Green Suv 2.4l Automatic 4wd Alloy Wheels New Tires Cruise Control Floor Mats Cd on 2040-cars

Auto blog

Jeep in St. Louis hacked from Pittsburgh

One of America's most popular vehicles contains a security flaw that allows hackers to remotely commandeer it from anywhere on the planet. Cyber-security researchers Chris Valasek and Charlie Miller say they've accessed critical vehicle controls on a 2014 Jeep Cherokee that allowed them to remotely control critical vehicle functions like braking, transmission function, and steering. Automakers have downplayed the possibility a car could be remotely compromised, but the significance of the findings detailed Tuesday could cause them to reevaluate the threats posed to hundreds of thousands of vehicles already on the road. A key finding – the pair needed no physical access to the Jeep to pull off the attack. Valasek and Miller accessed the controls via a security hole in the Sprint cellular connection to Chrysler's UConnect infotainment system. In the course of their research, Valasek sat in his Pittsburgh home and remotely manipulated Miller's Jeep as he drove along a highway outside St. Louis. If you know a car's IP address, they say, a hacker could control it from anywhere. "We didn't add anything, didn't touch it," Valasek told Autoblog. "A customer could drive one of these things off a lot, and they'd have no clue it had these open attack surfaces." Remotely, he disabled brakes, turned the radio volume up, engaged windshield wipers and tampered with the transmission. Further, they could conduct surveillance on the Jeep, measuring its speed and tracking its whereabouts. They conducted the experiments over multiple breaches. They made their findings public on the same day the National Highway Traffic Safety Administration, the federal agency in charge of vehicle safety, released its latest report on the readiness of government and automakers to fend off these sorts of cyber attacks. Later today, two US Senators are expected to introduce legislation that would help consumers better understand the potential risks of car hacking. In the early stages of their research, Valasek and Miller found a security flaw in the car's wi-fi that allowed them to remotely manipulate controls from a range of about three feet. But in recent months, they found another vulnerability in the Sprint cellular connection in the UConnect system. That was a key breakthrough. "Lo and behold, we found we could communicate with this thing using cellular, and then more research, and 'Holy cow,' we're using the Sprint network to communicate with these vehicles," Valasek said.

Certain Chrysler owners eligible for buyback program

Certain car owners whose Chrysler vehicles contain dangerous defects will soon have a way to get rid of their lemons without losing money. As part of an agreement with federal regulators, Fiat Chrysler Automobiles has agreed to buy back more than 500,000 vehicles susceptible to veering out of control without warning at above market-value prices. The deal mainly covers certain models of RAM trucks, the Dodge Dakota pickup and Dodge Durango SUV. Further, owners of more than 1.5 million Jeep Liberty and Grand Cherokees at heightened risk for lethal fires are eligible to trade in their vehicles at above market value or, alternately, get a gift certificate if they prefer to have repairs made. Chrysler has "a heavy responsibility to make sure the products they make are safe for the traveling public," said Mark Rosekind, administrator of the National Highway Traffic Safety Administration. "... Here, we are sending an unambiguous signal to industry that if you skirt the laws or violate the law, or don't live up to the responsibility that consumers expect, we are going to penalize you." The buy-back and trade-in options for motorists come as part of an unprecedented penalty NHTSA slapped against Chrysler for violating federal motor-vehicle safety laws. Chrysler will pay a $105 million fine, the highest ever levied by the regulatory agency. In addition to the buy-backs, Chrysler also agreed to an independent monitor for three years. Investigators had outlined problems in the company's conduct in 23 recalls that affected more than 11 million defect vehicles. As part of a consent-order agreement, Chrysler acknowledged it did not notify vehicle owners of recalls in an effective manner and did not notify NHTSA of safety problems. Though those recalls affected millions of drivers, the buy-back and trade-in options are only for a small portion of the vehicles involved. Because Chrysler struggled to fix the problem and no repair was apparent, Rosekind said the buy-backs are reserved "for customers who didn't have a remedy." Buy-backs are for trucks and SUVs affected by three recalls that occurred in 2013 (recalls 13V-038, 13V-527 and 13V-529), that addressed a rear-axle pinion nut that could come loose and cause a loss of vehicle control. Those recalls covered 579,228 vehicles, including 2009-2012 Ram 1500, 2500, 3500, 4500 and 5500 trucks, 2009-2012 Dodge Dakotas, 2009 Chrysler Aspen and the 2009 Dodge Durango.

YouTube tallies votes for this year's top five Super Bowl spots [w/video]

When we asked you to tell us which of this year's 16 car-themed Super Bowl commercials you liked best, you chose the Farmer commercial from Chrysler Group, advertising the Ram trucks, over Audi's Prom commercial in second place. Turns out the voters in YouTube's Ad Blitz poll agreed, voting the same commercial to the number one spot from among the field commercials in every category.
From there, however, they went in a totally different direction. Budweiser's The Clydesdales spot came second, Samsung's The Next Big Thing took third. The Jeep Whole Again ad scored fourth in the YouTube poll, fifth in our poll of auto commercials, and the Hyundai Team spot got fifth from the YouTubers, but ninth in our poll.
The voting results don't match up with the viewing numbers, though - while Farmer has more than 13 million views, The Next Big Thing is well beyond 21 million. You can read the press release below and see all five spots, lined up for you, one more time.