2014 Jeep Grand Cherokee Overland on 2040-cars

Auto blog

Jeep in St. Louis hacked from Pittsburgh

One of America's most popular vehicles contains a security flaw that allows hackers to remotely commandeer it from anywhere on the planet. Cyber-security researchers Chris Valasek and Charlie Miller say they've accessed critical vehicle controls on a 2014 Jeep Cherokee that allowed them to remotely control critical vehicle functions like braking, transmission function, and steering. Automakers have downplayed the possibility a car could be remotely compromised, but the significance of the findings detailed Tuesday could cause them to reevaluate the threats posed to hundreds of thousands of vehicles already on the road. A key finding – the pair needed no physical access to the Jeep to pull off the attack. Valasek and Miller accessed the controls via a security hole in the Sprint cellular connection to Chrysler's UConnect infotainment system. In the course of their research, Valasek sat in his Pittsburgh home and remotely manipulated Miller's Jeep as he drove along a highway outside St. Louis. If you know a car's IP address, they say, a hacker could control it from anywhere. "We didn't add anything, didn't touch it," Valasek told Autoblog. "A customer could drive one of these things off a lot, and they'd have no clue it had these open attack surfaces." Remotely, he disabled brakes, turned the radio volume up, engaged windshield wipers and tampered with the transmission. Further, they could conduct surveillance on the Jeep, measuring its speed and tracking its whereabouts. They conducted the experiments over multiple breaches. They made their findings public on the same day the National Highway Traffic Safety Administration, the federal agency in charge of vehicle safety, released its latest report on the readiness of government and automakers to fend off these sorts of cyber attacks. Later today, two US Senators are expected to introduce legislation that would help consumers better understand the potential risks of car hacking. In the early stages of their research, Valasek and Miller found a security flaw in the car's wi-fi that allowed them to remotely manipulate controls from a range of about three feet. But in recent months, they found another vulnerability in the Sprint cellular connection in the UConnect system. That was a key breakthrough. "Lo and behold, we found we could communicate with this thing using cellular, and then more research, and 'Holy cow,' we're using the Sprint network to communicate with these vehicles," Valasek said.

Feds chastise Marchionne over Jeep recall, only 13% repaired so far

Following the significant outcry surrounding the General Motors and Takata airbag safety crises this year, the National Highway Traffic Safety Administration seems to be taking a much more aggressive role in pushing owners to repair their recalled vehicles. In the agency's latest move, it's urging Jeep drivers to get their models fixed. Acting NHTSA administrator David Friedman even sent a letter to Fiat Chrysler Automobiles CEO Sergio Marchionne pressing him to get more of the SUVs fixed. The problem goes back to the recall of the 2002-2007 Liberty and 1993-1998 Grand Cherokee because of the possibility for the fuel tank to rupture in some rear crashes. The campaign affected over 1.5 million vehicles, but Chrysler initially refused NHTSA's request for a repair campaign. The automaker eventually came up with a fix that involved adding a trailer hitch to provide extra protection to the tank. The feds believe the danger "will be reduced by the remedy now offered by Chrysler," according to the statement. However, this latest push comes out of NHTSA's concern that only three percent of the affected vehicles are repaired, although Chrysler maintains some 13.4 percent have actually been fixed. The agency is asking the automaker to reach out to owners "proactively," and get them to bring the Jeeps in dealers. According to the the feds' statement, the company "has nearly 400,000 parts available" to perform the fixes, and it's still producing more. Friedman's letter to Marchionne goes even further, alleging NHTSA has received reports that dealers are turning customers away who request the recall. He asks the CEO to prove within 15 days that these claims are false. "Given the low rates of repair that Chrysler has reported more than a year after the recall, significantly more aggressive steps are required," says a portion of the note. According to The Detroit News, Chrysler has subsequently promised to speed up the recall work, vowing that all dealers will have at least 12 repair kits in stock by Monday. Further, it has announced plans to ramp up its notification campaign with Facebook ads and public service announcements. Scroll down to read NHTSA's full statement on the matter, and Friedman's letter to Marchionne can be read in PDF format, here.

Watch this R/C Jeep Wrangler plow snow

There's no denying the fact that the Jeep Wrangler is one tough and rugged vehicle, and there is apparently little lost when the SUV is shrunk down for a 1:10th scale radio-controlled version. Proving that the Axial SCX10 Jeep Wrangler is not your run-of-the-mill R/C car, YouTube user Andrew Dykiel posted a pair of videos showing it clear about an inch of snow from his sidewalk and driveway during a snow storm last month.
Starting at $379.99, the Axial SCX10 costs more than most budget snowblowers, but other than paying a neighbor kid to shovel your snow, this might be the best way for a car guy to clear snow without the need for hot chocolate and ibuprofen. Better yet, it's electric, so it's zero-emission answer to snow removal! Scroll down to see how this R/C Jeep can help "shovel" snow from the warmth of your sofa. We've also thrown in a bonus video showing the mini Jeep negotiating the Rubicon Trail.