2014 Jeep Grand Cherokee Overland Summit 4wd New on 2040-cars

Auto blog

FCA believes thieves aren't getting into Jeeps with laptops

Last week, we reported on an incident where thieves stole a 2010 Jeep Wrangler from an owner's driveway in Houston, TX with nothing but a laptop. While the security footage made it seem like the perpetrator hacked into the vehicle, we had a conversation with FCA's senior manager of security architecture Titus Melnyk who set the record straight. According to Melnyk, the thief in the video isn't using the laptop to get into the vehicle, but rather as a means of coding a blank key fob and then using that fob to get into the Jeep. According to Melnyk, the suspects have gained access to a key programming tool, which allows them to pair blank key fobs to FCA vehicles. With the key fob now coded, the suspects can get into the vehicle and drive away. The thieves, believes Melnyk, have acquired the programming tool through a dishonest dealership or locksmith. Since the suspects are using a process designed to be used (honestly) by dealers, FCA doesn't consider this to be hacking and believes that there are no security flaws in the vehicles. How are the thieves getting key fobs? While Melnyk believes it is possible to recode an existing key fob, he points out that it's much easier to purchase a blank key fob on Ebay for less than $25. FCA is working closely with the Houston Police Department to apprehend the suspects. Related Video: Jeep Technology SUV Videos viral video hacking thieves

FCA will pay you to hack its systems

FCA is willing to pay you to hack its cars, as long as you tell the company how you did it. In an effort to enhance cybersecurity and prevent future incidents like the Jeep Cherokee hack last year, FCA announced it's working with Bugcrowd to find vulnerabilities in its vehicle software. Bugcrowd labels itself as a crowdsourced application security testing company. Users, or independent security researchers as Bugcrowd calls them, can find exploits or vulnerabilities in FCA systems. They then submit the information to Bugcrowd, who in turn supplies the info to FCA. The goal is to update systems and close any possible security breaches. FCA is offering bounties from $150 to $1,500 to any Mr. Robot types, with payment based on the size and severity of the flaw. FCA wants hackers to focus specifically on the UConnect website and the company's iOS and Android apps. No bounties will be given for anything outside the scope of those three things. Bugcrowd says it will not take any legal action against anyone who submits an exploit. While we think it's good that the company is taking steps to address these problems, it's not a groundbreaking maneuver. Other companies employ similar systems. Earlier this year, both Tesla and Uber announced that they're willing to offer up to $10,000 to hackers who find vulnerabilities in their system. For years, Microsoft has been paying hackers to find exploits. It also seems that FCA took its time to announce this plan, considering the Jeep hack happened nearly a year ago. If the partnership works, we can expect other automakers to make similar deals. Related Video: This content is hosted by a third party. To view it, please update your privacy preferences. Manage Settings. News Source: FCA, Bugcrowd Jeep Safety Technology Infotainment Smartphone FCA

FCA expands Jeep Cherokee recall to 68k more vehicles

FCA is expanding its airbag software update for the 2014 and 2015 Jeep Cherokee to cover 68,593 more of the vehicles worldwide. This brings the total to 316,774 Cherokees. Of those, there are now 230,240 in the US, 28,110 in Canada, 6,367 in Mexico, and 52,057 outside of NAFTA. According to the automaker, after reviewing the potentially affected population, it discovered these additional Cherokees in need of the upgrade. The original campaign to repair these vehicles was announced in early February. Engineers found a small number of cases where dramatic changes to the angle of the vehicle that upset its balance caused the side-curtain and seat-mounted side airbags to deploy because they anticipated a rollover. This especially occurred when driving off-road. According to FCA, there're no additional reports of this happening, and the company isn't aware of any injuries or accidents. The fix is simply a software upgrade that recalibrates the airbags' deployment. Related Video: Statement: Restraint-System Software Upgrade May 12, 2015 , Auburn Hills, Mich. - FCA US LLC is expanding by an estimated 62,148 vehicles its recall of U.S.-market SUVs** to upgrade air-bag software. The action follows a routine review of the originally reported vehicle population by FCA US engineers. There have been no additional incidents and FCA US is unaware of any related injuries or accidents. The campaign will upgrade software that governs side-curtain and seat-mounted side air bags following a small number of inadvertent deployments – most of which occurred in harsh, off-road environments. They were prompted by maneuvers that dramatically changed the vehicles' angle of operation, relative to the ground, and the air-bag systems – sensing potential rollover conditions – automatically activated. The software upgrade will recalibrate the threshold for deployment and the vehicles will remain compliant with all applicable safety regulations. Affected are certain 2014 and 2015 Jeep Cherokees. The revised estimate for the U.S. totals 230,240. Revised estimates for other markets are as follows: 28,110 in Canada; 6,367 in Mexico and 52,057 outside the NAFTA region. The revised global total is 316,774 – a difference of 68,593. The Company will notify affected customers. Software will be available at that time. Customers with additional concerns or questions may call 1-800-853-1403. ** http://media.chrysler.com/newsrelease.do?id=16332&mid=431