2003 Jeep Liberty Limited Sport Utility 4-door 3.7l on 2040-cars

Auto blog

Are future vehicular hacks inevitable?

Before the hack of the Uconnect system in a Jeep Cherokee resulted in a 1.4-million vehicle recall, the potential software vulnerabilities in vehicles were already a hot topic with Congressional inquiries and even proposed legislation in the US. As cars' interconnected systems gain the ability to go online, they become open to a host of new threats. Automakers are trying to stop this, but it might be too late to put the genie back into the bottle. Throughout 2015, the issue of software security in vehicles has become increasingly vital. For example, the recent Jeep case wasn't even the biggest hack this year. In February, a major flaw was discovered in the BMW Connected Drive service that allowed researchers to remotely lock and unlock the doors and potentially affected 2.2 million cars. The fix was an over-the-air patch for the problem. Automakers are actively working to fix the issues. Mercedes-Benz, BMW, and Audi reportedly are using encrypted connections and firewalls in their vehicles to prevent hacking. "Absolute, 100-percent safety isn't possible," Daimler spokesperson Benjamin Oberkersch said to Automotive News Europe. "But we develop our systems, tested by internal and external experts, so they're up to date." These vulnerabilities seem to be popping up more often. A successful hack took $14 in parts from Radio Shack in one case. There was also a 60 Minutes report earlier in the year about DARPA's ability to hack into OnStar to take control of a Chevrolet Impala. Experts aren't so sure companies can contend with hackers' advancement. "The difficulty for the carmakers at the moment is the question whether they can keep pace with advances in technology, and especially hacking technology," Rainer Scholz, executive director for telematics consultant EY, said to Automotive News Europe. "We seriously doubt they can." At this point, vehicle hacks are coming more from researchers looking for holes than from those with malicious intent. Still, the vulnerabilities are definitely there. It's up to automakers to keep patching the problems before they become dangerous to drivers. Related Video: News Source: Automotive News Europe - sub. req.Image Credit: Bill O'Leary / The Washington Post via Getty Images Audi BMW Jeep Mercedes-Benz Safety Technology Emerging Technologies hacking cyber security

Chrysler recalling over 200k vehicles across its brands

With more than 200,000 units across six separate recalls and almost all of its brands, it appears that Chrysler has officially jumped headfirst into the recall pool this month. The National Highway Traffic Safety Administration has issued three official recalls for the automaker, and The Detroit News is reporting that the automaker itself has announced three more.
The biggest of the recalls applies to about 120,000 Dodge Charger, Dodge Challenger and Chrysler 300 models for 2011 and 2012 due to faulty wiring harnesses for the seat-mounted side airbags, which could lead to these airbags not deploying in the event of a crash. A little more than 60,000 two-wheel-drive versions of the 2007-2008 Dodge Nitro and 2008 Jeep Liberty SUVs are being recalled due to a heat shield that could cause the driveshaft to break, which if that isn't bad on its own, could then hit underneath where the airbag sensor is mounted, causing the airbags to deploy. Wrapping up NHTSA's recall notices, about 20,000 Jeep Patriot and Jeep Compass models for 2012 are also being recalled due to a problem with the fuel tank transfer tube that could lead to the vehicle stalling. The LX car recall campaign is going into effect this month, while the other two will start next month - all three notices are posted below.
In addition to the official NHTSA recalls, The Detroit News is also reporting that Chrysler is recalling more than 16,000 Ram trucks and a small number of Dodge Dart sedans. Around 6,500 2013 Ram 1500 trucks will be recalled due to an improper adjustment of the parking brake cable from the factory, while 7,000 Cummins-powered 2013 Ram Heavy Duty trucks are being recalled due to an engine cover that does not have as much heat resistance as it is supposed to. Finally, a total of 46 Dodge Dart sedans are being recalled due to a problem with the brake calipers and/or parking brake.

FCA will pay you to hack its systems

FCA is willing to pay you to hack its cars, as long as you tell the company how you did it. In an effort to enhance cybersecurity and prevent future incidents like the Jeep Cherokee hack last year, FCA announced it's working with Bugcrowd to find vulnerabilities in its vehicle software. Bugcrowd labels itself as a crowdsourced application security testing company. Users, or independent security researchers as Bugcrowd calls them, can find exploits or vulnerabilities in FCA systems. They then submit the information to Bugcrowd, who in turn supplies the info to FCA. The goal is to update systems and close any possible security breaches. FCA is offering bounties from $150 to $1,500 to any Mr. Robot types, with payment based on the size and severity of the flaw. FCA wants hackers to focus specifically on the UConnect website and the company's iOS and Android apps. No bounties will be given for anything outside the scope of those three things. Bugcrowd says it will not take any legal action against anyone who submits an exploit. While we think it's good that the company is taking steps to address these problems, it's not a groundbreaking maneuver. Other companies employ similar systems. Earlier this year, both Tesla and Uber announced that they're willing to offer up to $10,000 to hackers who find vulnerabilities in their system. For years, Microsoft has been paying hackers to find exploits. It also seems that FCA took its time to announce this plan, considering the Jeep hack happened nearly a year ago. If the partnership works, we can expect other automakers to make similar deals. Related Video: This content is hosted by a third party. To view it, please update your privacy preferences. Manage Settings. News Source: FCA, Bugcrowd Jeep Safety Technology Infotainment Smartphone FCA