***no Reserve-clean Carfax- Stowngo-dvd-1 Owner-leather-rear Camera-heated Seats on 2040-cars

Auto blog

NHTSA investigating Harman Kardon for software vulnerabilities

The National Highway Traffic Safety Administration is investigating infotainment units from Harman Kardon, which produces FCA's Uconnect, to determine if Harman Kardon systems used by other companies are also vulnerable to hackings. Researchers discovered a hole in the cellular connection to the Uconnect infotainment in a Jeep Cherokee. They were able to exploit it to gain access to the vehicle's brakes, radio, and other systems. In the wake of the hack, FCA pledged to send out 1.4 million USB drives to update the software. Politicians also attacked the automaker for not reporting the problem sooner, and NHTSA opened an investigation to find whether the fix worked. INVESTIGATION Subject : Software security vulnerability Date Investigation Opened: JUL 29, 2015 Date Investigation Closed: Open NHTSA Action Number: EQ15005 Component(s): EQUIPMENT All Products Associated with this Investigation Equipment Brand Name Part No. or Model No.Production Dates HARMAN KARDON R3R4 - Details Manufacturer: HARMAN INTERNATIONAL SUMMARY: On July 23, 2015, Fiat Chrysler Automobiles (FCA) submitted a safety recall report to NHTSA concerning a software security defect condition in approximately 1.4 million model year (MY) 2013 through 2015 vehicles equipped with Uconnect 8.4A (RA3) and 8.4AN (RA4) radios manufactured by Harman Kardon (Recall 15V-461). According to FCA, software security vulnerabilities in the recalled vehicles could allow unauthorized third-party access to, and manipulation of, networked vehicle control systems. Unauthorized access or manipulation of the vehicle control systems could reduce the driver?s control of the vehicle increasing the risk of a crash with an attendant increased risk of injury to the driver, other vehicle occupants, and other vehicles and their occupants within proximity to the affected vehicle. This EQ is being opened to obtain information from the supplier of Chrysler Uconnect units to determine the nature and extent of similarities in other infotainment products provided to other vehicle manufacturers. If sufficient similarities exist, the investigation will examine if there is cause for concern that security issues exist in other Harman Kardon products. Related Video:

The problem with how automakers confront hacking threats

More than anyone, Chris Valasek and Charlie Miller are responsible for alerting Americans to the hacking perils awaiting them in their modern-day cars. In 2013, the pair of cyber-security researchers followed in the footsteps of academics at the University of Cal-San Diego and University of Washington, demonstrating it was possible to hack and control cars. Last summer, their research established which vehicles contained inherent security weaknesses. In recent weeks, their latest findings have underscored the far-reaching danger of automotive security breaches. From the comfort of his Pittsburgh home, Valasek exploited a flaw in the cellular connection of a Jeep Cherokee and commandeered control as Miller drove along a St. Louis highway. Remote access. No prior tampering with the vehicle. An industry's nightmare. As a result of their work, FCA US recalled 1.4 million cars, improving safety for millions of motorists. For now, Valasek and Miller are at the forefront of their profession. In a few months, they could be out of jobs. Rather than embrace the skills of software and security experts in confronting the unforeseen downside of connectivity in cars, automakers have been doing their best to stifle independent cyber-security research. Lost in the analysis of the Jeep Cherokee vulnerabilities is the possibility this could be the last study of its kind. In September or October, the U.S. Copyright Office will issue a key ruling that could prevent third-party researchers like Valasek and Miller from accessing the components they need to conduct experiments on vehicles. Researchers have asked for an exemption in the Digital Millennial Copyright Act that would preserve their right to analyze cars, but automakers have opposed that exemption, claiming the software that runs almost every conceivable vehicle function is proprietary. Further, their attorneys have argued the complexity of the software has evolved to a point where safety and security risks arise when third parties start monkeying with the code. Their message on cyber security is, as it has been for years, that they know their products better than anyone else and that it's dangerous for others to meddle with them. But in precise terms, the Jeep Cherokee problems show this is not the case. Valasek and Miller discovered the problem, a security hole in the Sprint cellular connection to the UConnect infotainment system, not industry insiders.

New Barracuda, Grand Cherokee Trackhawk coming soon

As we write this, Fiat Chrysler Automobiles is conducting a major dealership event in sunny Las Vegas. New vehicles are being announced, redesigned offerings are being teased, and promises are being made to the sprawling company's dealer body. And, as all these announcements are meant to be tip-top secret, they're leaking out left, right, and center. Naturally. FCA is telling its dealers all of the vehicles shown at the Vegas gala will be in showrooms within 12 to 24 months, and that the product offensive will include at least 30 new or significantly refreshed models. Some of those we've known about since FCA boss Sergio Marchionne unveiled his highly ambitious five-year plan in May 2014, while we're hearing about others for the very first time. We've reached out to our sources within FCA, and will update this post as we learn more. It should be noted that while we've tried to rely on concrete sources or corroborations from multiple sources, some of the news here comes from people claiming to have been in attendance and posting in forums like Allpar and Jalopnik's Opposite Lock. Unless corroborated by a mainstream source or confirmed by our own sources within FCA, we're listing each item that comes from a forum. Have those grains of salt at the ready. Chrysler Dodge Durango-sized SUV with stow-and-go was shown. A poster on Allpar Forums claims it had a Durango's interior. New Aspen? Town and Country PHEV confirmed (again). A plug-in minivan was originally announced as part of five-year plan. No news on 200 or 300. Dodge The redesigned Charger will use the Alfa Romeo Giulia's rear-drive platform and, according Automotive News, draw inspiration from 1999's Charger concept car. We're wagering the 24-month time frame specified to dealers will move the new sedan's arrival up from 2018 to mid-2017. Jalopnik's Opposite Lock claims two new Challenger models are coming. Challenger ADR (American Drag Racer) and T/A. ADR should appeal to bracket racers and is more powerful than the SRT Hellcat, while T/A is for track rats, just like Viper T/A. Automotive News claims the legendary Barracuda nameplate will be revived as a Dodge. The Barracuda will be smaller than Challenger, offered as both a coupe and a convertible. Allpar claims it will feature modern styling. A Dodge Durango SRT was announced with 6.4-liter Hemi V8 and rear-drive. Sources within FCA confirmed its arrival with Autoblog. Apparently, dealers were shown an example in B5 Blue.