2014 Chrysler Town & Country Touring on 2040-cars

Auto blog

Jeep in St. Louis hacked from Pittsburgh

One of America's most popular vehicles contains a security flaw that allows hackers to remotely commandeer it from anywhere on the planet. Cyber-security researchers Chris Valasek and Charlie Miller say they've accessed critical vehicle controls on a 2014 Jeep Cherokee that allowed them to remotely control critical vehicle functions like braking, transmission function, and steering. Automakers have downplayed the possibility a car could be remotely compromised, but the significance of the findings detailed Tuesday could cause them to reevaluate the threats posed to hundreds of thousands of vehicles already on the road. A key finding – the pair needed no physical access to the Jeep to pull off the attack. Valasek and Miller accessed the controls via a security hole in the Sprint cellular connection to Chrysler's UConnect infotainment system. In the course of their research, Valasek sat in his Pittsburgh home and remotely manipulated Miller's Jeep as he drove along a highway outside St. Louis. If you know a car's IP address, they say, a hacker could control it from anywhere. "We didn't add anything, didn't touch it," Valasek told Autoblog. "A customer could drive one of these things off a lot, and they'd have no clue it had these open attack surfaces." Remotely, he disabled brakes, turned the radio volume up, engaged windshield wipers and tampered with the transmission. Further, they could conduct surveillance on the Jeep, measuring its speed and tracking its whereabouts. They conducted the experiments over multiple breaches. They made their findings public on the same day the National Highway Traffic Safety Administration, the federal agency in charge of vehicle safety, released its latest report on the readiness of government and automakers to fend off these sorts of cyber attacks. Later today, two US Senators are expected to introduce legislation that would help consumers better understand the potential risks of car hacking. In the early stages of their research, Valasek and Miller found a security flaw in the car's wi-fi that allowed them to remotely manipulate controls from a range of about three feet. But in recent months, they found another vulnerability in the Sprint cellular connection in the UConnect system. That was a key breakthrough. "Lo and behold, we found we could communicate with this thing using cellular, and then more research, and 'Holy cow,' we're using the Sprint network to communicate with these vehicles," Valasek said.

Plug-in BMWs, long-term updates and the best of SEMA 2018 | Autoblog Podcast #560

On this week's Autoblog Podcast, Editor-in-Chief Greg Migliore is joined by Associate Editor Reese Counts. The pair discuss the BMW 740e xDrive iPerformance plug-in hybrid as well as our long-term Chrysler Pacifica Hybrid and Honda Ridgeline. They also discuss the best of SEMA Show 2018, including some pretty wild cars from Dodge and Chevy. Finally, we spend your money. This week, rather than pulling questions in from our email, we head to Reddit to answer some questions on r/cars.Autoblog Podcast #560 Get The Podcast iTunes – Subscribe to the Autoblog Podcast in iTunes RSS – Add the Autoblog Podcast feed to your RSS aggregator MP3 – Download the MP3 directly Rundown 2018 BMW 740e xDrive iPerformance 2018 Chrysler Pacifica Hybrid long-term 2018 Honda Ridgeline RTL-E long-term SEMA Spend My Money Feedback Email – Podcast@Autoblog.com Review the show on iTunes Related Video: Green Podcasts BMW Chrysler Dodge Honda chrysler pacifica

Bob Dylan to star in Chrysler Super Bowl spot [w/videos]

Billboard reports that Bob Dylan will be working with Chrysler again, this time starring in a Super Bowl ad expected to showcase the company's new 200 sedan. The rock icon first tied up with the Chrysler Group late last year when a commercial for the new 2014 Jeep Cherokee used Dylan's unreleased cover of Blind Willie Johnson's "Motherless Children" for its soundtrack.
The last big-game commercial for the 200 used Eminem in 2011 to introduce us to the outgoing 200 and the tagline-turned-mini-movement, "Imported from Detroit." Since then, Clint Eastwood, Berry Gordy, Jr., and America's farmers have taken turns impressing us with Chrysler Group's wares. It isn't yet known what song will be used for the spot. Speaking of the coming ad, company CEO Sergio Marchionne said, "Someone made the comment to me that I had the right commercial in 2011 and the wrong car. I think we now have hopefully the right commercial and the right car."
It's not Dylan's first outing with a carmaker, having starred in a spot to promote the Cadillac Escalade in 2007. Nor will it be the only Dylan music we get during the Super Bowl, the singer having licensed a track that's used in a one-minute commercial for Chobani Greek yogurt.