StandardShift.com

I was driving 70 mph on the edge of downtown St. Louis when the exploit began to take hold.

Though I hadn’t touched the dashboard, the vents in the Jeep Cherokee started blasting cold air at the maximum setting, chilling the sweat on my back through the in-seat climate control system. Next the radio switched to the local hip hop station and began blaring Skee-lo at full volume. I spun the control knob left and hit the power button, to no avail. Then the windshield wipers turned on, and wiper fluid blurred the glass.

As I tried to cope with all this, a picture of the two hackers performing these stunts appeared on the car’s digital display: Charlie Miller and Chris Valasek, wearing their trademark track suits. A nice touch, I thought.

The Jeep’s strange behavior wasn’t entirely unexpected. I’d come to St. Louis to be Miller and Valasek’s digital crash-test dummy, a willing subject on whom they could test the car-hacking research they’d been doing over the past year. The result of their work was a hacking technique—what the security industry calls a zero-day exploit—that can target Jeep Cherokees and give the attacker wireless control, via the Internet, to any of thousands of vehicles. Their code is an automaker’s nightmare: software that lets hackers send commands through the Jeep’s entertainment system to its dashboard functions, steering, brakes, and transmission, all from a laptop that may be across the country.

Rope-Pusher wrote:They need to grow up, get out of their parent's basements and consider the consequences of their actions.

They could have demonstrated the same hacks to their guinea-pig friend in a parking lot without putting him at risk.

After all the press about the GM ignition switches, and over 100 drivers who are being granted compensation for accidents where the engine shut off, they must have known that it isn't safe to shut of the engine of a car while it is out on the road.

watkins wrote:SO MANY paranoid phone calls today. GAH! And its not even Chrysler's fault. Its Uconnect's problem.

watkins wrote:Not directly, no. But I have had to listen to my service advisers bitching about people calling in all day.

Rope-Pusher wrote:

watkins wrote:Not directly, no. But I have had to listen to my service advisers bitching about people calling in all day.

"Well, I don't know about that, but I kin let you talk to this Watley feller we got here and he can setcha strait"

FCA US LLC is conducting a voluntary safety recall to update software in approximately 1,400,000 U.S. vehicles equipped with certain radios.

The recall aligns with an ongoing software distribution that insulates connected vehicles from remote manipulation, which, if unauthorized, constitutes criminal action.

Further, FCA US has applied network-level security measures to prevent the type of remote manipulation demonstrated in a recent media report. These measures – which required no customer or dealer actions – block remote access to certain vehicle systems and were fully tested and implemented within the cellular network on July 23, 2015.

Squint wrote:D-d-d-d-double post!

FCA is apparently issuing a voluntary recall:

FCA US LLC is conducting a voluntary safety recall to update software in approximately 1,400,000 U.S. vehicles equipped with certain radios.

The recall aligns with an ongoing software distribution that insulates connected vehicles from remote manipulation, which, if unauthorized, constitutes criminal action.

Further, FCA US has applied network-level security measures to prevent the type of remote manipulation demonstrated in a recent media report. These measures – which required no customer or dealer actions – block remote access to certain vehicle systems and were fully tested and implemented within the cellular network on July 23, 2015.

http://www.media.chrysler.com/newsrelea ... 16849&mid=

six wrote:Cars these days are rolling computers with seats and an engine. It's inevitable. Our lives are in the hands of the engineers who programmed the software in our cars. Let's hope they programmed with security in mind (yeah right).