The National Highway Traffic Safety Administration has also announced that it is launching an investigation to ensure that Chrysler’s massive recall – a first of its kind in the automotive industry – will be sufficient. The researchers were able to remotely control a Jeep through its IP address over the Internet, enabling them to turn the brakes on and off, switch on the windshield wipers and even shut off the engine. There can be as many as 200 ECUs in a vehicle.
Advertisement
Miller told The Associated Press in an e-mail that he has downloaded the software patch and it appears to fix the issue.
But it doesn’t feel like Chrysler is terribly anxious about their vehicles actually being hacked.
Chrysler has also already applied an over-the-air network-level security patch that prevents “the type of remote manipulation demonstrated in a recent media report”.
Those measures, the company said, block remote access “to certain vehicle systems” and were implemented on Thursday.
Affected owners will receive a USB device that they may use to upgrade vehicle software.
If you’ve got one of these vehicles, visit http://www.driveuconnect.com/software-update/ to input your VIN number and see if it’s on the recall list. “The security of [Fiat Chrysler] customers is a top priority, as is retaining their confidence in the company’s products”.
And 2015 Dodge Challenger sports coupes.
Infotainment systems are particularly good attack surfaces because modern versions often use a driver’s smartphone to connect directly to the Internet – or such systems connect to the Internet directly through cellular signals. In response to the recall, Miller tweeted, “I wonder what is cheaper, designing secure cars or doing recalls?”
The CAN bus is very simple and the messages on it are very predictable, Miller said.
Uconnect was only supposed to help users with phone calls, Global Positioning System navigation and entertainment controls but, because of the wireless network it runs on, it unintentionally also left a security hole hackers could breach.
Chrysler is trying to make us feel better by saying that the hackers featured in the WIRED story were really smart and had time to spend with the auto.
Advertisement
The automaker said the hack appeared to be an isolated incident that could not be easily repeated.
