Geohot joins elite team of hackers for Google’s Project Zero


Since wunderkind George Hotz, better known as Geohot, first made a name for himself by hacking the iPhone at age 17, he’s bounced around to several projects. He hacked the PlayStation, did some work for Facebook, and more recently popped up in Android land.

His latest gig is an internship for Google’s Project Zero—a team of elite hackers tasked with finding and eradicating serious software vulnerabilities. Back in March Geohot won $150K for exposing Chrome exploits, and it seems the Mountain View company took notice…

Wired has more on Hotz and Project Zero:

When Hotz dismantled the defenses of Google’s Chrome operating system earlier this year, by contrast, the company paid him a $150,000 reward for helping fix the flaws he’d uncovered. Two months later Chris Evans, a Google security engineer, followed up by email with an offer: How would Hotz like to join an elite team of full-time hackers paid to hunt security vulnerabilities in every popular piece of software that touches the internet?

Today Google plans to publicly reveal that team, known as Project Zero, a group of top Google security researchers with the sole mission of tracking down and neutering the most insidious security flaws in the world’s software. Those secret hackable bugs, known in the security industry as “zero-day” vulnerabilities, are exploited by criminals, state-sponsored hackers and intelligence agencies in their spying operations. By tasking its researchers to drag them into the light, Google hopes to get those spy-friendly flaws fixed. And Project Zero’s hackers won’t be exposing bugs only in Google’s products. They’ll be given free rein to attack any software whose zero-days can be dug up and demonstrated with the aim of pressuring other companies to better protect Google’s users. 

Geohot joins Google security engineer Chris Evans, New Zealander Ben Hawkes, who has been credited with discovering bugs in software like Adobe Flash and Office, English researcher Tavis Ormandy, and more. The team will soon have over 10 full-time researchers.

So what does Google get by paying elite hackers top-level salaries to find bugs in other companies’ software? Project-leader Chris Evans says the initiative is altruistic, but the program serves as a prime recruiting ground, and plus: safe, happy users tend to click on more ads.

The last time Geohot popped up in the jailbreaking world was in December, when it was rumored that he had a working iOS 7 jailbreak, and was looking to sell it to a third-party Chinese company.