2007 Chrysler Town & Country Lx on 2040-cars

Auto blog

Jeep in St. Louis hacked from Pittsburgh

One of America's most popular vehicles contains a security flaw that allows hackers to remotely commandeer it from anywhere on the planet. Cyber-security researchers Chris Valasek and Charlie Miller say they've accessed critical vehicle controls on a 2014 Jeep Cherokee that allowed them to remotely control critical vehicle functions like braking, transmission function, and steering. Automakers have downplayed the possibility a car could be remotely compromised, but the significance of the findings detailed Tuesday could cause them to reevaluate the threats posed to hundreds of thousands of vehicles already on the road. A key finding – the pair needed no physical access to the Jeep to pull off the attack. Valasek and Miller accessed the controls via a security hole in the Sprint cellular connection to Chrysler's UConnect infotainment system. In the course of their research, Valasek sat in his Pittsburgh home and remotely manipulated Miller's Jeep as he drove along a highway outside St. Louis. If you know a car's IP address, they say, a hacker could control it from anywhere. "We didn't add anything, didn't touch it," Valasek told Autoblog. "A customer could drive one of these things off a lot, and they'd have no clue it had these open attack surfaces." Remotely, he disabled brakes, turned the radio volume up, engaged windshield wipers and tampered with the transmission. Further, they could conduct surveillance on the Jeep, measuring its speed and tracking its whereabouts. They conducted the experiments over multiple breaches. They made their findings public on the same day the National Highway Traffic Safety Administration, the federal agency in charge of vehicle safety, released its latest report on the readiness of government and automakers to fend off these sorts of cyber attacks. Later today, two US Senators are expected to introduce legislation that would help consumers better understand the potential risks of car hacking. In the early stages of their research, Valasek and Miller found a security flaw in the car's wi-fi that allowed them to remotely manipulate controls from a range of about three feet. But in recent months, they found another vulnerability in the Sprint cellular connection in the UConnect system. That was a key breakthrough. "Lo and behold, we found we could communicate with this thing using cellular, and then more research, and 'Holy cow,' we're using the Sprint network to communicate with these vehicles," Valasek said.

FCA facing class-action lawsuit over Grand Cherokee shifters

Fiat Chrysler Automobiles is now facing a multi-million-dollar class-action lawsuit over the recalled shifter design in the 2014 and 2015 Jeep Grand Cherokee, and the 2012 to 2014 Dodge Charger and Chrysler 300. Grand Cherokee owners, galvanized by Star Trek actor Anton Yelchin's fatal accident, filed the suit. According to The Wall Street Journal, the owners allege that FCA concealed the shifter's problems. On top of restitution, the class action suit is demanding a court order force FCA to issue a do-not-drive warning to owners of affected vehicles until it fixes the problem. FCA started distributing a software fix to dealers last week – according to the WSJ, the update will add more warnings about the shifter's position and will automatically kick the vehicle into park if the driver steps out. FCA's shifter problems have been bubbling under the surface as part of the company's recall issues. The US government dinged FCA with a $105 million fine last year for its recall practices (or lack thereof) last year, but things have exploded this week after Yelchin's death. The 27-year-old, best known for playing Ensign Pavel Chekov in the rebooted Star Trek film series, was killed after his 2015 Grand Cherokee rolled down his driveway and pinned the actor against a security gate. According to Jeep CEO Mike Manley, the company will dispatch engineers to analyze Yelchin's vehicle. Related Video:

To grease the skids for Stellantis, PSA offers to boost Toyota's fortunes

BRUSSELS/MILAN — Peugeot maker PSA has offered to boost Japanese rival Toyota to try to address EU antitrust concerns about its plan to create the world's fourth-biggest carmaker, to be called Stellantis, by merging with Fiat Chrysler, people familiar with the matter said on Friday. PSA has offered to increase the production capacity for Toyota in their van joint venture, one of the sources said. Another source said the French company would sell the vans at close to cost. PSA makes vans for Toyota in its Sevelnord plant in northern France. The van collaboration started in 2012. PSA submitted its offer to the European Commission earlier on Friday, three months after the EU enforcer opened a full-scale investigation into the deal with FCA on concerns that it would hurt competition in small vans in 14 EU countries and Britain. "As of now, the transaction has obtained merger clearance in 14 jurisdictions. As previously stated, closing of the transaction is expected to occur in the first quarter of 2021," PSA and FCA said in a joint statement. The Commission, which temporarily halted its investigation into the deal in July while waiting for the companies to provide requested data, did not set a deadline for its decision. "The deadline is still suspended. This procedure in merger investigations is activated if the parties fail to provide, in a timely fashion, an important piece of information that the Commission has requested from them," the EU executive said. It is now expected to seek feedback from customers and rivals before deciding whether to demand more concessions, or either clear or block the deal. Government/Legal Chrysler Fiat Peugeot Stellantis