1999 Chrysler Sebring Jx Convertible 2-door 2.5l on 2040-cars

Auto blog

Jeep in St. Louis hacked from Pittsburgh

One of America's most popular vehicles contains a security flaw that allows hackers to remotely commandeer it from anywhere on the planet. Cyber-security researchers Chris Valasek and Charlie Miller say they've accessed critical vehicle controls on a 2014 Jeep Cherokee that allowed them to remotely control critical vehicle functions like braking, transmission function, and steering. Automakers have downplayed the possibility a car could be remotely compromised, but the significance of the findings detailed Tuesday could cause them to reevaluate the threats posed to hundreds of thousands of vehicles already on the road. A key finding – the pair needed no physical access to the Jeep to pull off the attack. Valasek and Miller accessed the controls via a security hole in the Sprint cellular connection to Chrysler's UConnect infotainment system. In the course of their research, Valasek sat in his Pittsburgh home and remotely manipulated Miller's Jeep as he drove along a highway outside St. Louis. If you know a car's IP address, they say, a hacker could control it from anywhere. "We didn't add anything, didn't touch it," Valasek told Autoblog. "A customer could drive one of these things off a lot, and they'd have no clue it had these open attack surfaces." Remotely, he disabled brakes, turned the radio volume up, engaged windshield wipers and tampered with the transmission. Further, they could conduct surveillance on the Jeep, measuring its speed and tracking its whereabouts. They conducted the experiments over multiple breaches. They made their findings public on the same day the National Highway Traffic Safety Administration, the federal agency in charge of vehicle safety, released its latest report on the readiness of government and automakers to fend off these sorts of cyber attacks. Later today, two US Senators are expected to introduce legislation that would help consumers better understand the potential risks of car hacking. In the early stages of their research, Valasek and Miller found a security flaw in the car's wi-fi that allowed them to remotely manipulate controls from a range of about three feet. But in recent months, they found another vulnerability in the Sprint cellular connection in the UConnect system. That was a key breakthrough. "Lo and behold, we found we could communicate with this thing using cellular, and then more research, and 'Holy cow,' we're using the Sprint network to communicate with these vehicles," Valasek said.

Chevy Bolt wins 2017 Green Car of the Year

We knew that a plug-in vehicle was going to win the 2017 Green Car of the Year award this year, given that all five finalists have a way to charge up. And when Ron Cogan, the editor and publisher of Green Car Journal, announced the winner – the 2017 Chevy Bolt EV – he said that the car itself represents one of those times in the auto industry when everything is about to change. Similar to the invention of the starter motor, things are about to get different. For now, though, the fact that the Bolt EV won an award sounds like the same old thing all over again. Just this week, it was named Motor Trends Car of the Year and to the Car And Driver Top 10 list. The other four finalists for Green Car of the Year included the Toyota Prius Prime, the Chrysler Pacifica, the Kia Optima (including hybrid and plug-in hybrid models) and the BMW 330e iPerformance. Last year, the winner was the 2016 Chevy Volt. Did Green Car Journal make the right selection this year? See the award ceremony below.

Fiat Chrysler to pay $40 million fine for inflating sales numbers

DETROIT — Fiat Chrysler is paying $40 million to settle with U.S. securities regulators who say the automaker misled investors by overstating its monthly sales numbers over a five-year period. The Italian-American company inflated sales by paying dealers to report fake numbers from 2012 to 2016, the U.S. Securities and Exchange Commission alleged in a complaint. Fiat Chrysler agreed to pay the civil penalty and to stop violating anti-fraud, reporting and internal accounting control regulations, the SEC said Friday in a statement. The automaker did not admit or deny the agency's allegations, the statement said. "This case underscores the need for companies to truthfully disclose their key performance indicators," Antonia Chion, associate director in the SEC's Enforcement Division, said in the statement. She noted that the new vehicle sales figures give investors insight into the demand for an automaker's products, a key to assessing the company's performance. Fiat Chrysler said it has reviewed and refined its sales reporting procedures. It said the payment will not have a large impact on its financial statements. The agency said the automaker boasted about a streak of year-over-year sales increases into 2016, when the streak actually was broken in September of 2013. When the company disclosed the sales scheme in 2016, it said that it had a "reserve" stock of cars that had been shipped to big fleet buyers such as rental car companies but not recorded as sales. The SEC said employees called this database of actual but unreported sales the "cookie jar." The company dipped into those sales to stop the streak from ending, or when it would have missed other sales targets. Fiat Chrysler said it now records sales as soon as vehicles are shipped to customers. It has also take steps to ensure that a sale is immediately subtracted from its books when it finds out the deal was scuttled because the buyer backed out or couldn't get financing. The SEC probe is another in a long string of legal troubles for Fiat Chrysler. It also faces federal investigations into illegal payments to union officials through a training center, and a criminal probe into allegations that its diesel-powered trucks were programmed to cheat on emissions tests. The company has denied cheating, but federal prosecutors charged an engineer earlier this week and said he conspired with others. In June, Fiat Chrysler's U.S.