Auto blog
How to update and secure a vulnerable Chrysler Uconnect system
Sat, Jul 25 2015If you own one of the 1.4 million vehicles affected by the recent Chrysler software recall, you may want to watch this video. In it, we explain how to get the latest infotainment software loaded onto the 8.4-inch Uconnect system. The recall was a response to the findings of researchers who were able to hack into and remotely control a 2014 Jeep Cherokee through its cellular connection. Although Fiat Chrysler has worked with Sprint to plug most of the holes on the carrier side, there are still some vulnerabilities that only this latest software version can patch. Owners have three options to get the update: download it now, wait for a USB stick in the mail, or take the vehicle to an FCA dealer. Chrysler will be sending USB sticks loaded with the software update to customers. Anyone with an internet connection and a USB stick of their own with at least 4 GB capacity can speed things up by downloading the patch from the Uconnect website. We cover that process from start to finish in the video, with the final portion still applicable to those using the FCA-supplied USB stick. If after watching this you still don't want to tackle the patch yourself, you can take your vehicle to the dealer to have it done. Also note that this process is the same for all Uconnect updates, not just the one patching the exploits. Our demonstrator vehicle is a 2015 Ram 1500 pickup. The procedure should be very similar on other products with the 8.4-inch Uconnect system, with only the location of the USB port varying. Once you have the USB stick with the software on it – either after having downloaded it yourself or receiving it in the mail from Chrysler – the installation process is relatively simple. It takes about 15 minutes to perform the update; we edited out the wait in the video. To check whether or not your car's 8.4-inch Uconnect system is running the latest software, go to System Information on the touch screen's Settings page and look at Software Version. The update related to the recall is version 15.17.5. Related Video: Recalls Chrysler Dodge Jeep RAM Safety Technology Infotainment Videos Original Video hacking
FCA issuing software update for 1.4M vehicles to prevent hacking
Fri, Jul 24 2015In the wake of a Jeep Cherokee being hacked remotely while on the road through its Uconnect infotainment system, FCA US is now issuing a software update for 1.4 million vehicles in the United States. Affected customers will receive a USB stick in the mail with the improved version; owners can check this website to see if their cars are affected. A large variety of models with FCA's 8.4-inch touchscreen infotainment system are affected. They include the 2015 Chrysler 200, 2015 Chrysler 300, 2015 Dodge Charger, and 2015 Dodge Challenger; 2013-2015 Dodge Viper; 2013-2015 Ram 1500, 2500, and 3500; 2013-2015 Ram 3500, 4500, and 5500 chassis cab; 2014-2015 Jeep Grand Cherokee and Cherokee; and 2014-2015 Dodge Durango. According to FCA in its announcement, the new software "insulates connected vehicles from remote manipulation." As of July 23, the company also "fully tested and implemented within the cellular network" additional security to prevent access to many of a vehicle's systems. FCA US says that it's conducting this campaign out of an abundance of caution and disputes the notion that there's a defect with these vehicles. Beyond the demonstration of the hack in the Cherokee, the automaker says that it's unaware of any other reports of these attacks actually happening. Related Video: Statement: Software Update July 24, 2015 , Auburn Hills, Mich. - FCA US LLC is conducting a voluntary safety recall to update software in approximately 1,400,000 U.S. vehicles equipped with certain radios. The recall aligns with an ongoing software distribution that insulates connected vehicles from remote manipulation, which, if unauthorized, constitutes criminal action. Further, FCA US has applied network-level security measures to prevent the type of remote manipulation demonstrated in a recent media report. These measures – which required no customer or dealer actions – block remote access to certain vehicle systems and were fully tested and implemented within the cellular network on July 23, 2015. The Company is unaware of any injuries related to software exploitation, nor is it aware of any related complaints, warranty claims or accidents – independent of the media demonstration.
