Skip to main content
  1. Home
  2. Cars
  3. News

Latest Jeep hack reminds us why we should keep our cars’ software updated

By

Jeep Cherokee
Image used with permission by copyright holder
Last year, security researchers Charlie Miller and Chris Valasek demonstrated the threat of car hacking in a dramatic way, by taking control of a Jeep Cherokee’s transmission and brakes while the car was moving. Now they’re back with new hacks that seem more sinister, but may not pose an actual threat in the real world.

Miller and Valasek can now mess with more than the transmission and brakes. They can activate the parking brake, tamper with the cruise control, and use the Cherokee’s automated parking system to jerk the steering wheel 180 degrees while the car is in motion, according to Engadget. That doesn’t sound good.

Recommended Videos

However, that ability to sow mayhem comes with an asterisk. After Miller and Valasek revealed their first Jeep hack, Fiat Chrysler Automobiles (FCA) initiated a recall of 1.4 million cars to update software and eliminate the weak point the two security researchers exploited. For this second demonstration, though, Miller and Valasek used the same 2014 Cherokee as before. FCA claims the vehicle did receive the software update as part of last year’s recall, but that it had been “altered back to an older level of software.”

Read more: Worried about car hacking? FBI and DOT offer safety tips

Unlike the previous hack, this one also required a physical connection: a laptop was plugged into the Cherokee’s OBD-II diagnostic port the whole time. Miller and Valasek also had to install their own firmware, which disabled some of the car’s built security features, before they could gain control of the steering and other systems. Given that, it’s unlikely someone would be able to execute this hack in the real world without the target’s knowledge.

It’s worth noting that, as The Verge points out, hackers could gain access to a car’s OBD-II port through diagnostic devices like the Verizon Hum and Automatic Adapter, or the devices issued by insurance companies to track driver behavior in exchange for the possibility of rate discounts. The proliferation of these devices further erodes the wall that used to separate car systems from the world at large.

Updated on 08-03-2016 by Stephen Edelstein: FCA issued a statement in response to the latest Miller and Valasek hack. The carmaker noted that accomplishing the hack required “extensive technical knowledge” and physical access to the OBD-11 port. FCA also said that the Jeep Cherokee used in the demonstration had been updated to address the security issue exposed last year, but that its had been “altered back to an older level of software.”

“Based on the material provided, while we admire their creativity, it appears that the researchers have not identified any new remote way to compromise a 2014 Jeep Cherokee or other FCA U.S. vehicles,” the company said.

Topics
Stephen Edelstein
Stephen Edelstein
Contributing Editor
Stephen is a freelance automotive journalist covering all things cars. He likes anything with four wheels, from classic cars…
Tesla’s fix for faulty Cybertruck pedal is simpler than you might think
Tesla Cybertruck

Less than five months after handing over the first Cybertrucks to customers, Tesla has had to recall the electric pickup to fix an issue with the accelerator.

In a notice issued on Friday, the National Highway Traffic Safety Administration (NHTSA) said that the recall impacts Cybertruck vehicles manufactured from November 13, 2023, to April 4, 2024. This suggests that all -- or almost all -- of the 3,878 Cybertrucks being recalled are those that have been manufactured to date.

Read more
Ford Mustang Mach-E 2024 vs. Mach-E 2023: What’s new in Ford’s electric Mustang?
Blue Ford Mustang Mach-E on a rooftop

The Ford Mustang Mach-E is easily one of the best EVs for the price, offering a solid range, sleek design, and pretty good tech on the inside. In recent years, it has gotten even cheaper -- thanks in large part to a price war between it and the Tesla Model 3. And, the company just took the wraps off of the latest and greatest version of the Mach-E, labeled as the 2024 model.

The 2024 Mustang Mach-E is notably different from the 2023 iteration in some meaningful ways. So much so that we decided to take a look at the two head-to-head -- to see if it was better to pay for the 2024 model or save some cash on any remaining 2023 stock.
Design
The Mustang Mach-E looks relatively unique -- in a good way. And thankfully, Ford has largely kept the overall design the same for the 2024 model, at least when it comes to the more consumer-focused models. The car retains the slatted taillights and crossover size. It also offers a large selection of colors, including the very blue Grabber Blue Metallic, as well as Rapid Red Metallic. It's a good selection of colors, and there should be an option for most buyers.

Read more
Tesla to begin production on new, more affordable models
Tesla Model 3

With competition increasing from Chinese and other automakers, Tesla boss Elon Musk revealed on Tuesday that his company is planning to begin production of new, more affordable models in “early 2025, if not late this year.” Notably, that's earlier than the previously stated date of late 2025, though whether Musk actually succeeds in meeting the earlier production time frame is another question entirely.

The news came as Tesla released its latest quarterly figures. Revenue for the electric vehicle maker came in at $21.3 billion, down from the $23.3 billion it reported for the same three-month period a year earlier and also down from the $25.2 billion reported in the previous quarter. Profit reached $1.1 billion, marking a 55% fall compared to the same period a year ago.

Read more