1995 Jeep Cherokee Country Sport Utility 4-door 4.0l High Output 6 Cyl on 2040-cars

Auto blog

Chrysler, Nissan looking into claim that their cars are industry's most hackable

A pair of cyber security experts have awarded the ignominious title of most hackable vehicles on American roads to the 2014 Jeep Cherokee, 2014 Infiniti Q50 and 2015 Cadillac Escalade.
Charlie Miller and Chris Valasek are set to release a report at the Black Hat hacking conference in Las Vegas, Automotive News reports. The two men found the Jeep, Caddy and Q50 were easiest to hack based not on actual tests with the vehicles, but a detailed analysis of systems like Bluetooth and wireless internet access - basically, anything that'd allow a hacker to remotely gain access to the vehicle's systems.
Considering this lack of hands-on testing, the pair acknowledge that "most hackable" could be a relative term - they point out that the vehicles may actually be quite secure.

Jeep in St. Louis hacked from Pittsburgh

One of America's most popular vehicles contains a security flaw that allows hackers to remotely commandeer it from anywhere on the planet. Cyber-security researchers Chris Valasek and Charlie Miller say they've accessed critical vehicle controls on a 2014 Jeep Cherokee that allowed them to remotely control critical vehicle functions like braking, transmission function, and steering. Automakers have downplayed the possibility a car could be remotely compromised, but the significance of the findings detailed Tuesday could cause them to reevaluate the threats posed to hundreds of thousands of vehicles already on the road. A key finding – the pair needed no physical access to the Jeep to pull off the attack. Valasek and Miller accessed the controls via a security hole in the Sprint cellular connection to Chrysler's UConnect infotainment system. In the course of their research, Valasek sat in his Pittsburgh home and remotely manipulated Miller's Jeep as he drove along a highway outside St. Louis. If you know a car's IP address, they say, a hacker could control it from anywhere. "We didn't add anything, didn't touch it," Valasek told Autoblog. "A customer could drive one of these things off a lot, and they'd have no clue it had these open attack surfaces." Remotely, he disabled brakes, turned the radio volume up, engaged windshield wipers and tampered with the transmission. Further, they could conduct surveillance on the Jeep, measuring its speed and tracking its whereabouts. They conducted the experiments over multiple breaches. They made their findings public on the same day the National Highway Traffic Safety Administration, the federal agency in charge of vehicle safety, released its latest report on the readiness of government and automakers to fend off these sorts of cyber attacks. Later today, two US Senators are expected to introduce legislation that would help consumers better understand the potential risks of car hacking. In the early stages of their research, Valasek and Miller found a security flaw in the car's wi-fi that allowed them to remotely manipulate controls from a range of about three feet. But in recent months, they found another vulnerability in the Sprint cellular connection in the UConnect system. That was a key breakthrough. "Lo and behold, we found we could communicate with this thing using cellular, and then more research, and 'Holy cow,' we're using the Sprint network to communicate with these vehicles," Valasek said.

FCA recalls 1.1 million vehicles worldwide due to confusing shifter

Fiat Chrysler is recalling 1.1 million vehicles worldwide to address the problematic shifter used on cars with eight-speed automatic transmissions. The issue is that the console-mounted shifter acts like a rocker switch and always returns to the middle position after moved. This has been deemed confusing to drivers – confusing enough to cause some to exit their vehicles without first selecting Park and leading to the car rolling away. FCA says 41 injuries are related to the shifter problem, and no evidence of equipment failure has been found. The company will enhance warning chimes and alter the shift strategy, meaning alert messages will be displayed in case the driver door is opened while the engine is running. With the door open, the transmission will prevent the car from moving even if Park is not selected. The affected vehicles are certain model-year 2012–2014 Dodge Charger and Chrysler 300 sedans, as well as model-year 2014–2015 Jeep Grand Cherokee SUVs, an estimated 811,586 US vehicles in total. The recall also affects 52,144 vehicles in Canada, 16,805 in Mexico, and 248,667 vehicles elsewhere. The shifter is used with ZF-designed and ZF-built eight-speed automatic; Audi uses a similar shifter setup in some of its vehicles, including the current-generation, which predated Chrysler's use of it. Chrysler uses a different, a rotating-dial-type shifter on eight-speed-equipped Rams. The company moved away from the problem shifter design in 2015 for the Charger and 300, and the Grand Cherokee's shift lever was modified for 2016. Owners of affected vehicles will be notified of the recall when service is available. Fiat Chrysler urges customers to follow the instructions in the vehicle's owner's manual in the meantime. Related Video: News Source: FCAImage Credit: AOL Recalls Chrysler Dodge Jeep RAM Ownership Safety SUV Sedan