Feds fretting over remote hack of Jeep Cherokee
Fri, Jul 24 2015A cyber-security gap that allowed for the remote hacking of a Jeep Cherokee has federal officials concerned. An associate administrator with the National Highway Traffic Safety Administration said Thursday that news of the breach conducted by researchers Chris Valasek and Charlie Miller had "floated around the entire federal government." "The Homeland Security folks sent out broadcasts that, 'Here's an issue that needs to be addressed,'" said Nathaniel Beuse, an associate administrator with the National Highway Traffic Safety Administration. Valasek and Miller commandeered remote control of the Cherokee through a security flaw in the cellular connection to the car's Uconnect infotainment system. From his Pittsburgh home, Valasek manipulated critical safety inputs, such as transmission function, on Miller's Jeep as he drove along a highway near St. Louis, MO. The scope of the remote breach is believed to be the first of its kind. The prominent cyber-security researchers needed no prior access to the vehicle to perform the hack, and the scope of the remote breach is believed to be the first of its kind. A NHTSA spokesperson said the agency's cyber-security staff members are "putting their expertise to work assessing this threat and the response, and we will take action if we determine it's necessary to protect safety." A Homeland Security spokesperson referred questions about the hack to Chrysler. Fiat Chrysler Automobiles has already been the subject of a federal hearing this month, in which officials scrutinized whether the company had adequately fixed recalled vehicles and repeatedly failed to notify the government about defects. But cyber-security concerns are a new and different species for the regulatory agency. Only hours before the Jeep hack was announced by Wired magazine earlier this week, NHTSA administrator Dr. Mark Rosekind said hacking vulnerabilities were a threat to privacy, safety, and the public's trust with new connected and autonomous technologies that allow vehicles to communicate. NHTSA outlined its response to the cyber-security challenges facing the industry in a report issued Tuesday. In it, the agency summarized its best practices for thwarting attacks and said it will analyze possible real-time infiltration responses. But the agency's ability to handle hackers may only go so far.
Jeep in St. Louis hacked from Pittsburgh
Tue, Jul 21 2015One of America's most popular vehicles contains a security flaw that allows hackers to remotely commandeer it from anywhere on the planet. Cyber-security researchers Chris Valasek and Charlie Miller say they've accessed critical vehicle controls on a 2014 Jeep Cherokee that allowed them to remotely control critical vehicle functions like braking, transmission function, and steering. Automakers have downplayed the possibility a car could be remotely compromised, but the significance of the findings detailed Tuesday could cause them to reevaluate the threats posed to hundreds of thousands of vehicles already on the road. A key finding – the pair needed no physical access to the Jeep to pull off the attack. Valasek and Miller accessed the controls via a security hole in the Sprint cellular connection to Chrysler's UConnect infotainment system. In the course of their research, Valasek sat in his Pittsburgh home and remotely manipulated Miller's Jeep as he drove along a highway outside St. Louis. If you know a car's IP address, they say, a hacker could control it from anywhere. "We didn't add anything, didn't touch it," Valasek told Autoblog. "A customer could drive one of these things off a lot, and they'd have no clue it had these open attack surfaces." Remotely, he disabled brakes, turned the radio volume up, engaged windshield wipers and tampered with the transmission. Further, they could conduct surveillance on the Jeep, measuring its speed and tracking its whereabouts. They conducted the experiments over multiple breaches. They made their findings public on the same day the National Highway Traffic Safety Administration, the federal agency in charge of vehicle safety, released its latest report on the readiness of government and automakers to fend off these sorts of cyber attacks. Later today, two US Senators are expected to introduce legislation that would help consumers better understand the potential risks of car hacking. In the early stages of their research, Valasek and Miller found a security flaw in the car's wi-fi that allowed them to remotely manipulate controls from a range of about three feet. But in recent months, they found another vulnerability in the Sprint cellular connection in the UConnect system. That was a key breakthrough. "Lo and behold, we found we could communicate with this thing using cellular, and then more research, and 'Holy cow,' we're using the Sprint network to communicate with these vehicles," Valasek said.
Fiat Chrysler wins top Total Quality Award for first time
Mon, Jul 20 2015The Strategic Vision Total Quality Awards are 20 years old in 2015, and Chrysler has never topped the awards before. Until now, that is. Fiat Chrysler takes the overall award on the corporate level with six segment leaders from Fiat, Dodge, Jeep, and Ram. The Fiat 500 won Small Multi-Function Car, the 500e won Small Alternative Powertrain, the Dodge Challenger tied at the top in the Specialty Coupe category alongside the very un-coupe Mini Cooper Countryman, the Jeep Wrangler Unlimited took the Entry SUV category, the Dodge Durango won in Mid-Size SUV, and Ram took the overall in Best Non-Luxury Brand. The accolade means FCA has gone from one segment winner in 2010 to overall victory in five years. Cars have gotten so good, says Strategic Vision, that it is harder than ever to win. In fact, says the group, 18 years ago 85 percent of all vehicle brands had more than half a problem per vehicle. This year, no brand has more than half a problem per vehicle. The organization measures "over 155 specific aspects of the customer's experience," and scores are based on input from more than 46,000 customers. Other notables in and near the winner's circle include Volkswagen and General Motors, who tied for second place on the corporate scale, one point behind FCA. The Mini Cooper Roadster scored the highest of any model, the Corvette Stingray Convertible and Coupe scored the second- and third-highest. The Chevrolet Colorado is the first domestic Standard Pickup winner in more than ten years, and the Nissan Titan carried the Full-Size Pickup category. The press release below has all the details on how winners and losers are selected, and the full list of automakers and how they finished. "The Customer's 'Total' Experience Defines Quality, Fiat Chrysler Scores Highest in Total Quality," says Strategic Vision The 2015 Total Quality Awards® SAN DIEGO, Friday, July 17, 2015 — Unknown to many, when some consumer research firms rank a car company's quality performance they often do so by simply "counting problems." In the past, this may have been acceptable, but in today's modern and efficient manufacturing world the difference between the worst brand and best brand is LESS than half-a-problem per vehicle. Thus, any "quality ranking" based on this method is severely lacking in the complete picture of the "Total" Quality experience that customers actually use to judge their product ownership.
Daily Driver: 2015 Jeep Renegade Sport 4x4
Fri, Jul 10 2015Daily Driver videos are micro-reviews of vehicles in the Autoblog test fleet, reviewed by the staffers who drive them every day. Today's Daily Driver features the 2015 Jeep Renegade Sport 4x4, reviewed by Adam Morath. Something to note: The vehicle tested here is a pre-production unit, and we had some issues with the MySky removable roof system. (Associate editor Brandon Turkus mentioned these problems in his Quick Spin.) FCA confirms that improvements were made for production-spec cars. You can watch the video above or read a transcript below. Watch more Autoblog videos at /videos. [00:00:00] Hey, this is Adam Morath with another Daily Driver. Today, we're in the 2015 Jeep Renegade and I'm excited to be driving this in a Sport trim level. That's the lowest trim that they offer it in. I say I'm excited, because often we get the cars to totally spec-ed out to the max, the automaker trying to show off what they can do with the car but it doesn't always give you a realistic view of how most customers are going to spec the car, and I think with the Renegade being the entry-level model for Jeep now [00:00:30] replacing the outgoing Patriot and Compass, it makes sense to drive this in the Sport trim. We do have it in 4x4, comes in at just around $23,000. It's powered by a turbocharged 1.4 liter inline 4 and we've got it, made it to the 6-speed manual transmission, which is pretty cool. Again you can see FCA's fingerprints on this car. If they wanted to do well in Europe, of course you've got to offer it with a manual and that's nice for consumers here to have that choice of having a stick shift in the Jeep again. [00:01:00] That's kind of fun. It produces 160-horsepower, 184 pound-feet of torque. It's got a little pack to it. I wouldn't call it sporty but it's enough for a vehicle of this size. This is a pretty basic version of the renegade. The only options we have on it are the AC, the roof rails, 4-wheel drive, which is a must here in Michigan and then these MySky roof panels, which I'll get to in a minute, but that takes us from a base price of $18,000, the cheapest you'll be able to get into a Renegade for [00:01:30] up to about $23,700, which is where we're at. Yes, these are MySky roof panels. It's a totally new feature on the Renegade that Jeep is trying out and I think it's pretty cool. It's like a tee top system, except the panels aren't side by side. You have one in the front and one in the back.
Canadians build Jeep Wrangler out of cans for charity
Thu, Jul 2 2015The Jeep Wrangler can do a lot of things. It can traverse most any terrain, take you to work, the kids to school, get you and your friends to the surf on time, and so on. Turns out it can also feed the hungry – or at least this one can. And by can, we mean actual cans of food. To celebrate Canada Day (which was Wednesday), Jeep recreated a Wrangler out of more than 4,500 cans of food. The project was undertaken together with Canstruction Inc, a charity that works to fight hunger and poverty, serve the community, and promote science, technology, engineering, and math. The full-scale replica took a team of teenagers a good 12 hours to build. It's being displayed at Vancouver's waterfront Canada Place during the festivities, after which it will be dismantled to provide 3,120 meals for the hungry through the Greater Vancouver Food Bank Society. This is the second such project we've seen FCA Canada undertake together with Canstruction. Last time it was a Dodge Grand Caravan created to celebrate the minivan's 30th anniversary. It was built out of 30,000 cans and displayed in downtown Toronto before being distributed as 2,000 food baskets through the Daily Bread Food Bank. Next time maybe we'll see a Viper or Challenger made out of cans on display in Montreal during the Canadian Grand Prix weekend and donated to the Old Brewery Mission, which this writer knows first-hand does good work to feed Montrealers in need. Related Video: JEEP® AND THE FCA FOUNDATION CELEBRATE CANADA DAY WITH LIFE-SIZE 'CANSTRUCTION®' OF JEEP® WRANGLER FOR CHARITY - Full-scale Jeep® Wrangler built from over 4,500 cans of food will provide more than 3,120 meals to Greater Vancouver Food Bank Society - Vehicle built by local students 12-18 years of age - Jeep and the FCA Foundation again partnered with Canstruction® Inc. for the build, an international non-profit organization that aims to raise awareness for hunger and poverty, along with Science, Technology, Engineering and Math (STEM) principals, plus community service - Public can stop by Canada Place on Canada Day to take a #JeepCANselfie in the vehicle - In 2014, FCA Canada was the top-selling automaker in B.C., a title it's retained thus far in 2015 - Jeep Wrangler is B.C.'s best-selling small SUV by more than double its closest competitor July 1, 2015 , Vancouver, B.C.
Project Trail Force Jeep Wrangler goes to SEMA, then to a lucky winner
Wed, Jul 1 2015Extreme Terrain is an aftermarket parts company focused on the Jeep Wrangler. Partly just because it's a really cool thing to do, and probably having something to do with Jeep's upcoming 75th anniversary, Extreme Terrain found some dance partners to help work up a special 2015 Wrangler Rubicon that it will show off at the Bantam Jeep Heritage Festival in Butler, PA, then at SEMA in November, where it will be given away. Extreme worked with Barricade Off-Road and Kevin Tetz from the Spike show Trucks! to build the Wrangler it calls Project Trail Force. There is more than $24,000 worth of aftermarket gear on it, starting with the Ripp centrifugal supercharger that pumps an additional 140 horsepower into the 3.6-liter V6. It's got a 3.5-inch lift kit from Rock Krawler, Dana 44 axles strung between 37-inch BFG tires, Barricade bumpers, a 9,500-pound winch, fender flares, rock sliders, a 50-inch LED light bar above the windshield, LED spotlights on the A-pillars, and seven-inch KC Hilites headlights. Rugged Ridge worked over the inside with upgrades like all-terrain floor and cargo liners, plus seat covers, and a new navigation system with a back-up camera. If you want to win it, you can enter the contest at Extreme Terrain once every week until Oct. 23. The winner gets flown to SEMA to have Kevin Tetz hand the keys over. If you just want to see it, you can head to PA for that heritage festival. The Project Trail Force will also lead a Jeep parade that could set a Guinness World Record. The press release below has a lot more info on the build. Good luck. EXTREMETERRAIN AND BARRICADE OFF-ROAD TO UNVEIL THEIR FULLY-BUILT 2015 JEEP WRANGLER AT BANTAM JEEP FESTIVAL ExtremeTerrain.com and Barricade Off-Road teamed up to build a $73,000+ 2015 Jeep Wrangler Rubicon to be given away to a lucky winner at the 2015 SEMA Show • Giveaway Link: http://www.extremeterrain.com/jeep-wrangler-project-trailforce-giveaway.html • Video: https://www.youtube.com/watch?v=jsO6fxVq6kI MALVERN, Pa. (June 12, 2015) – ExtremeTerrain, a leader in providing aftermarket Jeep Wrangler parts, along with rugged, enthusiast-driven Jeep Wrangler aftermarket armor and accessories manufacturer Barricade Off-Road, today unveiled a fully-built 2015 Jeep Wrangler Rubicon dubbed Project Trail Force at the Bantam Jeep Heritage Festival in Butler, PA.
