2012 Jeep Liberty Sport on 2040-cars

Auto blog

In Michigan, car hackers could face life imprisonment

Car hackers may not want to mess with vehicles in and around the Motor City. A pair of Michigan lawmakers introduced legislation Thursday that would punish anyone who infiltrates a vehicle's electronic systems with penalties as harsh as life imprisonment. Senate bill 927 says that "a person shall not intentionally access or cause access to be made to an electronic system of a motor vehicle to willfully destroy, damage, impair, alter or gain unauthorized control of the motor vehicle." Offenders will be deemed guilty of a felony, and may be imprisoned for any number of years up to life in prison. The proposed legislation is one of the first attempts nationally to address the consequences for car hacking, which has become a top concern throughout the auto industry. Critics have accused executives of being slow to respond to the threats, which were first known as long as six years ago but gained attention last July when a pair of researchers remotely controlled a Jeep Cherokee. In January, the industry established an Information Sharing and Analysis Center to collectively evaluate security measures and counter breaches. But the Michigan bill isn't noteworthy only because of the life penalty prescribed; it's noteworthy for what's missing in its details. Language in the bill doesn't delineate between independent cyber-security researchers and criminals who intend to inflict harm or havoc. Under its provisions, it's possible Charlie Miller, pictured below, and Chris Valasek, the researchers who demonstrated last summer that the Cherokee could be remotely commandeered and controlled, could face life behind bars. Provisions of the legislation that prevent a person from "altering" the motor vehicle could ensnare car enthusiasts or gearheads who tinker with electronic systems to boost performance, increase fuel efficiency or add aftermarket features. In that context, Senate Bill 927 seems like the latest measure in a running feud between independent researchers, gearheads and big automakers. Car companies don't like third parties poking around their electronic systems and would prefer the researchers not reveal security weaknesses. Researchers, on the other hand, say many carmakers are either slow to fix or unwilling to repair security holes unless they're able to publish their findings.

Chrysler Recalls 350K Vehicles To Fix Ignition Switches

Chrysler is recalling nearly 350,000 cars and SUVs to fix ignition switches that could unexpectedly shut off the engines. The recall covers 2008 Jeep Commander and Grand Cherokee SUVs, Chrysler 300 and Dodge Charger sedans, and Dodge Magnum wagons. All were built before May 12, 2008. Chrysler says the ignitions may not fully return to the "on" position after being started. The switches could move to "accessory" or "off." That could shut off the engine and knock out power-assisted steering and other features. Chrysler knows of one crash and no injuries from the problem. It's telling people to use the key alone in the ignition and confirm that switches have returned to "on" after starting their cars. Chrysler is investigating the cause. Customers will be notified when repairs are ready. Related Gallery The Trucks And SUVs Consumers Are Liking Most View 11 Photos

Autoblog Minute: FCA issues Uconnect software update amid hacking fears

Carjacking has gone wireless, as automakers and Congress scramble for a solution after a disturbing video on Wired showed a pair of researchers controlling a Jeep Cherokee remotely. Autoblog's Adam Morath and David Gluckman report on this edition of Autoblog Minute. Show full video transcript text [00:00:00] Carjacking has gone wireless, as automakers and Congress scramble for a solution. I'm Adam Morath and this is your Autoblog Minute. Cars with wireless connections are susceptible to remote hacking, as demonstrated in a disturbing video on Wired.com. The segment showed two researchers remotely controlling a Jeep Cherokee, including running vehicle's the wipers, turning up the music, and ultimately shutting down [00:00:30] the Jeep while it was being driven on the highway by Wired senior writer Andy Greenberg. Washington took note. A press release issued from the desks of senators Ed Markey and Richard Blumenthal introduces legislation protecting drivers from auto security privacy risks. Fiat Chrysler, parent company of Jeep, has a solution for its customers. For more we go to Autoblog's David Gluckman. [GLUCKMAN INTERVIEW] Chrysler has worked with the Uconnect cellular provider Sprint to plug security holes on the carrier side. The vehicles themselves can't be updated wirelessly, so [00:01:00] the remaining changes require physical access. For that, customers have three options: One, download the Uconnect software update to a USB stick and install. Two, wait for FCA to send a USB stick with the latest software that they can install, or third, visit a dealer. Owners should do what they're most comfortable with. I made a video that walks through the whole process from download to install and it took about a half hour. [MORATH] David's full video tutorial of how to install the Uconnect fix can be seen on Autoblog. [00:01:30] It remains to be seen how the rest of the auto industry will respond to these security risks. For Autoblog, I'm Adam Morath. Related Video: Autoblog Minute is a short-form news video series reporting on all things automotive. Each segment offers a quick and clear picture of what's happening in the automotive industry from the perspective of Autoblog's expert editorial staff, auto executives, and industry professionals.