Sport Convertible 3.6l Cd 4x4 16 X 7.0 Lux Styled Steel Wheels (std) Crush A/c on 2040-cars

Auto blog

Jeep in St. Louis hacked from Pittsburgh

One of America's most popular vehicles contains a security flaw that allows hackers to remotely commandeer it from anywhere on the planet. Cyber-security researchers Chris Valasek and Charlie Miller say they've accessed critical vehicle controls on a 2014 Jeep Cherokee that allowed them to remotely control critical vehicle functions like braking, transmission function, and steering. Automakers have downplayed the possibility a car could be remotely compromised, but the significance of the findings detailed Tuesday could cause them to reevaluate the threats posed to hundreds of thousands of vehicles already on the road. A key finding – the pair needed no physical access to the Jeep to pull off the attack. Valasek and Miller accessed the controls via a security hole in the Sprint cellular connection to Chrysler's UConnect infotainment system. In the course of their research, Valasek sat in his Pittsburgh home and remotely manipulated Miller's Jeep as he drove along a highway outside St. Louis. If you know a car's IP address, they say, a hacker could control it from anywhere. "We didn't add anything, didn't touch it," Valasek told Autoblog. "A customer could drive one of these things off a lot, and they'd have no clue it had these open attack surfaces." Remotely, he disabled brakes, turned the radio volume up, engaged windshield wipers and tampered with the transmission. Further, they could conduct surveillance on the Jeep, measuring its speed and tracking its whereabouts. They conducted the experiments over multiple breaches. They made their findings public on the same day the National Highway Traffic Safety Administration, the federal agency in charge of vehicle safety, released its latest report on the readiness of government and automakers to fend off these sorts of cyber attacks. Later today, two US Senators are expected to introduce legislation that would help consumers better understand the potential risks of car hacking. In the early stages of their research, Valasek and Miller found a security flaw in the car's wi-fi that allowed them to remotely manipulate controls from a range of about three feet. But in recent months, they found another vulnerability in the Sprint cellular connection in the UConnect system. That was a key breakthrough. "Lo and behold, we found we could communicate with this thing using cellular, and then more research, and 'Holy cow,' we're using the Sprint network to communicate with these vehicles," Valasek said.

164K Jeep Cherokees recalled to protect liftgate from moisture

FCA is recalling 164,003 examples of the 2014 and 2015 Jeep Cherokee because moisture can damage the power liftgate controls on models that are equipped with that feature. Regionally, this includes 99,436 of them in the US, 13,195 in Canada, 2,406 in Mexico, and 48,966 outside of NAFTA. The problem came to light after the automaker started investigating a fire in one of the SUVs. There were no injuries, though. According to FCA US' research, the power hatch's control module potentially can be exposed to water. This can cause a short circuit and possibly a fire, as in this case. Until the issue is repaired, the company is advising owners to keep the cargo area dry on Cherokees equipped with this feature. To fix things, dealers will install a shield around the controls to protect them from moisture and will replace any modules showing exposure to water. Statement: Water-Shield Installation June 24, 2015 , Auburn Hills, Mich. - FCA US LLC is voluntarily recalling an estimated 99,436 SUVs in the U.S. to install shields that protect their power liftgate control modules, and related components, from moisture. FCA US LLC began an investigation after learning of a reported vehicle fire. The probe revealed power liftgate control modules in certain SUVs may be inadvertently exposed to water. This may cause a short-circuit, creating a fire hazard. However, the Company is unaware of any related injuries or accidents. The campaign affects model year 2014 and 2015 Jeep Cherokee SUVs, but is limited to vehicles equipped with power liftgates. An estimated 13,195 customers are affected in Canada, along with an estimated 2,406 customers in Mexico and 48,966 outside the NAFTA region. The estimated total recall population is 164,003. All affected customers will be advised when they may schedule service. If the modules show signs of water exposure, they will be replaced. All recall-related work will be performed free of charge. In the interim, the cargo areas of 2014-15 Cherokees equipped with power liftgates should be monitored and kept dry. Customers with questions may call the FCA US Customer Information Center at 1-800-853-1403.

Federal grand jury issues subpoenas to U.S. FCA dealers

Despite an attempt to clarify and backtrack, it seems the investigation into Fiat Chrysler Automobile's false sales reporting is picking up steam. According to Automotive News, FCA dealers and regional offices have received subpoenas ordering them to supply documents and testimony to a grand jury in Detroit. Of course, the dealers are objecting to the request. They claim the subpoenas are too broad and would require them to hand over too much personal information, like personal phone numbers of dealer employees going back years. The group wants to make it clear that FCA has clarified its sales reporting and that the issue is with the manufacturer, not dealers. The dealers say that FCA employee records and testimony should be enough. It's rumored that a dealer group is the one that sparked the investigation in the first place. FCA confirmed on July 18 that it indeed was under investigation by a number of federal agencies. Although they've clarified their position regarding sales reporting, the fraud investigation continues full steam. Related Video: