Limited, Heated Leather, Sunroof, Cd Player, Alloys, 1-owner & Nonsmoker 13092 on 2040-cars

Auto blog

Jeep in St. Louis hacked from Pittsburgh

One of America's most popular vehicles contains a security flaw that allows hackers to remotely commandeer it from anywhere on the planet. Cyber-security researchers Chris Valasek and Charlie Miller say they've accessed critical vehicle controls on a 2014 Jeep Cherokee that allowed them to remotely control critical vehicle functions like braking, transmission function, and steering. Automakers have downplayed the possibility a car could be remotely compromised, but the significance of the findings detailed Tuesday could cause them to reevaluate the threats posed to hundreds of thousands of vehicles already on the road. A key finding – the pair needed no physical access to the Jeep to pull off the attack. Valasek and Miller accessed the controls via a security hole in the Sprint cellular connection to Chrysler's UConnect infotainment system. In the course of their research, Valasek sat in his Pittsburgh home and remotely manipulated Miller's Jeep as he drove along a highway outside St. Louis. If you know a car's IP address, they say, a hacker could control it from anywhere. "We didn't add anything, didn't touch it," Valasek told Autoblog. "A customer could drive one of these things off a lot, and they'd have no clue it had these open attack surfaces." Remotely, he disabled brakes, turned the radio volume up, engaged windshield wipers and tampered with the transmission. Further, they could conduct surveillance on the Jeep, measuring its speed and tracking its whereabouts. They conducted the experiments over multiple breaches. They made their findings public on the same day the National Highway Traffic Safety Administration, the federal agency in charge of vehicle safety, released its latest report on the readiness of government and automakers to fend off these sorts of cyber attacks. Later today, two US Senators are expected to introduce legislation that would help consumers better understand the potential risks of car hacking. In the early stages of their research, Valasek and Miller found a security flaw in the car's wi-fi that allowed them to remotely manipulate controls from a range of about three feet. But in recent months, they found another vulnerability in the Sprint cellular connection in the UConnect system. That was a key breakthrough. "Lo and behold, we found we could communicate with this thing using cellular, and then more research, and 'Holy cow,' we're using the Sprint network to communicate with these vehicles," Valasek said.

Lexus tops JD Power Vehicle Dependability Study again, Buick bests Toyota

It shouldn't surprise anyone, but Lexus has once again taken the top spot in JD Power's Vehicle Dependability Study. That'd be the Japanese luxury brand's fourth straight year at the top of table. The big news, though, is the rise of Buick. General Motor's near-premium brand beat out Toyota to take second place, with 110 problems per 100 vehicles compared to Toyota's 111 problems. Lexus owners only reported 89 problems per 100 vehicles. Besides Buick's three-position jump, Scion enjoyed a major improvement, jumping 13 positions from 2014. Ram and Mitsubishi made big gains, as well, moving up 11 and 10 positions, respectively. In terms of individual segments, GM and Toyota both excelled, taking home seven segment awards each. The study wasn't good news for all involved, though. A number of popular automakers finished below the industry average of 147 problems per 100 vehicles, including Subaru, (157PP100), Volkswagen (165PP100), Ford/Hyundai (188PP100 each) and Mini (193PP100). The biggest losers (by a tremendous margin, we might add) were Land Rover and Fiat, recording 258 and 273 problems per 100 vehicles. The next closest brand was Jeep, with 197PP100. While the Vehicle Dependability Study uses the same measurement system as the Initial Quality Survey, the two metrics analyze very different things. The VDS looks at problems experienced by original owners of model year 2012 vehicles over the past 12 months, while the oft-quoted IQS focuses on problems in the first 90 days of new-vehicle ownership. Like the IQS, though, the VDS has a rather broad definition of what a problem is. Because of that, a low score from JD Power is no guarantee of extreme unreliability, so much as just poor design. In this most recent study, the two most reported problems focused on Bluetooth connectivity and the voice-command systems. The former leaves plenty of room for user error due to poor design (particularly true of the Bluetooth systems on the low-scoring Fords, Volkswagens and Subarus), while the second is something JD Power has already confirmed as being universally terrible. That makes means that while these studies are important, they shouldn't be taken as gospel when it comes to automotive reliability. News Source: JD PowerImage Credit: Copyright 2015 Jeremy Korzeniewski / AOL Buick Fiat Ford GM Hyundai Jeep Land Rover Lexus MINI Mitsubishi RAM Scion Subaru Toyota Volkswagen Auto Repair Ownership study

FCA joining virtual CES with in-depth tours and Jeep Wrangler 4xe in AR

CES is sort of, technically happening, but it won’t be the CES weÂ’ve all become accustomed to over the years. Automakers will be doing their best to participate virtually, assuming they decide to join in the festivities at all. FCA is one that will have a little nugget of tech to share with us. A few main experiences will be made available to anybody with a computer. FCAÂ’s main draw is meant to be “highly detailed interactive product tours” where you can get to know a number of vehicles in a virtual world and hear from a “virtual brand ambassador” throughout the tour. You wonÂ’t be able to sit in and crawl through the cars like a normal auto show for the public, but FCA is promising a rather immersive experience online. The guided tour through the cars and technologies will be available in 12 FCA vehicles, two of those being the new Jeep Grand Wagoneer Concept and Alfa Romeo Stelvio Quadrifoglio. FCA plans to offer in-depth talks about how it tests vehicles, too. There are demonstrations planned for wind tunnels, the four-post shaker, an advanced drive simulator and general performance testing. Additionally, FCA plans on providing more insight into Uconnect 5 and vehicle electrification systems. WeÂ’re guessing the latter will offer up details on the Wrangler 4xe. The plug-in hybrid Wrangler will also be the star of FCAÂ’s AR play at CES. Everybody will be able to scan a QR code on FCAÂ’s site, then have access to a Wrangler 4xe on their phone. YouÂ’ll be able to “put it” in your driveway virtually, change the colors and get up close and personal with the interior.  All of this will launch on fcaces2021.com at 9 a.m. ET on January 11 (official first day of the virtual CES show), so surf on over there next week if you want to check it out. Related video: