2010 Jeep Wrangler 4wd 2dr Sport on 2040-cars

Auto blog

Jeep in St. Louis hacked from Pittsburgh

One of America's most popular vehicles contains a security flaw that allows hackers to remotely commandeer it from anywhere on the planet. Cyber-security researchers Chris Valasek and Charlie Miller say they've accessed critical vehicle controls on a 2014 Jeep Cherokee that allowed them to remotely control critical vehicle functions like braking, transmission function, and steering. Automakers have downplayed the possibility a car could be remotely compromised, but the significance of the findings detailed Tuesday could cause them to reevaluate the threats posed to hundreds of thousands of vehicles already on the road. A key finding – the pair needed no physical access to the Jeep to pull off the attack. Valasek and Miller accessed the controls via a security hole in the Sprint cellular connection to Chrysler's UConnect infotainment system. In the course of their research, Valasek sat in his Pittsburgh home and remotely manipulated Miller's Jeep as he drove along a highway outside St. Louis. If you know a car's IP address, they say, a hacker could control it from anywhere. "We didn't add anything, didn't touch it," Valasek told Autoblog. "A customer could drive one of these things off a lot, and they'd have no clue it had these open attack surfaces." Remotely, he disabled brakes, turned the radio volume up, engaged windshield wipers and tampered with the transmission. Further, they could conduct surveillance on the Jeep, measuring its speed and tracking its whereabouts. They conducted the experiments over multiple breaches. They made their findings public on the same day the National Highway Traffic Safety Administration, the federal agency in charge of vehicle safety, released its latest report on the readiness of government and automakers to fend off these sorts of cyber attacks. Later today, two US Senators are expected to introduce legislation that would help consumers better understand the potential risks of car hacking. In the early stages of their research, Valasek and Miller found a security flaw in the car's wi-fi that allowed them to remotely manipulate controls from a range of about three feet. But in recent months, they found another vulnerability in the Sprint cellular connection in the UConnect system. That was a key breakthrough. "Lo and behold, we found we could communicate with this thing using cellular, and then more research, and 'Holy cow,' we're using the Sprint network to communicate with these vehicles," Valasek said.

Germany threatens to ban FCA vehicles over diesel emissions dispute

Germany is threatening to ban sales of FCA products over diesel emissions. According to the newspaper Bild Am Sonntag, Germany's Federal Motor Transport Authority found evidence of a so-called defeat device that shuts down certain emissions controls after running for 22 minutes. A standard diesel emissions test in the European Union reportedly takes 20 minutes to complete. FCA denies the allegations. "We believe all our vehicles respect EU emissions standards and we believe Italian regulators are the competent authority to evaluate this," the company said in a statement. The latter part of that statement drew ire from German authorities, especially after FCA declined to meet with German transport minister Alexander Dobrindt to discuss the issue. Graziano Delrio, the Italian Minister of Infrastructure and Transport, vowed to work with German authorities on behalf of FCA. According to EU law, FCA is required to homologate its vehicles in Italy because that's where its regional operations are based. When will the diesel-scented soap opera end? We wish we knew, but our Magic 8 Ball is covered in soot. Related Video: News Source: Financial TimesImage Credit: Giuseppe Aresu/Bloomberg via Getty Government/Legal Green Chrysler Dodge Fiat Jeep RAM Emissions Diesel Vehicles FCA

Dodge and Jeep recalling 895k SUVs for possibility of headliner fires

Dodge and Jeep are announcing recalls of a total of 895,000 Durango and Grand Cherokee models worldwide from the 2011 through 2014 model years. There's a possibility that the wiring in the sun visor can short circuit and cause a fire. It specifically affects vehicles built between January 5, 2010, and December 11, 2013, and there are approximately 651,000 of them in the US, 45,700 in Canada, 23,000 in Mexico and 175,000 outside of North America.
Screws that fasten the sunvisor to the headliner may pierce wires in the visor, if the part has been removed or serviced, potentially causing a fire risk. If the wires short circuit, they could overheat and potentially combust. The automakers report three injuries caused by this defect, and according to the investigation by the National Highway Traffic Safety Administration, "there may be a total of 52 unique fire incidents."
To fix the problem, Dodge and Jeep will inspect the vehicles for suspect wiring, and all of the models, whether damaged or not, will get a new sun visor spacer with a wire guide to stop the possibility of short circuits. According to the automakers' announcement, "this condition is not present in vehicles which have not had the headliner or vanity mirror serviced." They will notify affected owners, and repairs will begin in August.