2012 Chrysler 300s Hemi Pano Sunroof Nav 22" Wheels 13k Texas Direct Auto on 2040-cars

Auto blog

Harsh words from senators over Chrysler's delay in reporting hack

The federal agency charged with protecting American motorists wants to know more about how hackers remotely commandeered and controlled a Jeep Cherokee. Hours after Fiat Chrysler Automobiles recalled 1.4 million cars affected by a flaw in their cellular connections, officials with the National Highway Traffic Safety Administration said Friday they'll further probe the defect by conducting a formal recall query investigation. "Opening this investigation will allow NHTSA to better assess the effectiveness of the remedy proposed," the agency said in a written statement. The remedy works, said Chris Valasek, one of the researchers who first discovered the security flaw. After testing for the vulnerability again Friday, he wrote on Twitter: "Looks like I can't get to @0xcharlie's Jeep from my house via my phone. Good job FCA/Sprint!" From his Pittsburgh home, Valasek had previously accessed and controlled co-worker Charlie Miller's Jeep along a St. Louis highway. Researchers have demonstrated remote hacks before, but the scope and severity of the Jeep vulnerability was unprecedented. The recall for a cyber threat was the first of its kind. Although a software patch and changes made by cellular provider Sprint appeared to fix the problem, news of the exploit and Chrysler's response brought a fresh round of consternation on Capitol Hill, where federal lawmakers had already expressed concerns about automotive cyber security. The Jeep hack elevated their concerns to a new level. "Cyber threats in cars are real and urgent, no figment of the imagination, as this huge recall demonstrates," said Sen. Richard Blumenthal (D-CT). "Incredibly, Chrysler delayed disclosing this chilling cyber-security danger egregiously and inexcusably, and strong sanctions are appropriate to send a message that other auto manufacturers will heed." Chrysler had known about the security gap since October, and Sen. Ed Markey (D-MA) wondered why it took the company so long to let customers know they were at risk. "Despite knowing about this security gap for nearly nine months, Chrysler is only now recalling 1.4 million vehicles to fix this vulnerability," he said. That's a potential pitfall for Chrysler, and something NHTSA will likely address in its investigation. Automakers are supposed to report safety-related defects to the agency within five days of discovery. But according to a chronology of events Chrysler submitted in its recall paperwork, it didn't inform NHTSA until July 15.

Mopar opening Custom Shop at Cobo

While other automakers have been streamlining their brand portfolio, the Chrysler Group has shown no such signs. It's got the Dodge, Chrysler and Jeep brands, plus Fiat, and it recently broke out its SRT and Ram nameplates into their own brands. And you can bet each will have its own presence at the Detroit Auto Show this year. But don't forget Mopar. The company's performance parts division is getting its own display at Cobo this year, and it'll be the largest in the brand's history.
The Mopar Custom Shop is poised to take up 5,500 square-feet of Cobo floor space, further expanding on last year's Mopar Garage. If the image above offers any indication, the show stand will include a Dodge Challenger, SRT Viper, Fiat 500L, Jeep Wrangler, Jeep Cherokee, Ram 3500 and what looks like (but isn't identified in the press release below as) a Chrysler 200 (which may be replaced by a 2014 model), all augmented with Mopar parts and accessories.
Visitors will also be able to use pre-programmed iPads to configure Chrysler Group vehicles with a wide range of accessories - a portfolio that grows by 1,500 new parts every year and tops over 100 add-ons for every new vehicle Chrysler launches.

How to update and secure a vulnerable Chrysler Uconnect system

If you own one of the 1.4 million vehicles affected by the recent Chrysler software recall, you may want to watch this video. In it, we explain how to get the latest infotainment software loaded onto the 8.4-inch Uconnect system. The recall was a response to the findings of researchers who were able to hack into and remotely control a 2014 Jeep Cherokee through its cellular connection. Although Fiat Chrysler has worked with Sprint to plug most of the holes on the carrier side, there are still some vulnerabilities that only this latest software version can patch. Owners have three options to get the update: download it now, wait for a USB stick in the mail, or take the vehicle to an FCA dealer. Chrysler will be sending USB sticks loaded with the software update to customers. Anyone with an internet connection and a USB stick of their own with at least 4 GB capacity can speed things up by downloading the patch from the Uconnect website. We cover that process from start to finish in the video, with the final portion still applicable to those using the FCA-supplied USB stick. If after watching this you still don't want to tackle the patch yourself, you can take your vehicle to the dealer to have it done. Also note that this process is the same for all Uconnect updates, not just the one patching the exploits. Our demonstrator vehicle is a 2015 Ram 1500 pickup. The procedure should be very similar on other products with the 8.4-inch Uconnect system, with only the location of the USB port varying. Once you have the USB stick with the software on it – either after having downloaded it yourself or receiving it in the mail from Chrysler – the installation process is relatively simple. It takes about 15 minutes to perform the update; we edited out the wait in the video. To check whether or not your car's 8.4-inch Uconnect system is running the latest software, go to System Information on the touch screen's Settings page and look at Software Version. The update related to the recall is version 15.17.5. Related Video: Recalls Chrysler Dodge Jeep RAM Safety Technology Infotainment Videos Original Video hacking