2011 Jeep Wrangler Sport Sport Utility 2-door 3.8l on 2040-cars

Auto blog

Jeep in St. Louis hacked from Pittsburgh

One of America's most popular vehicles contains a security flaw that allows hackers to remotely commandeer it from anywhere on the planet. Cyber-security researchers Chris Valasek and Charlie Miller say they've accessed critical vehicle controls on a 2014 Jeep Cherokee that allowed them to remotely control critical vehicle functions like braking, transmission function, and steering. Automakers have downplayed the possibility a car could be remotely compromised, but the significance of the findings detailed Tuesday could cause them to reevaluate the threats posed to hundreds of thousands of vehicles already on the road. A key finding – the pair needed no physical access to the Jeep to pull off the attack. Valasek and Miller accessed the controls via a security hole in the Sprint cellular connection to Chrysler's UConnect infotainment system. In the course of their research, Valasek sat in his Pittsburgh home and remotely manipulated Miller's Jeep as he drove along a highway outside St. Louis. If you know a car's IP address, they say, a hacker could control it from anywhere. "We didn't add anything, didn't touch it," Valasek told Autoblog. "A customer could drive one of these things off a lot, and they'd have no clue it had these open attack surfaces." Remotely, he disabled brakes, turned the radio volume up, engaged windshield wipers and tampered with the transmission. Further, they could conduct surveillance on the Jeep, measuring its speed and tracking its whereabouts. They conducted the experiments over multiple breaches. They made their findings public on the same day the National Highway Traffic Safety Administration, the federal agency in charge of vehicle safety, released its latest report on the readiness of government and automakers to fend off these sorts of cyber attacks. Later today, two US Senators are expected to introduce legislation that would help consumers better understand the potential risks of car hacking. In the early stages of their research, Valasek and Miller found a security flaw in the car's wi-fi that allowed them to remotely manipulate controls from a range of about three feet. But in recent months, they found another vulnerability in the Sprint cellular connection in the UConnect system. That was a key breakthrough. "Lo and behold, we found we could communicate with this thing using cellular, and then more research, and 'Holy cow,' we're using the Sprint network to communicate with these vehicles," Valasek said.

2014 Jeep Grand Cherokee gets surprisingly comprehensive update, new diesel power

Traditionally, automotive journalists can be heard muttering something to the effect of "Geeze, it's about time!" whenever a vehicle's midcycle refresh is revealed. As we routinely see and drive new models many months before the public even claps eyes on them in showrooms - and then go on to tweeze apart their minutia in our daily writings - perhaps some impatience is to be expected. With so much exposure to a given vehicle, it's fair to say we tire of most cars and trucks far more quickly than the average consumer.
The alterations are handsome, if not subtle touches from the "If It Ain't Broke" school of design.
Which is why we're pleased to say "Oh, is it time for that already?" when it comes to the 2014 Jeep Grand Cherokee. The current WK2 Grand Cherokee hit the market in 2011 and climbed its way into our hearts with its rugged good looks, go-anywhere capability and surprising refinement. We're not yet tired of its appearance or performance, but even so, we're very glad to see Chrysler giving its flagship Jeep some attention, including a much-anticipated diesel powertrain option and some other economy-minded measures.

NHTSA boss Strickland weighs in on Jeep recall fracas

Adding yet another chapter to the ongoing Jeep recall story, the National Highway Traffic Safety Administration (NHTSA) head David Strickland has gone on record to defend the government's request that Chrysler recall 2.7 million out-of-production Jeep Grand Cherokee and Jeep Liberty vehicles after the agency investigated fiery rear-end collisions that have reportedly killed at least 51 people over the years. In statements made to The Detroit News, Strickland said, "We felt very strongly that the process that we undertook and the findings that we made and ... we made the decision to issue a recall request. We do not take that very lightly." The top US auto safety regulator stopped short of telling owners to park their cars until the automaker takes action. "They can make their own risk assessment and their own choices," he said.
Chrysler does not intend to recall the models, insisting the "vehicles met and exceeded all applicable requirements of the Federal Motor Vehicle Safety Standards, including FMVSS 301, pertaining to fuel-system integrity" when they were manufactured and sold. "The company does not agree with NHTSA's conclusions and does not intend to recall the vehicles cited in the investigation. The subject vehicles are safe and are not defective," Chrysler announced last week in a statement. "We believe NHTSA's initial conclusions are based on an incomplete analysis of the underlying data, and we are committed to continue working with the agency to resolve this disagreement."
Legally, Chrysler has until June 18 to formally respond to NHTSA's request. If the automaker does not take action, NHTSA is expected to issue a formal finding and seek a recall.