Jeep 03 Liberty Utility on 2040-cars

Auto blog

In Michigan, car hackers could face life imprisonment

Car hackers may not want to mess with vehicles in and around the Motor City. A pair of Michigan lawmakers introduced legislation Thursday that would punish anyone who infiltrates a vehicle's electronic systems with penalties as harsh as life imprisonment. Senate bill 927 says that "a person shall not intentionally access or cause access to be made to an electronic system of a motor vehicle to willfully destroy, damage, impair, alter or gain unauthorized control of the motor vehicle." Offenders will be deemed guilty of a felony, and may be imprisoned for any number of years up to life in prison. The proposed legislation is one of the first attempts nationally to address the consequences for car hacking, which has become a top concern throughout the auto industry. Critics have accused executives of being slow to respond to the threats, which were first known as long as six years ago but gained attention last July when a pair of researchers remotely controlled a Jeep Cherokee. In January, the industry established an Information Sharing and Analysis Center to collectively evaluate security measures and counter breaches. But the Michigan bill isn't noteworthy only because of the life penalty prescribed; it's noteworthy for what's missing in its details. Language in the bill doesn't delineate between independent cyber-security researchers and criminals who intend to inflict harm or havoc. Under its provisions, it's possible Charlie Miller, pictured below, and Chris Valasek, the researchers who demonstrated last summer that the Cherokee could be remotely commandeered and controlled, could face life behind bars. Provisions of the legislation that prevent a person from "altering" the motor vehicle could ensnare car enthusiasts or gearheads who tinker with electronic systems to boost performance, increase fuel efficiency or add aftermarket features. In that context, Senate Bill 927 seems like the latest measure in a running feud between independent researchers, gearheads and big automakers. Car companies don't like third parties poking around their electronic systems and would prefer the researchers not reveal security weaknesses. Researchers, on the other hand, say many carmakers are either slow to fix or unwilling to repair security holes unless they're able to publish their findings.

Jeep Super Bowl commercial nets criticism from fish conservationists [Update]

Update. FCA got back to us with the following statement: "The Jeep brand and FCA cooperate with federal/state/local governments and organizations, including Tread Lightly and Access Fund, around the world to help ensure that its vehicles are being utilized in a legal and responsible manner, and follow those guidelines when demonstrating their off-road capabilities. Ecological assessments are made and considered when the Jeep brand conducts demonstrations of a vehicle's off-roading capabilities. The vehicle shown in this video is driving on a designated county road that experiences seasonal runoff and its performance capabilities are authentically portrayed consistent with the Jeep brand philosophy. Other examples of how Jeep demonstrates vehicle capabilities take place at the brand's Camp Jeep activities at auto shows and experiential events." The Super Bowl is always packed to the brim with various car commercials. FCA in particular had a big showing this year with ads from both Ram and Jeep. It's the latter that seems to have drawn the ire of some organizations, particularly one where a new Jeep Cherokee drove up a stream in a commercial called "The Road." Trout Unlimited, a freshwater conservation organization, has criticized FCA for encouraging driving that might endanger fish habitats. Trout Unlimited President and CEO Chris Wood sent a letter to FCA chief Sergio Marchionne, calling the commercial "wrongheaded" and that Jeep got some "bad marketing advice on this one." Wood says many of Trout Unlimited's members are Jeep owners and that he previously owned a Jeep CJ7 that he took all over Vermont. He says that he took it off-roading, though he never drove right up the middle of a stream. We're waiting on a comment from Jeep, but MSN reports that the automaker is defending the ads — though there aren't plans to run them again. Trout Unlimited says driving up and damaging streams can destroy the gravel where fish lay eggs. Either way, off-roaders should always be mindful of their surroundings so they don't destroy the land or sink their vehicles after, say, breaking through the ice on a frozen lake. Related Video:

Feds fretting over remote hack of Jeep Cherokee

A cyber-security gap that allowed for the remote hacking of a Jeep Cherokee has federal officials concerned. An associate administrator with the National Highway Traffic Safety Administration said Thursday that news of the breach conducted by researchers Chris Valasek and Charlie Miller had "floated around the entire federal government." "The Homeland Security folks sent out broadcasts that, 'Here's an issue that needs to be addressed,'" said Nathaniel Beuse, an associate administrator with the National Highway Traffic Safety Administration. Valasek and Miller commandeered remote control of the Cherokee through a security flaw in the cellular connection to the car's Uconnect infotainment system. From his Pittsburgh home, Valasek manipulated critical safety inputs, such as transmission function, on Miller's Jeep as he drove along a highway near St. Louis, MO. The scope of the remote breach is believed to be the first of its kind. The prominent cyber-security researchers needed no prior access to the vehicle to perform the hack, and the scope of the remote breach is believed to be the first of its kind. A NHTSA spokesperson said the agency's cyber-security staff members are "putting their expertise to work assessing this threat and the response, and we will take action if we determine it's necessary to protect safety." A Homeland Security spokesperson referred questions about the hack to Chrysler. Fiat Chrysler Automobiles has already been the subject of a federal hearing this month, in which officials scrutinized whether the company had adequately fixed recalled vehicles and repeatedly failed to notify the government about defects. But cyber-security concerns are a new and different species for the regulatory agency. Only hours before the Jeep hack was announced by Wired magazine earlier this week, NHTSA administrator Dr. Mark Rosekind said hacking vulnerabilities were a threat to privacy, safety, and the public's trust with new connected and autonomous technologies that allow vehicles to communicate. NHTSA outlined its response to the cyber-security challenges facing the industry in a report issued Tuesday. In it, the agency summarized its best practices for thwarting attacks and said it will analyze possible real-time infiltration responses. But the agency's ability to handle hackers may only go so far.