the earlier version. The software can be plugged into the car and takes connects to multiple cameras around the car and takes control of the gas, brake, and steering components. It uses the vision to speed or slow down, depending on the flow of traffic, and

While drivers won’t need to keep their hands on the wheel, they will need to keep their eyes on the road. If the system detects that the driver isn’t looking at the road for 2 seconds it will add a visual warning on the digital dashboard. After 3 seconds, Autopilot will start with a series of beeps, and after 6 seconds, the system will disconnect, and the car will start to slow down.

Hotz believes that this type of AI technology will lead to the improved development of robots. He believes that in the near future we will see robots that can cook, clean, do laundry, and do other types of manual labor.

Looking towards to next decade, Hotz plans to continue working on the Comma.ai technology and challenging the big corporations like Tesla, GM, Waymo, and others.