Categories
Accessories & Tech Jeep Video

VIDEO: They hacked a Jeep

Jeep Cherokee hackers, Charlie Miller and Chris Valasek

Back in 2013 these two guys hacked a Toyota Prius while they were riding in the back seat. Now they’re back, and this time they’ve remotely hacked a Jeep Cherokee. They did this by attacking the car’s Uconnect system, which provides internet access.

They were able to control minor things such as radio volume and HVAC controls. They could play with the Jeep’s windscreen wipers and, worryingly, they could control the steering, the brakes and cut all engine power.

Watch the clip below and see Miller and Valasek play with their 1:1 remote control toy. All well and good unless you happen to be Andy Greenberg and thinking you’re actually in control of the car while you’re out on public roads.

“There are hundreds of thousands of cars that are vulnerable on the road right now,” Charlie Miller claims.

For their part Fiat Chrysler say they have released a free security patch that resolves any vulnerability but somewhat dismissively added: “Similar to a smartphone or tablet, vehicle software can require updates for improved security protection to reduce the potential risk of unauthorised and unlawful access to vehicle systems.”

[Source: Wired via ABC]

UPDATE: FCA Australia has just released a statement confirming the release of a new security patch. Furthermore, because Uconnect is not available outside the US, no locally sold cars are affected by this cybersecurity issue.

Categories
Accessories & Tech Toyota Video

If you had to drive a Prius you’d be hacked off too

Toyota Prius

This story is more than a little disturbing. You think of big multi-national banks getting hacked. You think of your computer picking up a dodgy virus. But how many of us have ever thought about our cars being hacked?

Andy Greenberg from Forbes recently met up with a couple of geeks to show us what it’s like to drive a car that wasn’t really in his command:

As I drove their vehicles for more than an hour, Miller and Valasek showed that they’ve reverse-engineered enough of the software of the Escape and the Toyota Prius (both the 2010 model) to demonstrate a range of nasty surprises: everything from annoyances like uncontrollably blasting the horn to serious hazards like slamming on the Prius’ brakes at high speeds. They sent commands from their laptops that killed power steering, spoofed the GPS and made pathological liars out of speedometers and odometers. Finally they directed me out to a country road, where Valasek showed that he could violently jerk the Prius’ steering at any speed, threatening to send us into a cornfield or a head-on collision.

The only saving grace, at this stage, is the hackers have to be in the car with you, with a cable connected to the car’s main ECU in order to get that level of control. However, in a test done back in 2010 remote access was gained to an unnamed make of car through its cellular connection and Bluetooth function. Scary, hey!

It was also interesting to read that Toyota already tests their cars to ensure they’re not vulnerable to a wireless attack. Maybe they, and all manufacturers, might need to up the ante?

[Source: Forbes | Thanks to Aaron for the tip]