1994 Jeep Wrangler on 2040-cars

Auto blog

Jeep in St. Louis hacked from Pittsburgh

One of America's most popular vehicles contains a security flaw that allows hackers to remotely commandeer it from anywhere on the planet. Cyber-security researchers Chris Valasek and Charlie Miller say they've accessed critical vehicle controls on a 2014 Jeep Cherokee that allowed them to remotely control critical vehicle functions like braking, transmission function, and steering. Automakers have downplayed the possibility a car could be remotely compromised, but the significance of the findings detailed Tuesday could cause them to reevaluate the threats posed to hundreds of thousands of vehicles already on the road. A key finding – the pair needed no physical access to the Jeep to pull off the attack. Valasek and Miller accessed the controls via a security hole in the Sprint cellular connection to Chrysler's UConnect infotainment system. In the course of their research, Valasek sat in his Pittsburgh home and remotely manipulated Miller's Jeep as he drove along a highway outside St. Louis. If you know a car's IP address, they say, a hacker could control it from anywhere. "We didn't add anything, didn't touch it," Valasek told Autoblog. "A customer could drive one of these things off a lot, and they'd have no clue it had these open attack surfaces." Remotely, he disabled brakes, turned the radio volume up, engaged windshield wipers and tampered with the transmission. Further, they could conduct surveillance on the Jeep, measuring its speed and tracking its whereabouts. They conducted the experiments over multiple breaches. They made their findings public on the same day the National Highway Traffic Safety Administration, the federal agency in charge of vehicle safety, released its latest report on the readiness of government and automakers to fend off these sorts of cyber attacks. Later today, two US Senators are expected to introduce legislation that would help consumers better understand the potential risks of car hacking. In the early stages of their research, Valasek and Miller found a security flaw in the car's wi-fi that allowed them to remotely manipulate controls from a range of about three feet. But in recent months, they found another vulnerability in the Sprint cellular connection in the UConnect system. That was a key breakthrough. "Lo and behold, we found we could communicate with this thing using cellular, and then more research, and 'Holy cow,' we're using the Sprint network to communicate with these vehicles," Valasek said.

NHTSA boss Strickland weighs in on Jeep recall fracas

Adding yet another chapter to the ongoing Jeep recall story, the National Highway Traffic Safety Administration (NHTSA) head David Strickland has gone on record to defend the government's request that Chrysler recall 2.7 million out-of-production Jeep Grand Cherokee and Jeep Liberty vehicles after the agency investigated fiery rear-end collisions that have reportedly killed at least 51 people over the years. In statements made to The Detroit News, Strickland said, "We felt very strongly that the process that we undertook and the findings that we made and ... we made the decision to issue a recall request. We do not take that very lightly." The top US auto safety regulator stopped short of telling owners to park their cars until the automaker takes action. "They can make their own risk assessment and their own choices," he said.
Chrysler does not intend to recall the models, insisting the "vehicles met and exceeded all applicable requirements of the Federal Motor Vehicle Safety Standards, including FMVSS 301, pertaining to fuel-system integrity" when they were manufactured and sold. "The company does not agree with NHTSA's conclusions and does not intend to recall the vehicles cited in the investigation. The subject vehicles are safe and are not defective," Chrysler announced last week in a statement. "We believe NHTSA's initial conclusions are based on an incomplete analysis of the underlying data, and we are committed to continue working with the agency to resolve this disagreement."
Legally, Chrysler has until June 18 to formally respond to NHTSA's request. If the automaker does not take action, NHTSA is expected to issue a formal finding and seek a recall.

Watch this 840-hp Jeep Grand Cherokee SRT8 walk away from GT-Rs and M3s

This last-generation Jeep Grand Cherokee SRT8 does things that SUVs just shouldn't be able to do, like win drag races against tuned Nissan GT-R and BMW M3 coupes. Granted, the owner isn't coming into this fight with a stock Jeep – far from it. In addition to twin turbos whistling away, he says the engine is a 449-cubic-inch V8, which is nearly 7.4 liters of displacement. As it runs here, the driver claims that the turbos are pumping out around 14 psi of boost to give an estimated 840 horsepower. What's more, he further maintains the powertrain could reach around 1,200 hp with things fully cranked up. Even somewhat dialed back, this Jeep is ready to take on a breadth of formidable challengers, including a couple of Chevrolet Corvette models and a Lamborghini Aventador. Check out the video to see how this menacing Grand Cherokee fares in a day at the races.