2014 Chrysler Town & Country Touring on 2040-cars

Auto blog

Jeep in St. Louis hacked from Pittsburgh

One of America's most popular vehicles contains a security flaw that allows hackers to remotely commandeer it from anywhere on the planet. Cyber-security researchers Chris Valasek and Charlie Miller say they've accessed critical vehicle controls on a 2014 Jeep Cherokee that allowed them to remotely control critical vehicle functions like braking, transmission function, and steering. Automakers have downplayed the possibility a car could be remotely compromised, but the significance of the findings detailed Tuesday could cause them to reevaluate the threats posed to hundreds of thousands of vehicles already on the road. A key finding – the pair needed no physical access to the Jeep to pull off the attack. Valasek and Miller accessed the controls via a security hole in the Sprint cellular connection to Chrysler's UConnect infotainment system. In the course of their research, Valasek sat in his Pittsburgh home and remotely manipulated Miller's Jeep as he drove along a highway outside St. Louis. If you know a car's IP address, they say, a hacker could control it from anywhere. "We didn't add anything, didn't touch it," Valasek told Autoblog. "A customer could drive one of these things off a lot, and they'd have no clue it had these open attack surfaces." Remotely, he disabled brakes, turned the radio volume up, engaged windshield wipers and tampered with the transmission. Further, they could conduct surveillance on the Jeep, measuring its speed and tracking its whereabouts. They conducted the experiments over multiple breaches. They made their findings public on the same day the National Highway Traffic Safety Administration, the federal agency in charge of vehicle safety, released its latest report on the readiness of government and automakers to fend off these sorts of cyber attacks. Later today, two US Senators are expected to introduce legislation that would help consumers better understand the potential risks of car hacking. In the early stages of their research, Valasek and Miller found a security flaw in the car's wi-fi that allowed them to remotely manipulate controls from a range of about three feet. But in recent months, they found another vulnerability in the Sprint cellular connection in the UConnect system. That was a key breakthrough. "Lo and behold, we found we could communicate with this thing using cellular, and then more research, and 'Holy cow,' we're using the Sprint network to communicate with these vehicles," Valasek said.

NHTSA preparing to wallop FCA, automaker 'failed to do its job'

As embattled the National Highway Traffic Safety Administration may be, but that certainly doesn't mean it isn't willing or able to put the smack down on automakers that violate its recall procedures. Following a public hearing on Thursday, the government safety arm is preparing what will likely be some very serious punishments for Fiat Chrysler Automobiles. FCA stands accused of mishandling 23 individual recalls covering some 11 million vehicles since 2013, with NHTSA claiming the Italian-American automaker kept it "in the dark," failing to notify the government of safety defects. Uncle Sam also alleges that FCA failed to notify consumers of important safety notices and didn't provide a steady supply of replacement parts. For these charges, the automaker could be fined up to $35 million per recall, which could mean a maximum of $805 million in fines. FCA could also be forced to buy back the unrepaired vehicles. "We have serious concerns with Fiat Chrysler notifications to owners and to NHTSA about its recalls. In every one of the 23 recalls, we have identified ways in which Fiat Chrysler failed to do its job," Jennifer Timian, the head of the Office of Defects Investigation, said during the FCA hearing, The Detroit News reports. The company also "repeatedly failed to provide NHTSA with other critical information about its recalls, including changes to the vehicles impacted by the recalls and its plans for remedying those vehicles." Fiat Chrysler, for its part, didn't really fight back during its hearing, although Scott Kunselman (shown above during the hearing), the senior vice president of vehicle safety and regulatory affairs at FCA, did tell The News that, "We absolutely had no mis-intent." "The plan is to move forward," Kunselman said, adding that the company has "fallen short," and that "some of the things we've done were sloppy." NHTSA administrator Mark Rosekind told The News that the regulator would issue its sanctions by the end of July, adding that he saw no way that FCA could avoid punishment.

180,000 new vehicles are sitting, derailed by lack of transport trains

If you're planning on buying a new car in the next month or so, you might want to pick from what's on the lot, because there could be a long wait for new vehicles from the factory. Locomotives continue to be in short supply in North America, and that's causing major delays for automakers trying to move assembled cars.
According to The Detroit News, there are about 180,000 new vehicles waiting to be transported by rail in North America at the moment. In a normal year, it would be about 69,000. The complications have been industry-wide. Toyota, General Motors, Honda and Ford all reported experiencing some delays, and Chrysler recently had hundreds of minivans sitting on the Detroit waterfront waiting to be shipped out.
The problem is twofold for automakers. First, the fracking boom in the Bakken oil field in the Plains and Canada is monopolizing many locomotives. Second, the long, harsh winter is still causing major delays in freight train travel. The bad weather forced trains to slow down and carry less weight, which caused a backup of goods to transport. The auto companies resorted to moving some vehicles by truck, which was a less efficient but necessary option.