Hackers Burrow Into a Jeep Again - Will FCA Give Them $1,500?
The same two guys who brought you last year’s remote hacking of a Jeep Cherokee on a Missouri highway (and resulting 1.4 million vehicle recall) are at it again.
This time, Charlie Miller and Chris Valasek entered the same Cherokee’s electronic brain, bypassing security software to gain control over key driving functions, according to Wired.
Both men are security researchers, and take pride in finding new ways to defeat electronic walls put up by automakers. FCA added a patch to its Uconnect software last year after their discovery, but hackers gonna hack, you know.
One the surface, their latest hack is alarming. The two were able to control the Jeep’s cruise control and steering, even at high speeds. In practice, the hack isn’t anything like the earlier one — to do it, they needed to be inside the vehicle, with a laptop plugged into the Jeep’s electronic network via a port under the dash.
Once plugged in, they were able to override commands from the vehicle’s electronic control module.
“You have one computer in the car telling it to do one thing and we’re telling it to do something else,” says Miller. “Essentially our solution is to knock the other computer offline.”
Every piece of software has a back door, which is why FCA launched a “bug bounty” cyber-threat tip line last month. By offering fledgling hackers and seasoned experts up to $1,500 in exchange for tips on software vulnerabilities, the automaker hopes to safeguard its vehicles from evildoers.
Both researchers note that while potentially dangerous, drivers can physically cut short any hacking attempt — assuming they notice it in time. If a hacker takes control of a vehicle’s accelerator, a driver can still depress the brake, slowing the car. The same goes for steering.
In a statement, FCA said it admired the hackers’ creativity, but added that their Jeep “appears to have been altered back to an older level of software.” The automaker continued, stating, “It is highly unlikely that this exploit could be possible…if the vehicle software were still at the latest level.”
Does this mean Miller and Valasek won’t get a $1,500 check in the mail?
[Image: Fiat Chrysler Automobiles]
More by Steph Willems
Latest Car ReviewsRead more
Latest Product ReviewsRead more
- Wjtinfwb Funny. When EV's were bursting onto the scene; Tesla's, Volt's, Leaf's pure EV was all the rage and Hybrids were derided because they still used a gas engine to make them, ahem; usable. Even Volt's were later derided when it was revealed that the Volt's gas engine was actually connected to the wheels, not just a generator. Now, Hybrids are warmly welcomed into the Electric fraternity by virtue of being "electrified". If a change in definition is what it takes, I'm all for it. Hybrid's make so much sense in most American's usage patterns and if needed you can drive one cross-country essentially non-stop. Glad to see Hybrid's getting the love.
- 3-On-The-Tree We also had a 1973 IH Scout that we rebuilt the engine in and it had dual glass packs, real loud. I miss those days.
- 3-On-The-Tree Jeff thanks. Back in 1990 we had a 1964 Dodge D100 with a slant six with a 3 on the tree. I taught myself how to drive a standard in that truck. It was my one of many journeys into Mopar land. Had a 1973 Plymouth duster with a slant six and a 1974 Dodge Dart Custom with 318 V8. Great cars and easy to work on.
- Akear What is GM good at?You led Mary............................................What a disgrace!
- Randy in rocklin I have a 87 bot new with 200k miles and 3 head gasket jobs and bot another 87 turbo 5 speed with 70k miles and new head gaskets. They cost around 4k to do these days.