Chrysler Lebaron Convertible 1983 26,900 Orig Miles Excellent Condition 4 Cylind on 2040-cars

Auto blog

The problem with how automakers confront hacking threats

More than anyone, Chris Valasek and Charlie Miller are responsible for alerting Americans to the hacking perils awaiting them in their modern-day cars. In 2013, the pair of cyber-security researchers followed in the footsteps of academics at the University of Cal-San Diego and University of Washington, demonstrating it was possible to hack and control cars. Last summer, their research established which vehicles contained inherent security weaknesses. In recent weeks, their latest findings have underscored the far-reaching danger of automotive security breaches. From the comfort of his Pittsburgh home, Valasek exploited a flaw in the cellular connection of a Jeep Cherokee and commandeered control as Miller drove along a St. Louis highway. Remote access. No prior tampering with the vehicle. An industry's nightmare. As a result of their work, FCA US recalled 1.4 million cars, improving safety for millions of motorists. For now, Valasek and Miller are at the forefront of their profession. In a few months, they could be out of jobs. Rather than embrace the skills of software and security experts in confronting the unforeseen downside of connectivity in cars, automakers have been doing their best to stifle independent cyber-security research. Lost in the analysis of the Jeep Cherokee vulnerabilities is the possibility this could be the last study of its kind. In September or October, the U.S. Copyright Office will issue a key ruling that could prevent third-party researchers like Valasek and Miller from accessing the components they need to conduct experiments on vehicles. Researchers have asked for an exemption in the Digital Millennial Copyright Act that would preserve their right to analyze cars, but automakers have opposed that exemption, claiming the software that runs almost every conceivable vehicle function is proprietary. Further, their attorneys have argued the complexity of the software has evolved to a point where safety and security risks arise when third parties start monkeying with the code. Their message on cyber security is, as it has been for years, that they know their products better than anyone else and that it's dangerous for others to meddle with them. But in precise terms, the Jeep Cherokee problems show this is not the case. Valasek and Miller discovered the problem, a security hole in the Sprint cellular connection to the UConnect infotainment system, not industry insiders.

Harsh words from senators over Chrysler's delay in reporting hack

The federal agency charged with protecting American motorists wants to know more about how hackers remotely commandeered and controlled a Jeep Cherokee. Hours after Fiat Chrysler Automobiles recalled 1.4 million cars affected by a flaw in their cellular connections, officials with the National Highway Traffic Safety Administration said Friday they'll further probe the defect by conducting a formal recall query investigation. "Opening this investigation will allow NHTSA to better assess the effectiveness of the remedy proposed," the agency said in a written statement. The remedy works, said Chris Valasek, one of the researchers who first discovered the security flaw. After testing for the vulnerability again Friday, he wrote on Twitter: "Looks like I can't get to @0xcharlie's Jeep from my house via my phone. Good job FCA/Sprint!" From his Pittsburgh home, Valasek had previously accessed and controlled co-worker Charlie Miller's Jeep along a St. Louis highway. Researchers have demonstrated remote hacks before, but the scope and severity of the Jeep vulnerability was unprecedented. The recall for a cyber threat was the first of its kind. Although a software patch and changes made by cellular provider Sprint appeared to fix the problem, news of the exploit and Chrysler's response brought a fresh round of consternation on Capitol Hill, where federal lawmakers had already expressed concerns about automotive cyber security. The Jeep hack elevated their concerns to a new level. "Cyber threats in cars are real and urgent, no figment of the imagination, as this huge recall demonstrates," said Sen. Richard Blumenthal (D-CT). "Incredibly, Chrysler delayed disclosing this chilling cyber-security danger egregiously and inexcusably, and strong sanctions are appropriate to send a message that other auto manufacturers will heed." Chrysler had known about the security gap since October, and Sen. Ed Markey (D-MA) wondered why it took the company so long to let customers know they were at risk. "Despite knowing about this security gap for nearly nine months, Chrysler is only now recalling 1.4 million vehicles to fix this vulnerability," he said. That's a potential pitfall for Chrysler, and something NHTSA will likely address in its investigation. Automakers are supposed to report safety-related defects to the agency within five days of discovery. But according to a chronology of events Chrysler submitted in its recall paperwork, it didn't inform NHTSA until July 15.

Samsung might buy Magneti Marelli, FCA's parts supplier

Automotive manufacturing is quickly changing as companies like Google and Apple move into the sector with new products and services. It should be no surprise that other tech companies are making moves to grab a piece of the pie. According to Bloomberg, Korean tech conglomerate Samsung is in talks to purchase major automotive parts supplier Magneti Marelli from Fiat Chrysler Automobiles. Bloomberg reports that the deal could be worth more than $3 billion. It seems that Samsung is interested in Magneti Marelli's lighting, in-car entertainment, and telematics businesses, but a full purchase of the company isn't off the table. The move would be Samsung's largest-ever purchase outside of South Korea. FCA has already started to branch out and partner with tech firms. The automaker is working with Google to build an autonomous version of the new Pacifica minivan. They hope to have the first batch on the road by the end of the year. Magneti Marelli currently supplies everything from lighting and instrument clusters for passenger vehicles to high-end electronic components for Formula One and MotoGP teams. The company, founded in Italy in 1919, employs around 38,000 workers. Although it's currently owned by FCA, in the past Magneti Marelli has worked with companies like Ford and Microsoft. The purchase could help further diversify Samsung and reduce its dependence on consumer electronics like phones and televisions. Samsung is the world's largest supplier of memory chips and TVs, but the company has taken a hit lately as sales of its smartphones have faltered. In order to keep up with rivals like Apple, the company will need to venture into new markets. Perhaps Samsung's phone expertise would translate to improved vehicle infotainment systems. FCA, on the other hand, is on an aggressive five-year plan aimed at doubling net income. CEO Sergio Marchionne is attempting to eliminate the company's debt, and selling off a major subsidiary could greatly help. A recent attempt at a merger with General Motors failed and further hurt the company's finances. FCA's stock price rose in response to the rumors of the Magneti Marelli sale. Both Samsung and FCA have declined to comment on the move. Related Video: News Source: Bloomberg Technology Rumormill Chrysler Fiat Technology FCA Samsung magnetti marelli