Jeep Grand Cherokee redesign delayed
Sat, Jun 27 2015The launch of the next-gen Jeep Grand Cherokee is being now being pushed back until late 2018 or even into 2019, Jeep CEO Mike Manley indicated Friday, according to Automotive News citing a Reuters report. Under the original five-year plan, the SUV was supposed to be replaced in the third quarter of 2017. That would have made for a big year for Jeep with a refreshed Renegade and new Wrangler also slated for 2017. A delayed Grand Cherokee could send ripples through Jeep's product plans. The three-row Grand Wagoneer is meant to give the brand a vehicle to take on the Land Rover Range Rover, but it's supposed to use the same platform as the Grand Cherokee. This change is rumored to push that important model's launch further back. There's less uncertainty when it comes to the next-gen Wrangler. Manley said that the model was "broadly on track," according to Automotive News. The five-year plan aimed for a launch in the second quarter of 2017. Controversy, however, has swirled over possible plans to move the Wrangler from its longtime Toledo, OH, factory. One problem Jeep doesn't have to worry about right now is sales. According to Automotive News, Manley said volume was up 20 percent globally and could reach 1.2 million by the end of the year. He also indicated the brand was "on pace" to reach its 1.9-million-vehicle goal for 2018. The Grand Cherokee delay comes in the wake of rumors that FCA US is shuffling around its previous five-year vehicle launch plan to postpone several models. Related Video:
164K Jeep Cherokees recalled to protect liftgate from moisture
Thu, Jun 25 2015FCA is recalling 164,003 examples of the 2014 and 2015 Jeep Cherokee because moisture can damage the power liftgate controls on models that are equipped with that feature. Regionally, this includes 99,436 of them in the US, 13,195 in Canada, 2,406 in Mexico, and 48,966 outside of NAFTA. The problem came to light after the automaker started investigating a fire in one of the SUVs. There were no injuries, though. According to FCA US' research, the power hatch's control module potentially can be exposed to water. This can cause a short circuit and possibly a fire, as in this case. Until the issue is repaired, the company is advising owners to keep the cargo area dry on Cherokees equipped with this feature. To fix things, dealers will install a shield around the controls to protect them from moisture and will replace any modules showing exposure to water. Statement: Water-Shield Installation June 24, 2015 , Auburn Hills, Mich. - FCA US LLC is voluntarily recalling an estimated 99,436 SUVs in the U.S. to install shields that protect their power liftgate control modules, and related components, from moisture. FCA US LLC began an investigation after learning of a reported vehicle fire. The probe revealed power liftgate control modules in certain SUVs may be inadvertently exposed to water. This may cause a short-circuit, creating a fire hazard. However, the Company is unaware of any related injuries or accidents. The campaign affects model year 2014 and 2015 Jeep Cherokee SUVs, but is limited to vehicles equipped with power liftgates. An estimated 13,195 customers are affected in Canada, along with an estimated 2,406 customers in Mexico and 48,966 outside the NAFTA region. The estimated total recall population is 164,003. All affected customers will be advised when they may schedule service. If the modules show signs of water exposure, they will be replaced. All recall-related work will be performed free of charge. In the interim, the cargo areas of 2014-15 Cherokees equipped with power liftgates should be monitored and kept dry. Customers with questions may call the FCA US Customer Information Center at 1-800-853-1403.