Extreme TechET is not always the most reliable of sources. I know that I have called them out on items which were away from their zone of expertize. But this is about computers which they do know something about.

Everytime I see this being exhibited on TV, they have a guy sitting in the passenger seat with a lap top and a wire connected to the vehicle.I think I would notice that.. :BHowever, FCA has software updates (some owners can download it themselves) to add a safety factor.

Remember when Tony Soprano would buy a new Caddy, he would always have the Onstar system ripped out. :DMy Ford has Sync by Microsoft on board. There's probably Chinese hackers riding with me every day.PS- any designer who created ANY connectivity between a vehicle's powertrain systems and infotainment / comms is just asking for trouble. :S

CORRECTION: All vehicles can be hacked.

This article from Wired is what the ExtremeTech article is summarizing. It's a very real thing - Chrysler released a patch for it this week, but it's a manual install. Expect to see a lot more stories like this in the coming years.The auto makers are going to make all the same security mistakes that computer companies have made over the past 30 years because they think they know what they're doing and they don't. Car companies don't make good software just like appliance companies don't, cable companies don't, stereo companies don't and on and on.

sch911 wrote:CORRECTION: All vehicles can be hacked.There is no doubt that any vehicle with an IP Address needs to have a solid firewall between it and the operating system of the vehicle. There should be no internet connectivity at that level. I have no idea if someone could grab the IP address of a vehicle remotely but they should not be able to do so.

Chrysler vehicles can be hacked | Good Sam Community

50 Replies

DakotaDad
Explorer
Jul 25, 2015
itguy08 wrote:

Then why target Chrysler? Why not go after the biggest target, OnStar? OnStar has been doing this for quite a long time and offers many of the same features as Uconnect, all through the cellular vote and data networks. OnStar can remotely unlock doors, start the car, etc...

It could just be that Chrysler's system (like their vehicles) was poorly engineered.

Why? Because, as usual, you're really only looking to bash one brand, not really investigate the issue. Even a simple search would have found the following:

GM working to close OnStar security hole dug up by DARPA

"General Motors is developing a fix for its OnStar telematics system after researchers found a way to hack into one of its cars and take over several functions, including the brakes."

"Last week, BMW revealed that it had fixed a flaw in its ConnectedDrive telematics system that was discovered by a German automobile club and could allow someone using a fake cellular tower to connected to an individual car and open its windows or unlock its doors. More than 2.2 million cars were susceptible to such a breach."

Hackers find weaknesses in car computer systems

Savage wouldn't identify which manufacturer made the car they hacked into. But two people with knowledge of the work said the car was from General Motors and the researchers compromised the OnStar safety system, best known for using cellular technology to check on customers and call for help in a crash. The people didn't want to be identified because they were not authorized to speak publicly on the matter.

GM wouldn't comment on the research, but the company issued a statement saying it takes security seriously and is putting strategies in place to reduce risk.

One of the people said GM engineers initially dismissed the researchers' work, but after reading the report, quickly moved to close holes that allowed access to the car's computers.

Are GM and BMW also poorly engineered?

There will be more reports of these types of events. Security is something that's complex, changes rapidly, and takes only one tiny mistake to make the whole effort worthless. Microsoft has a hard time keeping a constantly patched OS secure, and it's their business. Car companies have some painful lessons to learn in the process of accomplishing the same thing.
itguy08
Explorer
Jul 25, 2015
bwanshoom wrote:
Don't kid yourself that other car manufacturers are handling security any better.

Then why target Chrysler? Why not go after the biggest target, OnStar? OnStar has been doing this for quite a long time and offers many of the same features as Uconnect, all through the cellular vote and data networks. OnStar can remotely unlock doors, start the car, etc...

