2007 Chrysler Crossfire Coupe 46k Miles! on 2040-cars

Auto blog

Feds fretting over remote hack of Jeep Cherokee

A cyber-security gap that allowed for the remote hacking of a Jeep Cherokee has federal officials concerned. An associate administrator with the National Highway Traffic Safety Administration said Thursday that news of the breach conducted by researchers Chris Valasek and Charlie Miller had "floated around the entire federal government." "The Homeland Security folks sent out broadcasts that, 'Here's an issue that needs to be addressed,'" said Nathaniel Beuse, an associate administrator with the National Highway Traffic Safety Administration. Valasek and Miller commandeered remote control of the Cherokee through a security flaw in the cellular connection to the car's Uconnect infotainment system. From his Pittsburgh home, Valasek manipulated critical safety inputs, such as transmission function, on Miller's Jeep as he drove along a highway near St. Louis, MO. The scope of the remote breach is believed to be the first of its kind. The prominent cyber-security researchers needed no prior access to the vehicle to perform the hack, and the scope of the remote breach is believed to be the first of its kind. A NHTSA spokesperson said the agency's cyber-security staff members are "putting their expertise to work assessing this threat and the response, and we will take action if we determine it's necessary to protect safety." A Homeland Security spokesperson referred questions about the hack to Chrysler. Fiat Chrysler Automobiles has already been the subject of a federal hearing this month, in which officials scrutinized whether the company had adequately fixed recalled vehicles and repeatedly failed to notify the government about defects. But cyber-security concerns are a new and different species for the regulatory agency. Only hours before the Jeep hack was announced by Wired magazine earlier this week, NHTSA administrator Dr. Mark Rosekind said hacking vulnerabilities were a threat to privacy, safety, and the public's trust with new connected and autonomous technologies that allow vehicles to communicate. NHTSA outlined its response to the cyber-security challenges facing the industry in a report issued Tuesday. In it, the agency summarized its best practices for thwarting attacks and said it will analyze possible real-time infiltration responses. But the agency's ability to handle hackers may only go so far.

Harsh words from senators over Chrysler's delay in reporting hack

The federal agency charged with protecting American motorists wants to know more about how hackers remotely commandeered and controlled a Jeep Cherokee. Hours after Fiat Chrysler Automobiles recalled 1.4 million cars affected by a flaw in their cellular connections, officials with the National Highway Traffic Safety Administration said Friday they'll further probe the defect by conducting a formal recall query investigation. "Opening this investigation will allow NHTSA to better assess the effectiveness of the remedy proposed," the agency said in a written statement. The remedy works, said Chris Valasek, one of the researchers who first discovered the security flaw. After testing for the vulnerability again Friday, he wrote on Twitter: "Looks like I can't get to @0xcharlie's Jeep from my house via my phone. Good job FCA/Sprint!" From his Pittsburgh home, Valasek had previously accessed and controlled co-worker Charlie Miller's Jeep along a St. Louis highway. Researchers have demonstrated remote hacks before, but the scope and severity of the Jeep vulnerability was unprecedented. The recall for a cyber threat was the first of its kind. Although a software patch and changes made by cellular provider Sprint appeared to fix the problem, news of the exploit and Chrysler's response brought a fresh round of consternation on Capitol Hill, where federal lawmakers had already expressed concerns about automotive cyber security. The Jeep hack elevated their concerns to a new level. "Cyber threats in cars are real and urgent, no figment of the imagination, as this huge recall demonstrates," said Sen. Richard Blumenthal (D-CT). "Incredibly, Chrysler delayed disclosing this chilling cyber-security danger egregiously and inexcusably, and strong sanctions are appropriate to send a message that other auto manufacturers will heed." Chrysler had known about the security gap since October, and Sen. Ed Markey (D-MA) wondered why it took the company so long to let customers know they were at risk. "Despite knowing about this security gap for nearly nine months, Chrysler is only now recalling 1.4 million vehicles to fix this vulnerability," he said. That's a potential pitfall for Chrysler, and something NHTSA will likely address in its investigation. Automakers are supposed to report safety-related defects to the agency within five days of discovery. But according to a chronology of events Chrysler submitted in its recall paperwork, it didn't inform NHTSA until July 15.

Stellantis and LG launch joint venture for North American battery plant

Stellantis has struck a preliminary deal with battery maker LG Energy Solution (LGES) to produce battery cells and modules for North America, as the world's No. 4 automaker rolls out its 30 billion euro ($35 billion) electrification plan. Global automakers are investing billions of euros to accelerate a transition to low-emission mobility and prepare for a progressive phase-out of internal combustion engines. Stellantis and LGES's joint venture will produce battery cells and modules at a new facility with an annual capacity of 40 gigawatt hours (GWh), the two firms said on Monday. No financial details of the deal were provided. The plant is scheduled to start production by the first quarter of 2024, with groundbreaking expected in the second quarter of 2022, the companies said in their statement. Its location is under review and will be announced later. Stellantis, formed in January from the merger of Italian-American automaker Fiat Chrysler and France's PSA, has said it wants to secure more than 130 GWh of global battery capacity by 2025 and more than 260 GWh by 2030. The batteries produced under the deal will supply Stellantis' U.S., Canadian and Mexican assembly plants for installation in hybrid and fully electric vehicles, supporting its goal of e-vehicles making up more than 40% of its U.S. sales by 2030. The company, whose brands include Peugeot, Fiat, Opel and U.S. best-sellers Jeep and Ram, earlier this year announced it would invest more than 30 billion euros through 2025 on electrifying its vehicle lineup. Stellantis has said it would build three battery plants in Europe and two in North America, including at least one in the United States. Intesa Sanpaolo analyst Monica Bosio said the deal was positive, and a further step ahead in Stellantis' electrification process. It comes weeks after Stellantis and its partner TotalEnergies agreed to open up their battery cell joint venture ACC to Daimler, to expand their European sourcing of battery cells. Stellantis is also targeting more than 70% of sales in Europe to be of low-emission vehicles by 2030, and aims to make the total cost of owning an EV equal to that of a gasoline-powered model by 2026. Related video: Green Plants/Manufacturing Alfa Romeo Chrysler Dodge Ferrari Fiat Jeep Maserati RAM Citroen Lancia Opel Peugeot Vauxhall Electric Hybrid EV batteries LG