Blue Auto Soft Top Low Miles All Power 3" Lift 17" Alloy 35" Tires Extras Nice on 2040-cars

Auto blog

Jeep in St. Louis hacked from Pittsburgh

One of America's most popular vehicles contains a security flaw that allows hackers to remotely commandeer it from anywhere on the planet. Cyber-security researchers Chris Valasek and Charlie Miller say they've accessed critical vehicle controls on a 2014 Jeep Cherokee that allowed them to remotely control critical vehicle functions like braking, transmission function, and steering. Automakers have downplayed the possibility a car could be remotely compromised, but the significance of the findings detailed Tuesday could cause them to reevaluate the threats posed to hundreds of thousands of vehicles already on the road. A key finding – the pair needed no physical access to the Jeep to pull off the attack. Valasek and Miller accessed the controls via a security hole in the Sprint cellular connection to Chrysler's UConnect infotainment system. In the course of their research, Valasek sat in his Pittsburgh home and remotely manipulated Miller's Jeep as he drove along a highway outside St. Louis. If you know a car's IP address, they say, a hacker could control it from anywhere. "We didn't add anything, didn't touch it," Valasek told Autoblog. "A customer could drive one of these things off a lot, and they'd have no clue it had these open attack surfaces." Remotely, he disabled brakes, turned the radio volume up, engaged windshield wipers and tampered with the transmission. Further, they could conduct surveillance on the Jeep, measuring its speed and tracking its whereabouts. They conducted the experiments over multiple breaches. They made their findings public on the same day the National Highway Traffic Safety Administration, the federal agency in charge of vehicle safety, released its latest report on the readiness of government and automakers to fend off these sorts of cyber attacks. Later today, two US Senators are expected to introduce legislation that would help consumers better understand the potential risks of car hacking. In the early stages of their research, Valasek and Miller found a security flaw in the car's wi-fi that allowed them to remotely manipulate controls from a range of about three feet. But in recent months, they found another vulnerability in the Sprint cellular connection in the UConnect system. That was a key breakthrough. "Lo and behold, we found we could communicate with this thing using cellular, and then more research, and 'Holy cow,' we're using the Sprint network to communicate with these vehicles," Valasek said.

Feds chastise Marchionne over Jeep recall, only 13% repaired so far

Following the significant outcry surrounding the General Motors and Takata airbag safety crises this year, the National Highway Traffic Safety Administration seems to be taking a much more aggressive role in pushing owners to repair their recalled vehicles. In the agency's latest move, it's urging Jeep drivers to get their models fixed. Acting NHTSA administrator David Friedman even sent a letter to Fiat Chrysler Automobiles CEO Sergio Marchionne pressing him to get more of the SUVs fixed. The problem goes back to the recall of the 2002-2007 Liberty and 1993-1998 Grand Cherokee because of the possibility for the fuel tank to rupture in some rear crashes. The campaign affected over 1.5 million vehicles, but Chrysler initially refused NHTSA's request for a repair campaign. The automaker eventually came up with a fix that involved adding a trailer hitch to provide extra protection to the tank. The feds believe the danger "will be reduced by the remedy now offered by Chrysler," according to the statement. However, this latest push comes out of NHTSA's concern that only three percent of the affected vehicles are repaired, although Chrysler maintains some 13.4 percent have actually been fixed. The agency is asking the automaker to reach out to owners "proactively," and get them to bring the Jeeps in dealers. According to the the feds' statement, the company "has nearly 400,000 parts available" to perform the fixes, and it's still producing more. Friedman's letter to Marchionne goes even further, alleging NHTSA has received reports that dealers are turning customers away who request the recall. He asks the CEO to prove within 15 days that these claims are false. "Given the low rates of repair that Chrysler has reported more than a year after the recall, significantly more aggressive steps are required," says a portion of the note. According to The Detroit News, Chrysler has subsequently promised to speed up the recall work, vowing that all dealers will have at least 12 repair kits in stock by Monday. Further, it has announced plans to ramp up its notification campaign with Facebook ads and public service announcements. Scroll down to read NHTSA's full statement on the matter, and Friedman's letter to Marchionne can be read in PDF format, here.

Jeep Renegade sales being held due to powertrain issue [UPDATE]

UPDATE: An unnamed FCA US source has clarified to Automotive News that while there is a software issue, it does not concern the transmission. The Jeep Renegade appears to be facing early software problems that are similar to the ones at the introduction of the Cherokee a few years ago. The issue is keeping the brand's latest compact crossover away from dealers until the situation can be resolved. The fault reportedly deals with the software controlling the Renegade's nine-speed automatic transmission. FCA CEO Sergio Marchionne briefly talked about what was happening in an interview with Automotive News. "I'm having a very bad engineering day," he said. "It's a combination of attributes of that vehicle that is making my life horrible." The company boss predicted at the longest it could take until mid-June to fix things. Through April, Jeep has sold 5,157 Renegades, including 4,214 of them in that month alone. Autoblog reached out to an FCA US spokesperson to learn more about the software problem, but the company had no comment. Getting the software right to control the nine-speed automatic plagued development of the Cherokee. The issues delayed the model's launch in 2013, and the company was still releasing improvements for some vehicles this year.