It could just be that Chrysler's system (like their vehicles) was poorly engineered.
bwanshoom
Explorer
Jul 25, 2015
itguy08 wrote:
Looks like Chrysler is recalling them now:
FCA 1.4M Recall

That's what you get for pairing the lowest quality vehicles (FCA) with the lowest quality cell phone provider (Sprint).
Don't kid yourself that other car manufacturers are handling security any better.
itguy08
Explorer
Jul 24, 2015
Looks like Chrysler is recalling them now:
FCA 1.4M Recall

That's what you get for pairing the lowest quality vehicles (FCA) with the lowest quality cell phone provider (Sprint).
larry_barnhart
Explorer
Jul 22, 2015
Just saw on tv that the hackers were trying to see if they could do the hack not hurt anybody. Showing it could be done for the auto companies.

chevman
BenK
Explorer
Jul 22, 2015
Just the first of an upcoming explosion of these and the 'kids'
will continue to play games with these...

OBTW...many of the interns we hired were working on black badge
programs mentioned in the first youtube...

Sample #1 Digital Carjackers Show Off New Attacks
Hacker autohackers autohack autonomous

Sample #2 Digital Carjackers Show Off New Attacks

Firewall the auto WiFi....well, if you have a cell phone with you
and turned on the Blue Tooth to monitor the engine/tranny/etc...well
you may have just compromised your fire walled auto WiFi...or just
plug it into the diagnostic port to read codes...

Or...you replace something and got the parts from any brand automotive
supply store...if it has any potential connection to the various
computers or the vehicle network...it can have something embedded
in it's PROM that will allow anyone who has the code...to take
over your vehicle...

PS...buyers have pretty much asked for all of these bells and
whistles...plus to have them 'Highly Integrated'...be careful of
what you ask for...
fj12ryder
Explorer III
Jul 22, 2015
Easy there Henny Penny. :)
buta4
Explorer
Jul 22, 2015
What with the present computer systems and associated softwares installed in newer trucks and cars, and the soon to be popular (probably) self-driving vehicles, just wait and see what terrorists do with it. And they will, eventually.

Picture massive all-of-a-sudden accidents etc.

Scary to even think about.
:(
BenK
Explorer
Jul 22, 2015
All it will take is for someone to plug one of these or like one
of these into their vehicle...or own one with OEM DVD players
running WiFi...

Amazon...Pupug WiFi 3G Android 4.2 Car DVD Player For Ford Mondeo Focus Stereo Radio WiFi 3G GPS (7 Inch, Black, Silver)
DVDWiFi wifi

Or this marketing ad over in China for a Ford....

Ford car DVD GPS mutimedia system, OEM Factory Headunit for Ford C-max, Focus, S-max, Mondeo cars, All-In-One Indash Sat-Nav radio Specially made for Ford, DVB-T TV tuner optional, ipod ready, HD Digital Touchscreen of 800 * 480 Resolutions, Original steering wheel match, Bluetooth handsfree and USB Port / SD Slot/ Aux In! Some dvds come with TPMS, Notebook, PIP function, Virtual CDC Ipod ready!

You are now visting the most professianl and famous Car dvd gps player stock market in China!

How many marketing ads have come out in North A with kids kept
'busy' back there viewing DVD's that are not wired, but WiFi fed?

Or that they are playing games with each other and buddies over
the Internet via vehicle WiFi...

You can firewall all you want and just one 'feature' can then
become the back door...

As posted here a loooong time ago when many were touting the GREAT
'Highly Integrated' stuff on our vehicles...that they will now
have to have anti-virus/firewalls/etc just like their home PC's...

I'm going to buy some anti-virus company stock...issue is which
one will come out with a 'vehicle' based product "FIRST"....
ib516
Explorer II
Jul 22, 2015
The correct title of this thread should be "American Chrysler vehicles can be hacked".

The Canadian ones cannot because the 3G (cellular) connectivity is unavailable in Canada eh.

Forum Discussion

Chrysler vehicles can be hacked

50 Replies

About Travel Trailer Group

Related Content

Who misses the Tow Vehicle discussions?

Chrysler UConnect

Ebay Hacked

Photobucket Hacked?

Chrysler Crossfire