2018 Jeep Compass Trailhawk 4x4 on 2040-cars

Auto blog

Chrysler, Nissan looking into claim that their cars are industry's most hackable

A pair of cyber security experts have awarded the ignominious title of most hackable vehicles on American roads to the 2014 Jeep Cherokee, 2014 Infiniti Q50 and 2015 Cadillac Escalade.
Charlie Miller and Chris Valasek are set to release a report at the Black Hat hacking conference in Las Vegas, Automotive News reports. The two men found the Jeep, Caddy and Q50 were easiest to hack based not on actual tests with the vehicles, but a detailed analysis of systems like Bluetooth and wireless internet access - basically, anything that'd allow a hacker to remotely gain access to the vehicle's systems.
Considering this lack of hands-on testing, the pair acknowledge that "most hackable" could be a relative term - they point out that the vehicles may actually be quite secure.

Jeep Grand Cherokee, Dodge Durango still catching fire after recall

Automakers issue recalls all the time. It's part of the cost of doing business. We just assume that once the recall has been carried out, the problem in question has been fixed. But that's not always the case, as this latest investigation being undertaken by the National Highway Traffic Safety Administration goes to show. The problem stems back to a recall issued by Chrysler last summer. It revolved rather the sun visor in the SUVs it makes at its Jefferson North Assembly Plant – specifically, the screw affixing the sun visor could end up rubbing against the wiring for the lamp in the vanity mirror, potentially causing an electrical short and even a fire. 62 such short circuits, 38 fires and three injuries reported, prompting Chrysler to recall nearly 900,000 units of the 2011-2014 Jeep Grand Cherokee and Dodge Durango (over 650,000 of them in the United States). The plastic spacers they installed to rectify the problem, however, may not have done the trick. Eight reports (but none involving injuries) have been filed with the NHTSA regarding the same issue recurring, spurring the government agency to open a new investigation into the matter. If deemed necessary, the NHTSA could ask FCA to issue another recall to fix the issue again, which we may necessitate the installation of a fuze to prevent any such the electric short. Related Video: INVESTIGATION Subject : Headliner Fires Date Investigation Opened: MAY 01, 2015 Date Investigation Closed: Open NHTSA Action Number: RQ15003 Component(s): ELECTRICAL SYSTEM , INTERIOR LIGHTING Manufacturer: Chrysler (FCA US LLC) SUMMARY: On July 1st, 2014 Chrysler (FCA US LLC) issued safety recall 14V-391 to remedy a wiring-related fire hazard on the headliner of approximately 661,888 model year (MY) 2011-2014 Jeep Grand Cherokee and Dodge Durango vehicles manufactured between January 5, 2010 and December 11, 2013. The recall was in response to the Office of Defects Investigation (ODI) investigation EA14-001 during which data provided by Chrysler indicates that the fire is caused by an electrical short in the vanity lamp wiring for either one of the sun visors mounted on the vehicle. The sun visors are mounted to the roof of the vehicle through the headliner with three metal screws.

Feds fretting over remote hack of Jeep Cherokee

A cyber-security gap that allowed for the remote hacking of a Jeep Cherokee has federal officials concerned. An associate administrator with the National Highway Traffic Safety Administration said Thursday that news of the breach conducted by researchers Chris Valasek and Charlie Miller had "floated around the entire federal government." "The Homeland Security folks sent out broadcasts that, 'Here's an issue that needs to be addressed,'" said Nathaniel Beuse, an associate administrator with the National Highway Traffic Safety Administration. Valasek and Miller commandeered remote control of the Cherokee through a security flaw in the cellular connection to the car's Uconnect infotainment system. From his Pittsburgh home, Valasek manipulated critical safety inputs, such as transmission function, on Miller's Jeep as he drove along a highway near St. Louis, MO. The scope of the remote breach is believed to be the first of its kind. The prominent cyber-security researchers needed no prior access to the vehicle to perform the hack, and the scope of the remote breach is believed to be the first of its kind. A NHTSA spokesperson said the agency's cyber-security staff members are "putting their expertise to work assessing this threat and the response, and we will take action if we determine it's necessary to protect safety." A Homeland Security spokesperson referred questions about the hack to Chrysler. Fiat Chrysler Automobiles has already been the subject of a federal hearing this month, in which officials scrutinized whether the company had adequately fixed recalled vehicles and repeatedly failed to notify the government about defects. But cyber-security concerns are a new and different species for the regulatory agency. Only hours before the Jeep hack was announced by Wired magazine earlier this week, NHTSA administrator Dr. Mark Rosekind said hacking vulnerabilities were a threat to privacy, safety, and the public's trust with new connected and autonomous technologies that allow vehicles to communicate. NHTSA outlined its response to the cyber-security challenges facing the industry in a report issued Tuesday. In it, the agency summarized its best practices for thwarting attacks and said it will analyze possible real-time infiltration responses. But the agency's ability to handle hackers may only go so far.