2008 Chrysler Sebring Touring 2.7l V6 Convertible Repairable Rebuildable Ezfix on 2040-cars

Auto blog

Chrysler, Nissan looking into claim that their cars are industry's most hackable

A pair of cyber security experts have awarded the ignominious title of most hackable vehicles on American roads to the 2014 Jeep Cherokee, 2014 Infiniti Q50 and 2015 Cadillac Escalade.
Charlie Miller and Chris Valasek are set to release a report at the Black Hat hacking conference in Las Vegas, Automotive News reports. The two men found the Jeep, Caddy and Q50 were easiest to hack based not on actual tests with the vehicles, but a detailed analysis of systems like Bluetooth and wireless internet access - basically, anything that'd allow a hacker to remotely gain access to the vehicle's systems.
Considering this lack of hands-on testing, the pair acknowledge that "most hackable" could be a relative term - they point out that the vehicles may actually be quite secure.

Here's what the UAW will be angling for in next year's contract negotiations

The United Auto Workers union is about to enter a new round of negotiations with the Detroit Three automakers, and this time, the focus is on the end of the two-tier wage system. Introduced in 2007, the two-tier wage system was enacted to allow General Motors, Ford and Chrysler to categorize its hourly employees under two categories: Tier 1 for veteran employees with full rights and benefits, and Tier 2 for short-term or entry-level employees compensated under a different schedule. The idea was that the system would permit the automakers to invest more in their plants and hire new employees as part of their respective recovery plans without being saddled with all the costs associated with hiring full-time employees. Now that the automakers are (more or less) back on their proverbial feet, however, the UAW wants to see an end to the two-tier system, and will likely make that a center-point of its negotiations next year to replace the current arrangement that is scheduled to end in September 2015. Not all members of the UAW will necessarily be interested in ending the two-tier system, however. According to The Detroit News, some Tier 1 workers may be more interested in negotiating a raise in their hourly rate – something which they haven't received in almost a decade. Tier 2 workers, meanwhile, may be more motivated to keep the tiered system in place, as their arrangement includes provisions for profit-sharing payments that have seen the automakers pay out billions to so-called short-term employees in lump-sum payments. Reconciling the two competing demands from two categories of union members and presenting a united front in negotiations may prove the biggest challenge for the UAW's new president, Dennis Williams. And with the right to strike – something which was suspended during the last round of negotiations in 2011 – the union has a bigger bargaining chip in its pocket.

The problem with how automakers confront hacking threats

More than anyone, Chris Valasek and Charlie Miller are responsible for alerting Americans to the hacking perils awaiting them in their modern-day cars. In 2013, the pair of cyber-security researchers followed in the footsteps of academics at the University of Cal-San Diego and University of Washington, demonstrating it was possible to hack and control cars. Last summer, their research established which vehicles contained inherent security weaknesses. In recent weeks, their latest findings have underscored the far-reaching danger of automotive security breaches. From the comfort of his Pittsburgh home, Valasek exploited a flaw in the cellular connection of a Jeep Cherokee and commandeered control as Miller drove along a St. Louis highway. Remote access. No prior tampering with the vehicle. An industry's nightmare. As a result of their work, FCA US recalled 1.4 million cars, improving safety for millions of motorists. For now, Valasek and Miller are at the forefront of their profession. In a few months, they could be out of jobs. Rather than embrace the skills of software and security experts in confronting the unforeseen downside of connectivity in cars, automakers have been doing their best to stifle independent cyber-security research. Lost in the analysis of the Jeep Cherokee vulnerabilities is the possibility this could be the last study of its kind. In September or October, the U.S. Copyright Office will issue a key ruling that could prevent third-party researchers like Valasek and Miller from accessing the components they need to conduct experiments on vehicles. Researchers have asked for an exemption in the Digital Millennial Copyright Act that would preserve their right to analyze cars, but automakers have opposed that exemption, claiming the software that runs almost every conceivable vehicle function is proprietary. Further, their attorneys have argued the complexity of the software has evolved to a point where safety and security risks arise when third parties start monkeying with the code. Their message on cyber security is, as it has been for years, that they know their products better than anyone else and that it's dangerous for others to meddle with them. But in precise terms, the Jeep Cherokee problems show this is not the case. Valasek and Miller discovered the problem, a security hole in the Sprint cellular connection to the UConnect infotainment system, not industry insiders.