RSS Feds fretting over remote hack of Jeep Cherokee

[Ringo64]

Filed under: Government/Legal, Jeep

A cyber-security gap that allowed for the remote hacking of a Jeep Cherokee has federal officials concerned.

Continue reading Feds fretting over remote hack of Jeep Cherokee

Feds fretting over remote hack of Jeep Cherokee originally appeared on Autoblog on Thu, 23 Jul 2015 22:13:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments

http://www.autoblog.com/2015/07/23/feds-fretting-jeep-cherokee-remote-hack-exclusive/

[Professur]

But of course ..... Gov't must be seen to be DOING something. Never let a good crisis go to waste.

[Ringo64]

Shouldn't Jeep be fretting, not Feds?

[Professur]

Yep ... but the public awaits ... never let it be said the gov't passed up the chance to tell someone what to do ... particularly when they were going to do it anyhow.

[Frosty]

This is a threat that I know GM is taking seriously. The best man in my wedding is a project lead at the GM Tech Center on in-car cyber-security. The University of Washington was able to successfully hack a GMC Yukon that GM provided them well over 2 years ago. This hacking proof of concept demostrated to GM the need for in-car cyber security. Now I have no clue where GM is at in terms of maturity or product availability. I certainly hope this doesn't mean regular trips to the dealership for software/firmware patching (ala Microsoft Super Tuesdays) but i won't rule it out either. I guess this is the price we pay for living in a cyber-world.

[Ringo64]

This is a threat that I know GM is taking seriously. The best man in my wedding is a project lead at the GM Tech Center on in-car cyber-security. The University of Washington was able to successfully hack a GMC Yukon that GM provided them well over 2 years ago. This hacking proof of concept demostrated to GM the need for in-car cyber security. Now I have no clue where GM is at in terms of maturity or product availability. I certainly hope this doesn't mean regular trips to the dealership for software/firmware patching (ala Microsoft Super Tuesdays) but i won't rule it out either. I guess this is the price we pay for living in a cyber-world.

 

I would hope active OnStar users would be able to "download" it if an update is needed

[Ghost]

Shouldn't Jeep be fretting, not Feds?

 

shouldnt it be the people?

 

This is a threat that I know GM is taking seriously. The best man in my wedding is a project lead at the GM Tech Center on in-car cyber-security. The University of Washington was able to successfully hack a GMC Yukon that GM provided them well over 2 years ago. This hacking proof of concept demostrated to GM the need for in-car cyber security. Now I have no clue where GM is at in terms of maturity or product availability. I certainly hope this doesn't mean regular trips to the dealership for software/firmware patching (ala Microsoft Super Tuesdays) but i won't rule it out either. I guess this is the price we pay for living in a cyber-world.

 

i havent been following new tech in cars but what are we getting in cars now, that this security is necessary? would we be able to mod or "hack" our own (future) cars to disable any connections whatsoever? 

[Ringo64]

i havent been following new tech in cars but what are we getting in cars now, that this security is necessary? would we be able to mod or "hack" our own (future) cars to disable any connections whatsoever? 

 

Logically, the more "tech" you have on a vehicle that eases connection points (e.g. say the WIFI in Chevy vehicles, OnStar related services in all big manufactures now, etc...) this is opening connection points for hackers to come in as well. It is a large concern especially with services now like OnStar that have some good control over some vital parts of your vehicle. I am not sure what Frosty is referencing but I'm sure it is something similar.

[Professur]

The Onstar network was proprietary. It used it's own frequencies and codes. Unless you had either inside knowledge or a 'rosetta stone' it was just indecipherable bits. The problem today is they're trying to link in with generic, open standards Wifi. The same wifi that pre-teens have been hacking for decades.

[Frosty]

Logically, the more "tech" you have on a vehicle that eases connection points (e.g. say the WIFI in Chevy vehicles, OnStar related services in all big manufactures now, etc...) this is opening connection points for hackers to come in as well. It is a large concern especially with services now like OnStar that have some good control over some vital parts of your vehicle. I am not sure what Frosty is referencing but I'm sure it is something similar.

Consider that police can already call OnStar and disable a stolen vehicle once they give proper ID and the VIN to an OnStar agent, you can see the control over your vehicle these systems have. Imagine this in the hands of a rogue or organized terrorist.

The UW proved that cars could be hacked and there is a need for cyber security for cars in the first place.

[havoc1482]

Manufacturers would have to give you downloads in a manner where they could be forced upon you. Like via OnStar. You can't run the risk of some people having outdated software leaving them vulnerable and endangering themselves and others.

 

Also, don't buy a vehicle with Park Assist haha