Hackers Burrow Into a Jeep Again - Will FCA Give Them $1,500?

Steph Willems
by Steph Willems

The same two guys who brought you last year’s remote hacking of a Jeep Cherokee on a Missouri highway (and resulting 1.4 million vehicle recall) are at it again.

This time, Charlie Miller and Chris Valasek entered the same Cherokee’s electronic brain, bypassing security software to gain control over key driving functions, according to Wired.

Both men are security researchers, and take pride in finding new ways to defeat electronic walls put up by automakers. FCA added a patch to its Uconnect software last year after their discovery, but hackers gonna hack, you know.

One the surface, their latest hack is alarming. The two were able to control the Jeep’s cruise control and steering, even at high speeds. In practice, the hack isn’t anything like the earlier one — to do it, they needed to be inside the vehicle, with a laptop plugged into the Jeep’s electronic network via a port under the dash.

Once plugged in, they were able to override commands from the vehicle’s electronic control module.

“You have one computer in the car telling it to do one thing and we’re telling it to do something else,” says Miller. “Essentially our solution is to knock the other computer offline.”

Every piece of software has a back door, which is why FCA launched a “bug bounty” cyber-threat tip line last month. By offering fledgling hackers and seasoned experts up to $1,500 in exchange for tips on software vulnerabilities, the automaker hopes to safeguard its vehicles from evildoers.

Both researchers note that while potentially dangerous, drivers can physically cut short any hacking attempt — assuming they notice it in time. If a hacker takes control of a vehicle’s accelerator, a driver can still depress the brake, slowing the car. The same goes for steering.

In a statement, FCA said it admired the hackers’ creativity, but added that their Jeep “appears to have been altered back to an older level of software.” The automaker continued, stating, “It is highly unlikely that this exploit could be possible…if the vehicle software were still at the latest level.”

Does this mean Miller and Valasek won’t get a $1,500 check in the mail?

[Image: Fiat Chrysler Automobiles]

Steph Willems
Steph Willems

More by Steph Willems

Comments
Join the conversation
2 of 36 comments
  • Lorenzo Lorenzo on Aug 07, 2016

    I'm all in favor of electric steering, since a computer chip is best for speed sensitive steering effort. But does it have to be the same programmable chip that controls the ignition, fuel system, transmission shifting, anti-lock braking, and other discrete auto functions? It seems that a separate hard-wired chip for each auto function would be more secure. Most of those functions don't need to be connected to a super-brain with wireless access. With chip prices today, keeping systems separate wouldn't cost much more, if any more. Automakers just have an engine CPU and are piggy-backing every new feature onto that system, rather than create independent subsystems that would be easier to diagnose, repair and/or replace. Tying in wireless communications from the entertainment module to basic controls is further laziness.

  • FOG FOG on Aug 08, 2016

    The fact that the same two guys hacked into the same system is more than a little bit fishy. The first step after hacking a system is to create a way to get back in the next time. It sounds like the method used by these guys was simple code that allowed them to reflash the software back to the earlier hackable version. This time it was probably more like a parlor trick than a real accomplishment.

  • FreedMike Off topic, but folks, this site is not working well for me from a technical standpoint, and it doesn't matter if I'm using my phone, or my computer (on two different browsers). It locks up and makes it impossible to type anything in after a certain point. Anyone else having these issues?
  • Syke Kinda liked the '57, hated the '58. Then again, I hated the entire '58 GM line except for the Chevrolet. Which I liked better than the '57's. Still remember dad's '58 Impala hardtop, in the silver blue that was used as the main advertising color.
  • Dartdude The bottom line is that in the new America coming the elites don't want you and me to own cars. They are going to make building cars so expensive that the will only be for the very rich and connected. You will eat bugs and ride the bus and live in a 500sq-ft. apartment and like it. HUD wants to quit giving federal for any development for single family homes and don't be surprised that FHA aren't going to give loans for single family homes in the very near future.
  • Ravenuer The rear view of the Eldo coupe makes it look fat!
  • FreedMike This is before Cadillac styling went full scale nutty...and not particularly attractive, in my opinion.
Next