2013 Chrysler 300c Base on 2040-cars

Auto blog

Harsh words from senators over Chrysler's delay in reporting hack

The federal agency charged with protecting American motorists wants to know more about how hackers remotely commandeered and controlled a Jeep Cherokee. Hours after Fiat Chrysler Automobiles recalled 1.4 million cars affected by a flaw in their cellular connections, officials with the National Highway Traffic Safety Administration said Friday they'll further probe the defect by conducting a formal recall query investigation. "Opening this investigation will allow NHTSA to better assess the effectiveness of the remedy proposed," the agency said in a written statement. The remedy works, said Chris Valasek, one of the researchers who first discovered the security flaw. After testing for the vulnerability again Friday, he wrote on Twitter: "Looks like I can't get to @0xcharlie's Jeep from my house via my phone. Good job FCA/Sprint!" From his Pittsburgh home, Valasek had previously accessed and controlled co-worker Charlie Miller's Jeep along a St. Louis highway. Researchers have demonstrated remote hacks before, but the scope and severity of the Jeep vulnerability was unprecedented. The recall for a cyber threat was the first of its kind. Although a software patch and changes made by cellular provider Sprint appeared to fix the problem, news of the exploit and Chrysler's response brought a fresh round of consternation on Capitol Hill, where federal lawmakers had already expressed concerns about automotive cyber security. The Jeep hack elevated their concerns to a new level. "Cyber threats in cars are real and urgent, no figment of the imagination, as this huge recall demonstrates," said Sen. Richard Blumenthal (D-CT). "Incredibly, Chrysler delayed disclosing this chilling cyber-security danger egregiously and inexcusably, and strong sanctions are appropriate to send a message that other auto manufacturers will heed." Chrysler had known about the security gap since October, and Sen. Ed Markey (D-MA) wondered why it took the company so long to let customers know they were at risk. "Despite knowing about this security gap for nearly nine months, Chrysler is only now recalling 1.4 million vehicles to fix this vulnerability," he said. That's a potential pitfall for Chrysler, and something NHTSA will likely address in its investigation. Automakers are supposed to report safety-related defects to the agency within five days of discovery. But according to a chronology of events Chrysler submitted in its recall paperwork, it didn't inform NHTSA until July 15.

How to update and secure a vulnerable Chrysler Uconnect system

If you own one of the 1.4 million vehicles affected by the recent Chrysler software recall, you may want to watch this video. In it, we explain how to get the latest infotainment software loaded onto the 8.4-inch Uconnect system. The recall was a response to the findings of researchers who were able to hack into and remotely control a 2014 Jeep Cherokee through its cellular connection. Although Fiat Chrysler has worked with Sprint to plug most of the holes on the carrier side, there are still some vulnerabilities that only this latest software version can patch. Owners have three options to get the update: download it now, wait for a USB stick in the mail, or take the vehicle to an FCA dealer. Chrysler will be sending USB sticks loaded with the software update to customers. Anyone with an internet connection and a USB stick of their own with at least 4 GB capacity can speed things up by downloading the patch from the Uconnect website. We cover that process from start to finish in the video, with the final portion still applicable to those using the FCA-supplied USB stick. If after watching this you still don't want to tackle the patch yourself, you can take your vehicle to the dealer to have it done. Also note that this process is the same for all Uconnect updates, not just the one patching the exploits. Our demonstrator vehicle is a 2015 Ram 1500 pickup. The procedure should be very similar on other products with the 8.4-inch Uconnect system, with only the location of the USB port varying. Once you have the USB stick with the software on it – either after having downloaded it yourself or receiving it in the mail from Chrysler – the installation process is relatively simple. It takes about 15 minutes to perform the update; we edited out the wait in the video. To check whether or not your car's 8.4-inch Uconnect system is running the latest software, go to System Information on the touch screen's Settings page and look at Software Version. The update related to the recall is version 15.17.5. Related Video: Recalls Chrysler Dodge Jeep RAM Safety Technology Infotainment Videos Original Video hacking

Fiat Chrysler dumped 40,000 unordered vehicles on dealers

In a move that echoes recent history, Fiat Chrysler has been making more cars and trucks than dealers in the U.S. are willing to accept, with Bloomberg reporting that at one point the automaker had built up a glut of around 40,000 unordered vehicles. That’s led some dealers to accuse FCA of reviving the dreaded “sales bank” accounting practice of obscuring inventory to improve the balance sheet. The company reportedly began building up its inventory of unordered cars this summer despite an industrywide slowdown in sales and an eagerness by some dealers to thin their inventories because rising interest rates are making it more expensive to hold unsold cars. The inventory build-up also coincided with Fiat ChryslerÂ’s efforts to find a merger partner, first with Renault, which fell through, then last monthÂ’s announcement that it will merge with FranceÂ’s PSA Group. FCA denies any such scheme and tells Bloomberg the rising inventory is down to a new predictive analytics system designed to better square supply with demand from dealers that is helping the company save money and narrow the numbers of unsold vehicles. The company recently agreed to pay a $40 million civil penalty to the U.S. Securities and Exchange Commission to settle a complaint that it paid dealers to report fake sales figures over a span of five years. While no one is suggesting that FCA is in dire financial straits — the company saw higher than expected earnings in the third quarter and record profits in North America — the practice has strong historical precedent by Chrysler, which built up bloated inventories in the run-up to its two federal bailouts, in 1980 and 2009. It was also common at GM and Ford during the 2000s, when all three Detroit automakers struggled with excess manufacturing capacity and plummeting sales in the lead-up to the Great Recession. Back in 2012, CFO Magazine wrote about a report that explained automakersÂ’ rationale for the practice and how it works: Say fixed costs for a given factory are $100, and that the factory can make 50 cars. Consumers, however, demand only 10. Under absorption costing, if the company makes all 50 cars, its cost-per-car is $2. If it makes only up to demand, or 10 cars, the cost-per-car is $10. Although each car adds variable costs for steel and other parts, if those costs are low, the company still has an incentive to make more cars to keep the cost-per-car down.