2014 Chrysler Town & Country S on 2040-cars

Auto blog

Harsh words from senators over Chrysler's delay in reporting hack

The federal agency charged with protecting American motorists wants to know more about how hackers remotely commandeered and controlled a Jeep Cherokee. Hours after Fiat Chrysler Automobiles recalled 1.4 million cars affected by a flaw in their cellular connections, officials with the National Highway Traffic Safety Administration said Friday they'll further probe the defect by conducting a formal recall query investigation. "Opening this investigation will allow NHTSA to better assess the effectiveness of the remedy proposed," the agency said in a written statement. The remedy works, said Chris Valasek, one of the researchers who first discovered the security flaw. After testing for the vulnerability again Friday, he wrote on Twitter: "Looks like I can't get to @0xcharlie's Jeep from my house via my phone. Good job FCA/Sprint!" From his Pittsburgh home, Valasek had previously accessed and controlled co-worker Charlie Miller's Jeep along a St. Louis highway. Researchers have demonstrated remote hacks before, but the scope and severity of the Jeep vulnerability was unprecedented. The recall for a cyber threat was the first of its kind. Although a software patch and changes made by cellular provider Sprint appeared to fix the problem, news of the exploit and Chrysler's response brought a fresh round of consternation on Capitol Hill, where federal lawmakers had already expressed concerns about automotive cyber security. The Jeep hack elevated their concerns to a new level. "Cyber threats in cars are real and urgent, no figment of the imagination, as this huge recall demonstrates," said Sen. Richard Blumenthal (D-CT). "Incredibly, Chrysler delayed disclosing this chilling cyber-security danger egregiously and inexcusably, and strong sanctions are appropriate to send a message that other auto manufacturers will heed." Chrysler had known about the security gap since October, and Sen. Ed Markey (D-MA) wondered why it took the company so long to let customers know they were at risk. "Despite knowing about this security gap for nearly nine months, Chrysler is only now recalling 1.4 million vehicles to fix this vulnerability," he said. That's a potential pitfall for Chrysler, and something NHTSA will likely address in its investigation. Automakers are supposed to report safety-related defects to the agency within five days of discovery. But according to a chronology of events Chrysler submitted in its recall paperwork, it didn't inform NHTSA until July 15.

The problem with how automakers confront hacking threats

More than anyone, Chris Valasek and Charlie Miller are responsible for alerting Americans to the hacking perils awaiting them in their modern-day cars. In 2013, the pair of cyber-security researchers followed in the footsteps of academics at the University of Cal-San Diego and University of Washington, demonstrating it was possible to hack and control cars. Last summer, their research established which vehicles contained inherent security weaknesses. In recent weeks, their latest findings have underscored the far-reaching danger of automotive security breaches. From the comfort of his Pittsburgh home, Valasek exploited a flaw in the cellular connection of a Jeep Cherokee and commandeered control as Miller drove along a St. Louis highway. Remote access. No prior tampering with the vehicle. An industry's nightmare. As a result of their work, FCA US recalled 1.4 million cars, improving safety for millions of motorists. For now, Valasek and Miller are at the forefront of their profession. In a few months, they could be out of jobs. Rather than embrace the skills of software and security experts in confronting the unforeseen downside of connectivity in cars, automakers have been doing their best to stifle independent cyber-security research. Lost in the analysis of the Jeep Cherokee vulnerabilities is the possibility this could be the last study of its kind. In September or October, the U.S. Copyright Office will issue a key ruling that could prevent third-party researchers like Valasek and Miller from accessing the components they need to conduct experiments on vehicles. Researchers have asked for an exemption in the Digital Millennial Copyright Act that would preserve their right to analyze cars, but automakers have opposed that exemption, claiming the software that runs almost every conceivable vehicle function is proprietary. Further, their attorneys have argued the complexity of the software has evolved to a point where safety and security risks arise when third parties start monkeying with the code. Their message on cyber security is, as it has been for years, that they know their products better than anyone else and that it's dangerous for others to meddle with them. But in precise terms, the Jeep Cherokee problems show this is not the case. Valasek and Miller discovered the problem, a security hole in the Sprint cellular connection to the UConnect infotainment system, not industry insiders.

2015 Chrysler 200 caught looking good after leaking out

We can't yet share all the details on the 2015 Chrysler 200 sedan, but we can direct your attention to the image above, which was published by the boys at Jalopnik after Chrysler reportedly let it out by accident. As you can see, the new 200 will be a nicely styled piece of machinery.
According to leaked documentation, the 2015 Chrysler 200 will come with the buyer's choice of a 2.4-liter Tiger Shark four-cylinder engine with 184 horsepower and 173 pound-feet of torque or a 3.6-liter Pentastar V6 boasting 295 horses and 262 lb-ft. Those ponies will be routed through a nine-speed automatic with a rotary gear selector, sending power to the front wheels. Alternatively, a high-tech all-wheel-drive system will be available that can electronically disconnect the rear axle, saving fuel.
Speaking of fuel efficiency, the 2015 200 will be able to achieve up to 35 miles per gallon on the highway, which is an impressive figure for this class. An on-sale date has yet to be announced, but the next 200 will start at $21,700 (plus $995 for destination) when it does finally hit dealerships.