Florida Low 47k Crossfire Roadster Limited Leather Navi Heated Super Nice! on 2040-cars

Auto blog

Jeep in St. Louis hacked from Pittsburgh

One of America's most popular vehicles contains a security flaw that allows hackers to remotely commandeer it from anywhere on the planet. Cyber-security researchers Chris Valasek and Charlie Miller say they've accessed critical vehicle controls on a 2014 Jeep Cherokee that allowed them to remotely control critical vehicle functions like braking, transmission function, and steering. Automakers have downplayed the possibility a car could be remotely compromised, but the significance of the findings detailed Tuesday could cause them to reevaluate the threats posed to hundreds of thousands of vehicles already on the road. A key finding – the pair needed no physical access to the Jeep to pull off the attack. Valasek and Miller accessed the controls via a security hole in the Sprint cellular connection to Chrysler's UConnect infotainment system. In the course of their research, Valasek sat in his Pittsburgh home and remotely manipulated Miller's Jeep as he drove along a highway outside St. Louis. If you know a car's IP address, they say, a hacker could control it from anywhere. "We didn't add anything, didn't touch it," Valasek told Autoblog. "A customer could drive one of these things off a lot, and they'd have no clue it had these open attack surfaces." Remotely, he disabled brakes, turned the radio volume up, engaged windshield wipers and tampered with the transmission. Further, they could conduct surveillance on the Jeep, measuring its speed and tracking its whereabouts. They conducted the experiments over multiple breaches. They made their findings public on the same day the National Highway Traffic Safety Administration, the federal agency in charge of vehicle safety, released its latest report on the readiness of government and automakers to fend off these sorts of cyber attacks. Later today, two US Senators are expected to introduce legislation that would help consumers better understand the potential risks of car hacking. In the early stages of their research, Valasek and Miller found a security flaw in the car's wi-fi that allowed them to remotely manipulate controls from a range of about three feet. But in recent months, they found another vulnerability in the Sprint cellular connection in the UConnect system. That was a key breakthrough. "Lo and behold, we found we could communicate with this thing using cellular, and then more research, and 'Holy cow,' we're using the Sprint network to communicate with these vehicles," Valasek said.

NHTSA looking into non-Takata airbag shrapnel case

The global airbag inflator recall from Takata has been one of the biggest topics in auto safety for months. Now, the National Highway Traffic Safety Administration is opening a preliminary evaluation into the components from Arc Automotive to investigate whether two reported ruptures and two injuries signal a wider problem. So far, only the 2002 Chrysler Town & Country and 2004 Kia Optima are believed to be affected. If a safety campaign is deemed necessary, it could cover an estimated 420,000 of the minivans and 70,000 of the Korean sedans. NHTSA first noticed these ruptures in December 2014. The agency received a complaint of a 2009 case in Ohio about the bursting of the driver's side inflator in a 2002 Town & Country. According to the report, the incident broke the woman's jaw and sent shrapnel into her chest. The government investigated the case, and this was found to be the only known occurrence in these vehicles. The analysis indicated the part's gases were possibly blocked somehow and caused the component to explode. FCA US spokesperson Eric Mayne told Autoblog that the company is "cooperating fully" with NHTSA. "Also, we no longer use that inflator," he said. A second incident came to NHTSA's attention in June 2015 with the driver's side rupture in a 2004 Optima in New Mexico. The agency lists fewer details about the case, and a root cause isn't known. This is also the only currently known example in a Kia vehicle. According to a statement from Kia to Autoblog, "We are taking this matter very seriously and support NHTSA's action and will continue working cooperatively with the agency and suppliers throughout the process." Arc's components are sealed within a steel housing that's meant to protect them from "external atmospheric conditions," according to NHTSA. Multiple suppliers also use them. In the Chrysler, the airbag module came from Key Safety Systems and from Delphi in the Kia. In a statement to Autoblog the company said, "We have received NHTSA's notification and are cooperating fully with its Preliminary Evaluation." At this time, NHTSA admits that it doesn't know for certain whether these two cases are linked. The agency is conducting this preliminary evaluation to learn more.

Marchionne recruiting activist investors to prompt GM merger

Sergio Marchionne may have been rebuffed in his previous advances at General Motors, but he's not about to give up that easily. According to The Wall Street Journal, the Fiat Chrysler chief is now turning to activist investors to help coax GM into joining forces. Marchionne has been a staunch and ceaseless advocate of the need for consolidation, arguing that the industry needs to amalgamate into larger groups that will share resources and reduce overhead. Under his leadership, the Fiat group consolidated its own operations, and officially merged with Chrysler last year. But he's also been pursuing additional mergers with the likes of Volkswagen, Peugeot, Ford, and Opel (to name just a few). Now he's pursuing a merger with GM, which has not shown much enthusiasm towards the idea. For one thing, GM is a much larger company, and probably doesn't need FCA as much as FCA needs it. For another, it has a troubled past with Marchionne, who in 2005 dissolved an agreed merger (of sorts) with GM, yet still managed to get the General to pay Fiat some $2 billion in the process. However, Marchionne is evidently hoping that the intervention of activist investors could compel GM CEO Mary Barra and company to proceed with a merger anyway. For precedent, he's looking at the recent negotiation between GM and some of its stakeholders that prompted the company to buy back $5 billion of its own shares, demonstrating Barra's willingness to deal with investors. The more compelling precedent, however, may have been set in 2006, when activist investor Kirk Kerkorian locked arms with Carlos Ghosn to get GM to consider joining the alliance between Renault and Nissan. GM ultimately declined, and Ghosn turned instead of Daimler (which of course has its own history of having merged with Chrysler). Only time will tell if this initiative will prove more successful, but one thing's for sure, and that's that Marchionne isn't about to relent in his pursuit of a major merger partner.