2014 Jeep Wrangler Rubicon on 2040-cars

Auto blog

Jeep in St. Louis hacked from Pittsburgh

One of America's most popular vehicles contains a security flaw that allows hackers to remotely commandeer it from anywhere on the planet. Cyber-security researchers Chris Valasek and Charlie Miller say they've accessed critical vehicle controls on a 2014 Jeep Cherokee that allowed them to remotely control critical vehicle functions like braking, transmission function, and steering. Automakers have downplayed the possibility a car could be remotely compromised, but the significance of the findings detailed Tuesday could cause them to reevaluate the threats posed to hundreds of thousands of vehicles already on the road. A key finding – the pair needed no physical access to the Jeep to pull off the attack. Valasek and Miller accessed the controls via a security hole in the Sprint cellular connection to Chrysler's UConnect infotainment system. In the course of their research, Valasek sat in his Pittsburgh home and remotely manipulated Miller's Jeep as he drove along a highway outside St. Louis. If you know a car's IP address, they say, a hacker could control it from anywhere. "We didn't add anything, didn't touch it," Valasek told Autoblog. "A customer could drive one of these things off a lot, and they'd have no clue it had these open attack surfaces." Remotely, he disabled brakes, turned the radio volume up, engaged windshield wipers and tampered with the transmission. Further, they could conduct surveillance on the Jeep, measuring its speed and tracking its whereabouts. They conducted the experiments over multiple breaches. They made their findings public on the same day the National Highway Traffic Safety Administration, the federal agency in charge of vehicle safety, released its latest report on the readiness of government and automakers to fend off these sorts of cyber attacks. Later today, two US Senators are expected to introduce legislation that would help consumers better understand the potential risks of car hacking. In the early stages of their research, Valasek and Miller found a security flaw in the car's wi-fi that allowed them to remotely manipulate controls from a range of about three feet. But in recent months, they found another vulnerability in the Sprint cellular connection in the UConnect system. That was a key breakthrough. "Lo and behold, we found we could communicate with this thing using cellular, and then more research, and 'Holy cow,' we're using the Sprint network to communicate with these vehicles," Valasek said.

Jeep Super Bowl commercial nets criticism from fish conservationists [Update]

Update. FCA got back to us with the following statement: "The Jeep brand and FCA cooperate with federal/state/local governments and organizations, including Tread Lightly and Access Fund, around the world to help ensure that its vehicles are being utilized in a legal and responsible manner, and follow those guidelines when demonstrating their off-road capabilities. Ecological assessments are made and considered when the Jeep brand conducts demonstrations of a vehicle's off-roading capabilities. The vehicle shown in this video is driving on a designated county road that experiences seasonal runoff and its performance capabilities are authentically portrayed consistent with the Jeep brand philosophy. Other examples of how Jeep demonstrates vehicle capabilities take place at the brand's Camp Jeep activities at auto shows and experiential events." The Super Bowl is always packed to the brim with various car commercials. FCA in particular had a big showing this year with ads from both Ram and Jeep. It's the latter that seems to have drawn the ire of some organizations, particularly one where a new Jeep Cherokee drove up a stream in a commercial called "The Road." Trout Unlimited, a freshwater conservation organization, has criticized FCA for encouraging driving that might endanger fish habitats. Trout Unlimited President and CEO Chris Wood sent a letter to FCA chief Sergio Marchionne, calling the commercial "wrongheaded" and that Jeep got some "bad marketing advice on this one." Wood says many of Trout Unlimited's members are Jeep owners and that he previously owned a Jeep CJ7 that he took all over Vermont. He says that he took it off-roading, though he never drove right up the middle of a stream. We're waiting on a comment from Jeep, but MSN reports that the automaker is defending the ads — though there aren't plans to run them again. Trout Unlimited says driving up and damaging streams can destroy the gravel where fish lay eggs. Either way, off-roaders should always be mindful of their surroundings so they don't destroy the land or sink their vehicles after, say, breaking through the ice on a frozen lake. Related Video:

Jeep reveals annual Moab Easter Jeep Safari concepts

Jeep has unveiled its annual spate of concepts before the Easter Jeep Safari. Those start with the Grand Cherokee Trailhawk Concept (below left), complete with the company's EcoDiesel V6 engine. Designers threw in a set of 35-inch Mickey Thompson tires wrapped around 17-inch Rubicon wheels, and a set of custom fender flares help keep all that rubber under wraps.
Meanwhile, the Wrangler Mopar Recon (below right) packs a 6.4-liter Hemi V8 good for 470 horsepower. All that grunt gets to the ground via a five-speed automatic transmission and a set of a Dana 60 axles frond and rear with 4.10 gears. The Recon also makes use of a 4.5-inch prototype long-arm kit and a set of prototype eight-lug bead lock wheels.
The Wrangler Stitch (below left) builds on the momentum of the Wrangler Pork Chop Concept. Engineers once again set out to strike as much weight as possible from the vehicle, and actually managed to trim the curb weight down to 3,000 pounds. That effort has given the machine the same power to weight ratio as the Grand Cherokee SRT8. Plenty of carbon fiber, door deletes and a chrome moly roll cage all help trim those pounds, and a set of DanyTrac Pro Rock 44 axles with 4.88 gears and ARB lockers front and rear let this machine scramble over whatever is in its path.