1949 Jeep Willys Cj 3a on 2040-cars

Auto blog

Jeep in St. Louis hacked from Pittsburgh

One of America's most popular vehicles contains a security flaw that allows hackers to remotely commandeer it from anywhere on the planet. Cyber-security researchers Chris Valasek and Charlie Miller say they've accessed critical vehicle controls on a 2014 Jeep Cherokee that allowed them to remotely control critical vehicle functions like braking, transmission function, and steering. Automakers have downplayed the possibility a car could be remotely compromised, but the significance of the findings detailed Tuesday could cause them to reevaluate the threats posed to hundreds of thousands of vehicles already on the road. A key finding – the pair needed no physical access to the Jeep to pull off the attack. Valasek and Miller accessed the controls via a security hole in the Sprint cellular connection to Chrysler's UConnect infotainment system. In the course of their research, Valasek sat in his Pittsburgh home and remotely manipulated Miller's Jeep as he drove along a highway outside St. Louis. If you know a car's IP address, they say, a hacker could control it from anywhere. "We didn't add anything, didn't touch it," Valasek told Autoblog. "A customer could drive one of these things off a lot, and they'd have no clue it had these open attack surfaces." Remotely, he disabled brakes, turned the radio volume up, engaged windshield wipers and tampered with the transmission. Further, they could conduct surveillance on the Jeep, measuring its speed and tracking its whereabouts. They conducted the experiments over multiple breaches. They made their findings public on the same day the National Highway Traffic Safety Administration, the federal agency in charge of vehicle safety, released its latest report on the readiness of government and automakers to fend off these sorts of cyber attacks. Later today, two US Senators are expected to introduce legislation that would help consumers better understand the potential risks of car hacking. In the early stages of their research, Valasek and Miller found a security flaw in the car's wi-fi that allowed them to remotely manipulate controls from a range of about three feet. But in recent months, they found another vulnerability in the Sprint cellular connection in the UConnect system. That was a key breakthrough. "Lo and behold, we found we could communicate with this thing using cellular, and then more research, and 'Holy cow,' we're using the Sprint network to communicate with these vehicles," Valasek said.

Chrysler, Nissan looking into claim that their cars are industry's most hackable

A pair of cyber security experts have awarded the ignominious title of most hackable vehicles on American roads to the 2014 Jeep Cherokee, 2014 Infiniti Q50 and 2015 Cadillac Escalade.
Charlie Miller and Chris Valasek are set to release a report at the Black Hat hacking conference in Las Vegas, Automotive News reports. The two men found the Jeep, Caddy and Q50 were easiest to hack based not on actual tests with the vehicles, but a detailed analysis of systems like Bluetooth and wireless internet access - basically, anything that'd allow a hacker to remotely gain access to the vehicle's systems.
Considering this lack of hands-on testing, the pair acknowledge that "most hackable" could be a relative term - they point out that the vehicles may actually be quite secure.

Stellantis will give its brands 10 years to prove they deserve to live

Formed by the merger of PSA Peugeot-Citroen and Fiat-Chrysler Automobiles, Stellantis has 14 brands under its roof, a number that makes it one of the largest groups in the industry. Rumors claimed not every brand would survive, with Chrysler often earmarked to get axed, but the firm said it will give them all a chance to shine. "We're giving each (brand) a chance, giving each a time window of 10 years and giving funding for 10 years to do a core model strategy. The CEOs need to be clear in brand promise, customers, targets, and brand communications," announced Stellantis boss Carlos Tavares during the Financial Times' Future of the Car event. His comments confirm Chrysler fans and dealers don't need to worry about the future — at least not yet. And, against all odds, Lancia enthusiasts can breathe a sigh of relief, too. Former FCA head Sergio Marchionne warned of the brand's demise on several occasions. Alfa Romeo is safe for now, too, as is Vauxhall, which are basically just Opels sold in the United Kingdom with a different badge. The engagement made by Tavares also means Stellantis won't divest any of its brands to raise capital until at least 2031. It's now up to each executive team to make a case for the brand they run, an unusual survival-of-the-fittest strategy in an era when cutting costs is more common than spending cash. Diving into the vast Stellantis parts bin should help even the most troubled brands turn their fortunes around on a relatively tight budget. It seems likely that survive Chrysler will need to look beyond the 300 and the Pacifica/Voyager, the only models in its range, and completely reinvent its image, which is currently nebulous at best. Lancia, once the champion of luxury, performance, and innovation, faces the same challenge. It's not starting quite from scratch, it's relatively popular in its home country of Italy, but it will need to think globally and expand outside of the city car segment to survive. Featured Gallery 2020 Chrysler 300 View 24 Photos Chrysler Dodge Fiat Jeep RAM Citroen Lancia Opel Peugeot Vauxhall