4x4 Navigation Hard Top 22 Inch Wheels Nitto Tires Sirius Radio on 2040-cars

Auto blog

Jeep in St. Louis hacked from Pittsburgh

One of America's most popular vehicles contains a security flaw that allows hackers to remotely commandeer it from anywhere on the planet. Cyber-security researchers Chris Valasek and Charlie Miller say they've accessed critical vehicle controls on a 2014 Jeep Cherokee that allowed them to remotely control critical vehicle functions like braking, transmission function, and steering. Automakers have downplayed the possibility a car could be remotely compromised, but the significance of the findings detailed Tuesday could cause them to reevaluate the threats posed to hundreds of thousands of vehicles already on the road. A key finding – the pair needed no physical access to the Jeep to pull off the attack. Valasek and Miller accessed the controls via a security hole in the Sprint cellular connection to Chrysler's UConnect infotainment system. In the course of their research, Valasek sat in his Pittsburgh home and remotely manipulated Miller's Jeep as he drove along a highway outside St. Louis. If you know a car's IP address, they say, a hacker could control it from anywhere. "We didn't add anything, didn't touch it," Valasek told Autoblog. "A customer could drive one of these things off a lot, and they'd have no clue it had these open attack surfaces." Remotely, he disabled brakes, turned the radio volume up, engaged windshield wipers and tampered with the transmission. Further, they could conduct surveillance on the Jeep, measuring its speed and tracking its whereabouts. They conducted the experiments over multiple breaches. They made their findings public on the same day the National Highway Traffic Safety Administration, the federal agency in charge of vehicle safety, released its latest report on the readiness of government and automakers to fend off these sorts of cyber attacks. Later today, two US Senators are expected to introduce legislation that would help consumers better understand the potential risks of car hacking. In the early stages of their research, Valasek and Miller found a security flaw in the car's wi-fi that allowed them to remotely manipulate controls from a range of about three feet. But in recent months, they found another vulnerability in the Sprint cellular connection in the UConnect system. That was a key breakthrough. "Lo and behold, we found we could communicate with this thing using cellular, and then more research, and 'Holy cow,' we're using the Sprint network to communicate with these vehicles," Valasek said.

Key-swapping thieves steal Jeep Grand Cherokee SRT from FL dealer

Just a few weeks back, we reported on the theft of an Audi RS5 by a pair of creative thieves who managed to swipe the car's keys when the salesperson stepped away from their desk. Now, a Florida dealership is missing a Jeep Grand Cherokee SRT8 after some crooks switched the Jeep's keys with an identical, non-functioning set.
According to the report from local NBC affiliate WPTV, the men went in and spoke to a dealer about the Jeep. They walked outside, took a look at it, started it up and in the process managed to switch out the fobs. After doing their time with the salesperson, the thieves walked back out to the car, got in and drove away.
"I mean obviously, the way it was done, I think that they were professionals and they knew what they were doing," said Arrigo Jeep General Manager Joe Tufo. "The fact that they did it in broad daylight and switched the key fob and it was like it was nothing. That's what makes it unique," he added.

Feds chastise Marchionne over Jeep recall, only 13% repaired so far

Following the significant outcry surrounding the General Motors and Takata airbag safety crises this year, the National Highway Traffic Safety Administration seems to be taking a much more aggressive role in pushing owners to repair their recalled vehicles. In the agency's latest move, it's urging Jeep drivers to get their models fixed. Acting NHTSA administrator David Friedman even sent a letter to Fiat Chrysler Automobiles CEO Sergio Marchionne pressing him to get more of the SUVs fixed. The problem goes back to the recall of the 2002-2007 Liberty and 1993-1998 Grand Cherokee because of the possibility for the fuel tank to rupture in some rear crashes. The campaign affected over 1.5 million vehicles, but Chrysler initially refused NHTSA's request for a repair campaign. The automaker eventually came up with a fix that involved adding a trailer hitch to provide extra protection to the tank. The feds believe the danger "will be reduced by the remedy now offered by Chrysler," according to the statement. However, this latest push comes out of NHTSA's concern that only three percent of the affected vehicles are repaired, although Chrysler maintains some 13.4 percent have actually been fixed. The agency is asking the automaker to reach out to owners "proactively," and get them to bring the Jeeps in dealers. According to the the feds' statement, the company "has nearly 400,000 parts available" to perform the fixes, and it's still producing more. Friedman's letter to Marchionne goes even further, alleging NHTSA has received reports that dealers are turning customers away who request the recall. He asks the CEO to prove within 15 days that these claims are false. "Given the low rates of repair that Chrysler has reported more than a year after the recall, significantly more aggressive steps are required," says a portion of the note. According to The Detroit News, Chrysler has subsequently promised to speed up the recall work, vowing that all dealers will have at least 12 repair kits in stock by Monday. Further, it has announced plans to ramp up its notification campaign with Facebook ads and public service announcements. Scroll down to read NHTSA's full statement on the matter, and Friedman's letter to Marchionne can be read in PDF format, here.