2014 Jeep Grand Cherokee Limited on 2040-cars

Auto blog

Jeep in St. Louis hacked from Pittsburgh

One of America's most popular vehicles contains a security flaw that allows hackers to remotely commandeer it from anywhere on the planet. Cyber-security researchers Chris Valasek and Charlie Miller say they've accessed critical vehicle controls on a 2014 Jeep Cherokee that allowed them to remotely control critical vehicle functions like braking, transmission function, and steering. Automakers have downplayed the possibility a car could be remotely compromised, but the significance of the findings detailed Tuesday could cause them to reevaluate the threats posed to hundreds of thousands of vehicles already on the road. A key finding – the pair needed no physical access to the Jeep to pull off the attack. Valasek and Miller accessed the controls via a security hole in the Sprint cellular connection to Chrysler's UConnect infotainment system. In the course of their research, Valasek sat in his Pittsburgh home and remotely manipulated Miller's Jeep as he drove along a highway outside St. Louis. If you know a car's IP address, they say, a hacker could control it from anywhere. "We didn't add anything, didn't touch it," Valasek told Autoblog. "A customer could drive one of these things off a lot, and they'd have no clue it had these open attack surfaces." Remotely, he disabled brakes, turned the radio volume up, engaged windshield wipers and tampered with the transmission. Further, they could conduct surveillance on the Jeep, measuring its speed and tracking its whereabouts. They conducted the experiments over multiple breaches. They made their findings public on the same day the National Highway Traffic Safety Administration, the federal agency in charge of vehicle safety, released its latest report on the readiness of government and automakers to fend off these sorts of cyber attacks. Later today, two US Senators are expected to introduce legislation that would help consumers better understand the potential risks of car hacking. In the early stages of their research, Valasek and Miller found a security flaw in the car's wi-fi that allowed them to remotely manipulate controls from a range of about three feet. But in recent months, they found another vulnerability in the Sprint cellular connection in the UConnect system. That was a key breakthrough. "Lo and behold, we found we could communicate with this thing using cellular, and then more research, and 'Holy cow,' we're using the Sprint network to communicate with these vehicles," Valasek said.

Jeep Renegade configurator switches on

Less than a week after letting loose with pricing information for its 2015 Renegade, Jeep has powered up the configurator for its new compact CUV, giving us our first complete look at pricing for the model's healthy options catalog. If you've messed around with any of FCA's other online configurators, the Renegade's will be immediately familiar. Pick a trim, interior and exterior color, optional extras and packages, and you're done. Of course, we don't write these posts just to let you know about a configurator going live. We do them because it gives us an excuse to mess about with all the different varieties of a new model, and, on occasion, to build something surprisingly expensive or cheap, just to see if it can be done. The Renegade certainly has no issues when it comes to the former. If you want the priciest model, you'll need the $25,995 Trailhawk, which can be priced up to $33,330. We got to that figure by adding the $1,495 Trailhawk Premium Group (heated, powered leather seats, dual-zone climate control, heated steering wheel, 40/20/40 split-rear seats), the $595 Safety and Security Group I (blind-spot monitoring with cross-traffic assist and an alarm), the $395 Trailer Tow Group, the $1,395 powered MySky system, a $150 hood decal (which might mean that you can get a Trailhawk without a black stripe), a $1,295 navigation system with satellite radio, a $495 nine-speaker stereo, a $295 push-button starter, a $200 remote starter and a $75 tonneau cover. Will you need all of those options? Not really. But many of them would certainly fall into the "must-have" category for customers. Head over to Jeep's consumer page and mess about with the configurator, and let us know what you think of the full pricing (and what your ideal spec looks like!) in Comments. Related Video:

Chrysler resolves recall issue with NHTSA, will inspect, upgrade affected Jeeps

Chrysler made big news earlier in the month by refusing a recall request from the National Highway Traffic Safety Administration for the 1993-2004 Jeep Grand Cherokee and 2002-2007 Jeep Liberty. Last week, NHTSA boss David Strickland countered by defending his agency's request for the recall of 2.7 million Jeep SUVs. Today marked the deadline for Chrysler to formally respond to NHTSA, and it seems that both parties have met in the middle with Chrysler inspecting and upgrading some of the affected vehicles without using the word "recall," which would constitute the admission of a defect; instead, Chrysler said that it is conducting a "voluntary campaign."
At issue on these vehicles is the positioning of the fuel tank behind the rear axle that could get damaged during a rear-end collision. NHTSA has stated that at least 51 people have been killed in rear-end collisions involving these Jeeps after the vehicles caught fire, to which Chrysler countered by pointing out that both models "met and exceeded" the requirements for fuel-system integrity.
As a compromise on the situation, Chrysler says that it will inspect all pre-2004 Grand Cherokees and pre-2007 Liberty models and, "if necessary, provide an upgrade to the rear structure of the vehicle." According to Automotive News, this upgrade will consist of adding a trailer hitch that will presumably better protect the rear-mounted gas tank. Vehicles already equipped with a factory or Mopar hitch will not be modified. Chrysler's official statement on the matter is posted below, but no additional information has been released, such as when the campaign will begin and how many vehicles could be affected.