2018 Jeep Wrangler Unlimited Sport S on 2040-cars

Auto blog

Jeep in St. Louis hacked from Pittsburgh

One of America's most popular vehicles contains a security flaw that allows hackers to remotely commandeer it from anywhere on the planet. Cyber-security researchers Chris Valasek and Charlie Miller say they've accessed critical vehicle controls on a 2014 Jeep Cherokee that allowed them to remotely control critical vehicle functions like braking, transmission function, and steering. Automakers have downplayed the possibility a car could be remotely compromised, but the significance of the findings detailed Tuesday could cause them to reevaluate the threats posed to hundreds of thousands of vehicles already on the road. A key finding – the pair needed no physical access to the Jeep to pull off the attack. Valasek and Miller accessed the controls via a security hole in the Sprint cellular connection to Chrysler's UConnect infotainment system. In the course of their research, Valasek sat in his Pittsburgh home and remotely manipulated Miller's Jeep as he drove along a highway outside St. Louis. If you know a car's IP address, they say, a hacker could control it from anywhere. "We didn't add anything, didn't touch it," Valasek told Autoblog. "A customer could drive one of these things off a lot, and they'd have no clue it had these open attack surfaces." Remotely, he disabled brakes, turned the radio volume up, engaged windshield wipers and tampered with the transmission. Further, they could conduct surveillance on the Jeep, measuring its speed and tracking its whereabouts. They conducted the experiments over multiple breaches. They made their findings public on the same day the National Highway Traffic Safety Administration, the federal agency in charge of vehicle safety, released its latest report on the readiness of government and automakers to fend off these sorts of cyber attacks. Later today, two US Senators are expected to introduce legislation that would help consumers better understand the potential risks of car hacking. In the early stages of their research, Valasek and Miller found a security flaw in the car's wi-fi that allowed them to remotely manipulate controls from a range of about three feet. But in recent months, they found another vulnerability in the Sprint cellular connection in the UConnect system. That was a key breakthrough. "Lo and behold, we found we could communicate with this thing using cellular, and then more research, and 'Holy cow,' we're using the Sprint network to communicate with these vehicles," Valasek said.

Key-swapping thieves steal Jeep Grand Cherokee SRT from FL dealer

Just a few weeks back, we reported on the theft of an Audi RS5 by a pair of creative thieves who managed to swipe the car's keys when the salesperson stepped away from their desk. Now, a Florida dealership is missing a Jeep Grand Cherokee SRT8 after some crooks switched the Jeep's keys with an identical, non-functioning set.
According to the report from local NBC affiliate WPTV, the men went in and spoke to a dealer about the Jeep. They walked outside, took a look at it, started it up and in the process managed to switch out the fobs. After doing their time with the salesperson, the thieves walked back out to the car, got in and drove away.
"I mean obviously, the way it was done, I think that they were professionals and they knew what they were doing," said Arrigo Jeep General Manager Joe Tufo. "The fact that they did it in broad daylight and switched the key fob and it was like it was nothing. That's what makes it unique," he added.

FCA to idle Belvidere Jeep plant again for a week in February

Bloomberg reports that Fiat Chrysler will shut down the Belvidere, Ill., plant that assembles the Jeep Cherokee for a week this month, starting February 17. FCA has been tweaking the plant's headcount and production schedule for a while now, usually downward. The automaker laid off 1,371 workers last February and fired 32 more in May, the same month it eliminated the third production shift. In August, the automaker shut down the plant for one week, then did so again for two weeks last month. As in August and January, FCA explained this month's idling by saying it needs to get production in alignment with demand. Cherokee sales declined 20% in the U.S. last year, helping to account for Jeep's overall 5% domestic drop in 2019. On top of the shutdown, FCA is offering buyouts to certain plant workers among the 3,600 hourly and 300 salaried personnel. The choices are either taking a "separation package" that comes with a $60,000 lump sum payment, or accepting voluntary termination that pays a lump sum based on seniority. Employees that choose a buyout can't return to Chrysler, becoming no longer "eligible for recall, rehire or reemployment." Belvidere personnel have until March 11 to make their decisions. Bloomberg says the aim is to reduce the number of workers with more seniority and higher pay grades; a company spokesperson said the move would "create opportunities for those employees still on layoff," who were lesser-paid. Around 900 of those laid-off workers remain on standby for reassignment to another plant. Analysts predict a soft year for car sales, so FCA might not be the only automaker pruning the rolls. Early estimates have come in below 17 million, and if that comes true, 2020 will be the slowest year since 2014, when 16,531,070 units left lots. The new contract between FCA and the UAW made provisions for Belvidere, which has tempered talk of a total shutdown.The automaker will invest $55 million for "fresh models/features off of the current (KL) platform" that underpins the Cherokee as well as the Chinese-market Jeep Grand Commander (it was previously used for the Dodge Dart and Chrysler 200). Outside of that, some observers think the carmaker could be planning a three-row Chrysler crossover based on the KL platform, akin to the Grand Commander, for the United States. Related Video: This content is hosted by a third party. To view it, please update your privacy preferences. Manage Settings.