Google recruits top PS3 hacker for Project Zero

Google recruits top PS3 hacker for Project Zero

Summary: George Hotz, best known for hacking Sony's PS3 and the iPhone, has been snapped up for Google's vulnerability research team Project Zero.

TOPICS: Google, Security
credit cnet
Credit: CNET

Google has hired a prolific hacker by the name of George Hotz to join the Project Zero team. Hotz is well-known for hacking Sony's PlayStation 3 and Apple's iPhone.

The 24-year-old — also known as geohot — hacked into the PlayStation 3 in order to install alternate operating system software, with the intention of playing pirated games. Hotz was then subsequently sued by Sony, although the matter was settled outside the courtroom. The hacker is also known for unlocking Apple's iPhone. Now, after a brief stint at Facebook several years ago, Hotz has found a home with Google, according to the BBC.

Google's Project Zero aims to reduce the threat that zero-day attacks represent by funding vulnerability research and hiring top security specialists and hackers. The hire of Hotz, therefore, is hardly a surprise — as these types of projects need people that can think like cyberattackers, as well as be talented in their own right, in order to thwart them.

Project Zero is currently hiring, although it does not say how people are recruited. Members of the team will seek out vulnerabilities in systems where "large numbers of people" are dependent on services, and in addition, will research "mitigations, exploitation, program analysis — and anything else that our researchers decide is a worthwhile investment," according to Chris Evans, "Researcher Herder" at Google.

Google will publish a public database of vulnerabilities found, as well as how long it takes companies to react to bug reports and fix the problem.

This is far from the tech giant's first foray into security, as the firm already has a bug bounty program for its own products, and Google staff are known for reporting vulnerabilities to other firms, including Microsoft and Apple.

Dr. Mike Lloyd, CTO at RedSeal Networks told ZDNet:

Google's move to set up Project Zero is very welcome. The infrastructure we run our businesses and our lives on is showing its fragile nature as each new, successful attack is disclosed. Unfortunately, we all share significant risks, not least because IT tends towards ‘monoculture,’ with only a few major pieces of hardware and software being used most of the time.

Organizations use the common equipment because it's cheaper, because it's better understood by staff, and because we all tend to do what we see our neighbors doing. These upsides come at a cost, though — it means attackers can find a single defect, and it can open thousands or even millions of doors, as we recently saw with Heartbleed.

Topics: Google, Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • Fact Check

    "The 24-year-old -- also known as geohot -- hacked into the PlayStation 3 in order to install alternate operating system software, with the intention of playing pirated games."

    Not correct. Hotz was working on making a PS3 "jailbreak" possible & also prevent users from playing pirated games. His intention was NOT to play pirated material.

    Can't find his original post, but:
  • Google knows George Hotz

    GeoHot took down Chrome OS on a Chromebox at this year's Pwnium at CanSecWest. It was brilliant.

    He also took down Firefox on Windows at PWn2Own.
    Rabid Howler Monkey
  • Hotz

    "...with the intention of playing pirated games."

    At best you are presuming to be inside Hotz's head, at worst his lawyer will sue you. I'd change the line if I were you.
  • Wow, talk about character assassination!

    The author of this article makes a pretty bold statement by matter-of-factly saying that Hotz hacked the PS3 with the express intent of "playing pirated games." Not entirely accurate. In's not accurate AT ALL.
  • Assume makes an ass...

    Merely the act of hacking some software/hardware does not necessarily imply an intent to "pirate" or otherwise break laws unrelated to that hacking - regardless of what Sony's lawyers may claim. ZDNet would do well to correct this article, especially if it has relied on the rubbish that Sony disseminated at the time of Mr Hotz' activities on the PS3.

    That would be Sony of CD rootkit fame, just to help you a little with the background.