1973 Chrysler Imperial Super Low Miles Code Name Key Lime Pie! 11046 Miles! on 2040-cars

Auto blog

Supplier says Jeep Cherokee hack only affects FCA cars

Harman doesn't think that drivers need to worry about any further hacks of its products. The company supplies FCA's Uconnect infotainment system where a software vulnerability is responsible for a 1.4-million vehicle recall. "This experimental hack is unique to Chrysler," Harman CEO Dinesh Paliwal said to Automotive News. "This does not exist, to our assessment, in any other vehicle." The reason that the company wouldn't be involved is that automakers aren't simply plugging in the existing infotainment systems into new vehicles. According to Paliwal, Harman supplies the unit, but FCA and other automakers are able to make additional modifications for their vehicles. The National Highway Traffic Safety Administration has also recently taken up the question of broader software vulnerabilities in Harman's products. On July 29, the agency began investigating the company to check for similarities between Uconnect and the infotainment systems supplied to other automakers. The Jeep hack became national news when two researchers were remotely able to take control of a Cherokee. The vulnerability in the cellular connection even gave control over the brakes. "Once people get in the car and get into the CAN bus, then you can start to mimic and mess up many, many things in the car," Paliwal said to Automotive News. Politicians immediately responded with legislation to create federal standards in hopes of protecting drivers better. NHTSA also opened an investigation to make sure the automaker's software update actually solved the problem. Related Video:

Dodge offering novel 1-year lease on '14 Challenger and Charger models

Dodge is just days away from unveiling refreshed versions of the Charger and Challenger at the 2014 New York Auto Show, models promising updated styling and new powertrain options. Depending on how you look at it, the company is either so confident in its forthcoming 2015 models that it's offering an interesting Double-Up lease deal on the current vehicles, or it's so eager to clear out existing stock that it's resorting to novel lease deals. In any case, what they present is an interesting scenario, one which allows buyers to get the existing model right now, and then trade up to the facelifted 2015 models in one year.
Starting April 17, when the refreshed cars debut through the end of August, buyers can lease a 2014 Charger or Challenger for one year and exchange it for a three-year lease on a 2015 model next year, with no additional money down and the same monthly payment. Customers can even switch vehicles when the new lease starts. If drivers want to buy the '15, they get $1,000 off the purchase price. To be eligible, both leases must use the same dealership and be financed through Chrysler Capital. The Double-Up deal excludes the SRT versions of both cars and Charger SE models.
To offset the flood of one-year-old models coming back to dealerships, Dodge has struck a deal with rental car agency Enterprise, which has agreed to buy them all. "One-year leases are highly unusual in the industry," said company spokesperson Ralph Kisiel, and the fleet sale deal is what makes it possible.

The problem with how automakers confront hacking threats

More than anyone, Chris Valasek and Charlie Miller are responsible for alerting Americans to the hacking perils awaiting them in their modern-day cars. In 2013, the pair of cyber-security researchers followed in the footsteps of academics at the University of Cal-San Diego and University of Washington, demonstrating it was possible to hack and control cars. Last summer, their research established which vehicles contained inherent security weaknesses. In recent weeks, their latest findings have underscored the far-reaching danger of automotive security breaches. From the comfort of his Pittsburgh home, Valasek exploited a flaw in the cellular connection of a Jeep Cherokee and commandeered control as Miller drove along a St. Louis highway. Remote access. No prior tampering with the vehicle. An industry's nightmare. As a result of their work, FCA US recalled 1.4 million cars, improving safety for millions of motorists. For now, Valasek and Miller are at the forefront of their profession. In a few months, they could be out of jobs. Rather than embrace the skills of software and security experts in confronting the unforeseen downside of connectivity in cars, automakers have been doing their best to stifle independent cyber-security research. Lost in the analysis of the Jeep Cherokee vulnerabilities is the possibility this could be the last study of its kind. In September or October, the U.S. Copyright Office will issue a key ruling that could prevent third-party researchers like Valasek and Miller from accessing the components they need to conduct experiments on vehicles. Researchers have asked for an exemption in the Digital Millennial Copyright Act that would preserve their right to analyze cars, but automakers have opposed that exemption, claiming the software that runs almost every conceivable vehicle function is proprietary. Further, their attorneys have argued the complexity of the software has evolved to a point where safety and security risks arise when third parties start monkeying with the code. Their message on cyber security is, as it has been for years, that they know their products better than anyone else and that it's dangerous for others to meddle with them. But in precise terms, the Jeep Cherokee problems show this is not the case. Valasek and Miller discovered the problem, a security hole in the Sprint cellular connection to the UConnect infotainment system, not industry insiders.