2014 Jeep Grand Cherokee Limited on 2040-cars

Auto blog

Jeep in St. Louis hacked from Pittsburgh

One of America's most popular vehicles contains a security flaw that allows hackers to remotely commandeer it from anywhere on the planet. Cyber-security researchers Chris Valasek and Charlie Miller say they've accessed critical vehicle controls on a 2014 Jeep Cherokee that allowed them to remotely control critical vehicle functions like braking, transmission function, and steering. Automakers have downplayed the possibility a car could be remotely compromised, but the significance of the findings detailed Tuesday could cause them to reevaluate the threats posed to hundreds of thousands of vehicles already on the road. A key finding – the pair needed no physical access to the Jeep to pull off the attack. Valasek and Miller accessed the controls via a security hole in the Sprint cellular connection to Chrysler's UConnect infotainment system. In the course of their research, Valasek sat in his Pittsburgh home and remotely manipulated Miller's Jeep as he drove along a highway outside St. Louis. If you know a car's IP address, they say, a hacker could control it from anywhere. "We didn't add anything, didn't touch it," Valasek told Autoblog. "A customer could drive one of these things off a lot, and they'd have no clue it had these open attack surfaces." Remotely, he disabled brakes, turned the radio volume up, engaged windshield wipers and tampered with the transmission. Further, they could conduct surveillance on the Jeep, measuring its speed and tracking its whereabouts. They conducted the experiments over multiple breaches. They made their findings public on the same day the National Highway Traffic Safety Administration, the federal agency in charge of vehicle safety, released its latest report on the readiness of government and automakers to fend off these sorts of cyber attacks. Later today, two US Senators are expected to introduce legislation that would help consumers better understand the potential risks of car hacking. In the early stages of their research, Valasek and Miller found a security flaw in the car's wi-fi that allowed them to remotely manipulate controls from a range of about three feet. But in recent months, they found another vulnerability in the Sprint cellular connection in the UConnect system. That was a key breakthrough. "Lo and behold, we found we could communicate with this thing using cellular, and then more research, and 'Holy cow,' we're using the Sprint network to communicate with these vehicles," Valasek said.

Woman and child die after Jeep gets stuck in mud

A Florida woman and her baby died over the weekend when their Jeep sank into deep mud during an off-roading trip. Taylor Brown took his girlfriend Hallie Lewis and their infant son Bryson off-roading in his Jeep Cherokee on Saturday night. The Jeep became stuck in thick mud, according to WESH. Brown got out of the vehicle while Lewis and Bryson remained inside. Using a winch, Brown tried – unsuccessfully – to free the Jeep. The Cherokee was left running as he struggled to pull it out of the mud. When he returned to the Jeep to check on his son and girlfriend, he found them unresponsive. Taylor pulled the two out of the back window, but it was too late. Lewis was pronounced dead at a nearby hospital. The baby died shortly thereafter. Police are still investigating, but their deaths appear to be a tragic accident due to carbon monoxide poisoning. The tailpipe of the Jeep was either submerged or caked with mud, allowing the deadly gas to build up inside the vehicle. News Source: WESH Weird Car News Jeep tailpipe carbon monoxide

Airbag fault on 1M recalled Jeeps getting second look from NHTSA [UPDATE]

UPDATE: Here is the statement we received from Chrysler regarding NHTSA's query: "Chrysler Group LLC advised the National Highway Traffic Administration of the six reports and, in accordance with the Company's long-standing practice, is cooperating fully with the resulting investigation. Customer safety is paramount at Chrysler Group. Customers who are concerned may call 1-800-853-1403."
It appears that Jeep's repairs for nearly one million Grand Cherokees from 2002-2004 and Liberty models from 2002-2003 might not be over yet. The vehicles were first recalled in November 2012 because the front airbags could suddenly deploy without being in an accident. Now, the National Highway Traffic Safety Administration is opening a recall query into them because of reports of inadvertent activation on some already corrected vehicles.
The original problem affected over 919,000 vehicles worldwide, including 744,822 in the US, and was caused by a degrading circuit in the wires that control the airbags. In some cases the airbag warning light would come on just before the premature activation, but in other cases it would just happen. The automaker installed an "in-line jumper harness with an integrated electrical filter" meant to eliminate the power spikes believed to be the cause.