04 Tan Crossover Awd Sunroof Heated Leather 3rd Row Seat All Wheel Drive 1 Owner on 2040-cars

Auto blog

The problem with how automakers confront hacking threats

More than anyone, Chris Valasek and Charlie Miller are responsible for alerting Americans to the hacking perils awaiting them in their modern-day cars. In 2013, the pair of cyber-security researchers followed in the footsteps of academics at the University of Cal-San Diego and University of Washington, demonstrating it was possible to hack and control cars. Last summer, their research established which vehicles contained inherent security weaknesses. In recent weeks, their latest findings have underscored the far-reaching danger of automotive security breaches. From the comfort of his Pittsburgh home, Valasek exploited a flaw in the cellular connection of a Jeep Cherokee and commandeered control as Miller drove along a St. Louis highway. Remote access. No prior tampering with the vehicle. An industry's nightmare. As a result of their work, FCA US recalled 1.4 million cars, improving safety for millions of motorists. For now, Valasek and Miller are at the forefront of their profession. In a few months, they could be out of jobs. Rather than embrace the skills of software and security experts in confronting the unforeseen downside of connectivity in cars, automakers have been doing their best to stifle independent cyber-security research. Lost in the analysis of the Jeep Cherokee vulnerabilities is the possibility this could be the last study of its kind. In September or October, the U.S. Copyright Office will issue a key ruling that could prevent third-party researchers like Valasek and Miller from accessing the components they need to conduct experiments on vehicles. Researchers have asked for an exemption in the Digital Millennial Copyright Act that would preserve their right to analyze cars, but automakers have opposed that exemption, claiming the software that runs almost every conceivable vehicle function is proprietary. Further, their attorneys have argued the complexity of the software has evolved to a point where safety and security risks arise when third parties start monkeying with the code. Their message on cyber security is, as it has been for years, that they know their products better than anyone else and that it's dangerous for others to meddle with them. But in precise terms, the Jeep Cherokee problems show this is not the case. Valasek and Miller discovered the problem, a security hole in the Sprint cellular connection to the UConnect infotainment system, not industry insiders.

Germany threatens to ban FCA vehicles over diesel emissions dispute

Germany is threatening to ban sales of FCA products over diesel emissions. According to the newspaper Bild Am Sonntag, Germany's Federal Motor Transport Authority found evidence of a so-called defeat device that shuts down certain emissions controls after running for 22 minutes. A standard diesel emissions test in the European Union reportedly takes 20 minutes to complete. FCA denies the allegations. "We believe all our vehicles respect EU emissions standards and we believe Italian regulators are the competent authority to evaluate this," the company said in a statement. The latter part of that statement drew ire from German authorities, especially after FCA declined to meet with German transport minister Alexander Dobrindt to discuss the issue. Graziano Delrio, the Italian Minister of Infrastructure and Transport, vowed to work with German authorities on behalf of FCA. According to EU law, FCA is required to homologate its vehicles in Italy because that's where its regional operations are based. When will the diesel-scented soap opera end? We wish we knew, but our Magic 8 Ball is covered in soot. Related Video: News Source: Financial TimesImage Credit: Giuseppe Aresu/Bloomberg via Getty Government/Legal Green Chrysler Dodge Fiat Jeep RAM Emissions Diesel Vehicles FCA

Chrysler, Nissan looking into claim that their cars are industry's most hackable

A pair of cyber security experts have awarded the ignominious title of most hackable vehicles on American roads to the 2014 Jeep Cherokee, 2014 Infiniti Q50 and 2015 Cadillac Escalade.
Charlie Miller and Chris Valasek are set to release a report at the Black Hat hacking conference in Las Vegas, Automotive News reports. The two men found the Jeep, Caddy and Q50 were easiest to hack based not on actual tests with the vehicles, but a detailed analysis of systems like Bluetooth and wireless internet access - basically, anything that'd allow a hacker to remotely gain access to the vehicle's systems.
Considering this lack of hands-on testing, the pair acknowledge that "most hackable" could be a relative term - they point out that the vehicles may actually be quite secure.