2020 Jeep Wrangler Sport S on 2040-cars

Auto blog

Chrysler, Nissan looking into claim that their cars are industry's most hackable

A pair of cyber security experts have awarded the ignominious title of most hackable vehicles on American roads to the 2014 Jeep Cherokee, 2014 Infiniti Q50 and 2015 Cadillac Escalade.
Charlie Miller and Chris Valasek are set to release a report at the Black Hat hacking conference in Las Vegas, Automotive News reports. The two men found the Jeep, Caddy and Q50 were easiest to hack based not on actual tests with the vehicles, but a detailed analysis of systems like Bluetooth and wireless internet access - basically, anything that'd allow a hacker to remotely gain access to the vehicle's systems.
Considering this lack of hands-on testing, the pair acknowledge that "most hackable" could be a relative term - they point out that the vehicles may actually be quite secure.

Jeep Cherokee faces on-sale delay

A report in The Wall Street Journal looks at some of the obstacles to the 2014 Jeep Cherokee that go beyond its mootable yet "very contemporary" looks, almost all of them based on Fiat's financial position. Starting with that sheetmetal, in defense of it SRT president Ralph Gilles and Jeep design head Mark Allen said they wanted to "make sure the design still looks modern five years from now."
The WSJ piece doesn't cite longevity as a factor, instead saying that its features originated in a design for an Alfa Romeo, the transformation into a Jeep design meant allowing Chrysler get it to market more quickly and save "hundreds of millions of dollars" in engineering.
The need for Fiat to save money while it weathers the European situation has cut budgets for development, engineering and the pace of retooling the Toledo, Ohio plant to build the Cherokee. In a familiar case of snowballing at work, among the effects will be pushing back the Cherokee's volume sales date and delaying updates to some of Chrysler's other products.

FCA will pay you to hack its systems

FCA is willing to pay you to hack its cars, as long as you tell the company how you did it. In an effort to enhance cybersecurity and prevent future incidents like the Jeep Cherokee hack last year, FCA announced it's working with Bugcrowd to find vulnerabilities in its vehicle software. Bugcrowd labels itself as a crowdsourced application security testing company. Users, or independent security researchers as Bugcrowd calls them, can find exploits or vulnerabilities in FCA systems. They then submit the information to Bugcrowd, who in turn supplies the info to FCA. The goal is to update systems and close any possible security breaches. FCA is offering bounties from $150 to $1,500 to any Mr. Robot types, with payment based on the size and severity of the flaw. FCA wants hackers to focus specifically on the UConnect website and the company's iOS and Android apps. No bounties will be given for anything outside the scope of those three things. Bugcrowd says it will not take any legal action against anyone who submits an exploit. While we think it's good that the company is taking steps to address these problems, it's not a groundbreaking maneuver. Other companies employ similar systems. Earlier this year, both Tesla and Uber announced that they're willing to offer up to $10,000 to hackers who find vulnerabilities in their system. For years, Microsoft has been paying hackers to find exploits. It also seems that FCA took its time to announce this plan, considering the Jeep hack happened nearly a year ago. If the partnership works, we can expect other automakers to make similar deals. Related Video: This content is hosted by a third party. To view it, please update your privacy preferences. Manage Settings. News Source: FCA, Bugcrowd Jeep Safety Technology Infotainment Smartphone FCA