2014 Jeep Cherokee Limited on 2040-cars

Auto blog

Feds fretting over remote hack of Jeep Cherokee

A cyber-security gap that allowed for the remote hacking of a Jeep Cherokee has federal officials concerned. An associate administrator with the National Highway Traffic Safety Administration said Thursday that news of the breach conducted by researchers Chris Valasek and Charlie Miller had "floated around the entire federal government." "The Homeland Security folks sent out broadcasts that, 'Here's an issue that needs to be addressed,'" said Nathaniel Beuse, an associate administrator with the National Highway Traffic Safety Administration. Valasek and Miller commandeered remote control of the Cherokee through a security flaw in the cellular connection to the car's Uconnect infotainment system. From his Pittsburgh home, Valasek manipulated critical safety inputs, such as transmission function, on Miller's Jeep as he drove along a highway near St. Louis, MO. The scope of the remote breach is believed to be the first of its kind. The prominent cyber-security researchers needed no prior access to the vehicle to perform the hack, and the scope of the remote breach is believed to be the first of its kind. A NHTSA spokesperson said the agency's cyber-security staff members are "putting their expertise to work assessing this threat and the response, and we will take action if we determine it's necessary to protect safety." A Homeland Security spokesperson referred questions about the hack to Chrysler. Fiat Chrysler Automobiles has already been the subject of a federal hearing this month, in which officials scrutinized whether the company had adequately fixed recalled vehicles and repeatedly failed to notify the government about defects. But cyber-security concerns are a new and different species for the regulatory agency. Only hours before the Jeep hack was announced by Wired magazine earlier this week, NHTSA administrator Dr. Mark Rosekind said hacking vulnerabilities were a threat to privacy, safety, and the public's trust with new connected and autonomous technologies that allow vehicles to communicate. NHTSA outlined its response to the cyber-security challenges facing the industry in a report issued Tuesday. In it, the agency summarized its best practices for thwarting attacks and said it will analyze possible real-time infiltration responses. But the agency's ability to handle hackers may only go so far.

FCA issuing software update for 1.4M vehicles to prevent hacking

In the wake of a Jeep Cherokee being hacked remotely while on the road through its Uconnect infotainment system, FCA US is now issuing a software update for 1.4 million vehicles in the United States. Affected customers will receive a USB stick in the mail with the improved version; owners can check this website to see if their cars are affected. A large variety of models with FCA's 8.4-inch touchscreen infotainment system are affected. They include the 2015 Chrysler 200, 2015 Chrysler 300, 2015 Dodge Charger, and 2015 Dodge Challenger; 2013-2015 Dodge Viper; 2013-2015 Ram 1500, 2500, and 3500; 2013-2015 Ram 3500, 4500, and 5500 chassis cab; 2014-2015 Jeep Grand Cherokee and Cherokee; and 2014-2015 Dodge Durango. According to FCA in its announcement, the new software "insulates connected vehicles from remote manipulation." As of July 23, the company also "fully tested and implemented within the cellular network" additional security to prevent access to many of a vehicle's systems. FCA US says that it's conducting this campaign out of an abundance of caution and disputes the notion that there's a defect with these vehicles. Beyond the demonstration of the hack in the Cherokee, the automaker says that it's unaware of any other reports of these attacks actually happening. Related Video: Statement: Software Update July 24, 2015 , Auburn Hills, Mich. - FCA US LLC is conducting a voluntary safety recall to update software in approximately 1,400,000 U.S. vehicles equipped with certain radios. The recall aligns with an ongoing software distribution that insulates connected vehicles from remote manipulation, which, if unauthorized, constitutes criminal action. Further, FCA US has applied network-level security measures to prevent the type of remote manipulation demonstrated in a recent media report. These measures – which required no customer or dealer actions – block remote access to certain vehicle systems and were fully tested and implemented within the cellular network on July 23, 2015. The Company is unaware of any injuries related to software exploitation, nor is it aware of any related complaints, warranty claims or accidents – independent of the media demonstration.

EV tax credits: Here's every electric car or plug-in hybrid that qualifies

Starting on April 18, the Internal Revenue Service released new guidance for U.S. buyers shopping for a new electric or plug-in hybrid vehicle. On April 18th, the IRS showed only six fully electric vehicles on the qualified list, but a day later Volkswagen confirmed its U.S.-built ID.4 also qualifies. That means right now, seven fully electric vehicles qualify for the full $7,500 EV tax credit, with three more from Chevrolet coming for the 2024 model year (we would expect these 2024 models to roll out slowly and be difficult to find for at least the first few months they are on the market). In addition to those seven fully electric cars, two plug-in hybrids also qualify for the full $7,500 credit. To qualify, a vehicle must be assembled in North America and must meet a strict set of guidelines that cover where battery materials were sourced. If any battery materials come from certain countries (importantly including China), the vehicle's tax credit is automatically cut in half. Further, according to the IRS, the vehicle's manufacturer suggested retail price (MSRP) can't exceed $80,000 for vans, sport utility vehicles and pickup trucks or $55,000 for any other type of vehicle (basically meaning sedans). Electric vehicles that qualify for the full $7,500 EV tax credit: Cadillac Lyriq (2023-2024) Chevrolet Blazer EV (2024) Chevrolet Bolt EV (2023-2024) Chevrolet Bolt EUV (2023-2024) Chevrolet Equinox (2024) Chevrolet Silverado (2024) Ford F-150 Lightning — all models (2022-2023) Tesla Model 3 Performance (2022-2023) Tesla Model Y — all models (2022-2023) Volkswagen ID.4 — U.S.-built models (2022-2023) Plug-in hybrid cars that qualify for the full $7,500 EV tax credit: Chrysler Pacifica PHEV (2022-2023) Lincoln Aviator Grand Touring (2022-2023) A smaller credit is offered on fully electric cars and plug-in hybrids that are assembled in North America but have batteries with materials sourced from unqualified countries (mostly China).