Pristine 98 Jeep Cherokee Sport Limited Pkg. Leather 4x4 Loaded Just Serviced! on 2040-cars

Auto blog

Jeep Renegade recalled to prevent hacking

Jeep is issuing a voluntary recall of some 7,800 Renegades over fears that their radios may be vulnerable to hacking. The company is quick to stress that this campaign is independent of the hacking scare earlier this year. Only Renegades fitted with the 6.5-inch touchscreen display are affected by the recall. Owners of the affected vehicles will be mailed a USB jump drive that they can plug into their vehicle for a free software update. Alternatively, owners can head over to the UConnect website, enter their VIN, and download the software to their own jump drive. (See how in our video below.) Dealers will also perform the upgrade free of charge. The software update provides "additional security features," that should prevent remote tampering. If this sounds worrying, it's actually not that huge of a problem. First, Fiat Chrysler Automobiles estimates that over half the affected vehicles are still sitting on dealer lots. More importantly, according to FCA, the vulnerability on the Renegade "required unique and extensive technical knowledge, prolonged physical access to a subject vehicle and extended periods of time to write code," making it considerably different than the Cherokee problem. No injuries or hacks have been reported by any Renegade owner. Related Video: Statement: Software Update September 4, 2015 , Auburn Hills, Mich. - FCA US LLC is conducting a voluntary safety recall to update software in approximately 7,810 U.S.-market SUVs equipped with certain radios. More than half remain in dealer hands and will be serviced before they are sold. The campaign – which involves radios that differ from those implicated in another, similar recall – is designed to protect connected vehicles from remote manipulation. If unauthorized, such interference constitutes a criminal act. FCA US has already applied measures to prevent the type of vehicle manipulation demonstrated in a recent media report. These measures – which required no customer or dealer actions – block remote access to certain vehicle systems. The Company is unaware of any injuries related to software exploitation, nor is it aware of any related complaints, warranty claims or accidents – independent of the media demonstration. Affected are certain 2015 Jeep Renegade SUVs equipped with 6.5-inch touchscreens. Customers will receive a USB device which they may use to upgrade vehicle software. This provides additional security features.

Chrysler, Nissan looking into claim that their cars are industry's most hackable

A pair of cyber security experts have awarded the ignominious title of most hackable vehicles on American roads to the 2014 Jeep Cherokee, 2014 Infiniti Q50 and 2015 Cadillac Escalade.
Charlie Miller and Chris Valasek are set to release a report at the Black Hat hacking conference in Las Vegas, Automotive News reports. The two men found the Jeep, Caddy and Q50 were easiest to hack based not on actual tests with the vehicles, but a detailed analysis of systems like Bluetooth and wireless internet access - basically, anything that'd allow a hacker to remotely gain access to the vehicle's systems.
Considering this lack of hands-on testing, the pair acknowledge that "most hackable" could be a relative term - they point out that the vehicles may actually be quite secure.

Jeep in St. Louis hacked from Pittsburgh

One of America's most popular vehicles contains a security flaw that allows hackers to remotely commandeer it from anywhere on the planet. Cyber-security researchers Chris Valasek and Charlie Miller say they've accessed critical vehicle controls on a 2014 Jeep Cherokee that allowed them to remotely control critical vehicle functions like braking, transmission function, and steering. Automakers have downplayed the possibility a car could be remotely compromised, but the significance of the findings detailed Tuesday could cause them to reevaluate the threats posed to hundreds of thousands of vehicles already on the road. A key finding – the pair needed no physical access to the Jeep to pull off the attack. Valasek and Miller accessed the controls via a security hole in the Sprint cellular connection to Chrysler's UConnect infotainment system. In the course of their research, Valasek sat in his Pittsburgh home and remotely manipulated Miller's Jeep as he drove along a highway outside St. Louis. If you know a car's IP address, they say, a hacker could control it from anywhere. "We didn't add anything, didn't touch it," Valasek told Autoblog. "A customer could drive one of these things off a lot, and they'd have no clue it had these open attack surfaces." Remotely, he disabled brakes, turned the radio volume up, engaged windshield wipers and tampered with the transmission. Further, they could conduct surveillance on the Jeep, measuring its speed and tracking its whereabouts. They conducted the experiments over multiple breaches. They made their findings public on the same day the National Highway Traffic Safety Administration, the federal agency in charge of vehicle safety, released its latest report on the readiness of government and automakers to fend off these sorts of cyber attacks. Later today, two US Senators are expected to introduce legislation that would help consumers better understand the potential risks of car hacking. In the early stages of their research, Valasek and Miller found a security flaw in the car's wi-fi that allowed them to remotely manipulate controls from a range of about three feet. But in recent months, they found another vulnerability in the Sprint cellular connection in the UConnect system. That was a key breakthrough. "Lo and behold, we found we could communicate with this thing using cellular, and then more research, and 'Holy cow,' we're using the Sprint network to communicate with these vehicles," Valasek said.