nav[aria-label="Primary Navigation"] { padding: 0; & ul { list-style: none; width: 100%; display: flex; flex-direction: row; justify-content: start; align-items: start; gap: 30px; padding: 0; & li { margin: 0; } & ul li { list-style: none; } } }

Hacking Vehicles

NetworkNewb

Hackers Remotely Kill a Jeep on the Highway

Does this make anyone else with UConnect in their vehicle worried?

Find more posts tagged with

SAVE $250 on Your Boot Camp — Use Code "EXAM26"

Exclusively for TechExams members for Infosec Boot Camps starting before April 30, 2026

View Boot Camps

Comments

scaredoftests

I think I would disconnect Uconnect if ever I get a car. Jeep didn't listen to the WhiteHats. I love technology, but leave the car alone.

tpatt100

I WAS DRIVING 70 mph on the edge of downtown St. Louis when the exploit began to take hold.

Why the hell was this being done on a public highway? I know it's more dramatic but I find it irresponsible.

veritas_libertas

@tpatt100: You're not the only one: Wired Jeep hack: Don't let stunt storytelling eclipse the message - Fortune.

I'm shocked they did this.

SoCalGuy858

My company is keeping an eye on this, along with the rest of the IoT world... It'll be interesting to see how this pans out, especially new legislation that may come of it.

scaredoftests

Oh no..not legislation!

veritas_libertas

Because a law fixes everything...

SoCalGuy858

Our government seems to think so...

EDIT: http://www.wired.com/2015/07/senate-bill-seeks-standards-cars-defenses-hackers

Woohoo, laws!

scaredoftests

or how about a study? LOL

SoCalGuy858

I prefer "report". Much more official sounding. Much like this one:

https://www.ftc.gov/system/files/documents/reports/federal-trade-commission-staff-report-november-2013-workshop-entitled-internet-things-privacy/150127iotrpt.pdf

scaredoftests

LOL

tpatt100

Well vehicles have been recalled, I think some legislation from a consumer protection perspective would be useful. Like maybe requiring some basic security planning like keeping the entertainment center with internet connectivity isolated from the stuff that can make you crash.

Fiat Chrysler recalls 1.4 million cars over remote hack vulnerability

NetworkNewb

It also says if you don't pay the monthly fee for the extra features you can't get hacked this way... Those Uconnect features don't really seem to be worth the $15/month they were asking for them anyways. To me at least. Just bought a new Dodge Durango last year.

It was kind of nice to be able to play Pandora directly from the vehicle during my free trial period though.

TheFORCE

Ah the IoT the next frontier of Infosec and another avenue for hackers to steal our stuff.
After many years of internet and software development i would expect IoT to be build a bit more securely! This is not acceptable really.

tpatt100

The whole thing sounds like it was being developed with an "OnStar or Satellite radio" perspective and ignored the trend of people just using their smartphones in their cars with bluetooth or just the auxiliary port. If people are already paying for the phone plans it makes more sense to go with Android Car or Apple CarPlay.

aftereffector

I can't believe that the journalists and the exploit developers chose to do a live test of the exploit on a public road. That was extremely irresponsible, in my opinion, and really detracts from the message that they were trying to get out. If they want to lead with the attention-grabbing "70mph" anecdote, fine, but do it at a track, not on a public highway! We have enough problems without people like Chris Roberts and these researchers convincing the average news article consumer that pen testers are irresponsible hackers trying to break live production systems for lulz or glory.

As far as the exploit, yes, I am worried about it. I'm also worried about Ford Sync and other networked entertainment systems... I seriously doubt that Uconnect is the only system that is exploitable. We just don't know about the other ones (yet).

cyberguypr

First thing I did when I bought my car was disable the On-star like system. Call me old fashioned but I don't want over-the-air nothing in my cars. One of the multiple reasons I could never own a Tesla.

tpatt100

cyberguypr wrote: »

First thing I did when I bought my car was disable the On-star like system. Call me old fashioned but I don't want over-the-air nothing in my cars. One of the multiple reasons I could never own a Tesla.

The "Galactica" defense lol

MTciscoguy

One reason we have seen this technology grow is because it saves the companies a lot of money, when they have to do a software upgrade on a vehicle line, it can be sent to the car and downloaded and installed with no intervention from a auto technician or a shop, they claim it will save the customer money? With everything I have seen in my life, I will never allow my car to be hooked up to a cell network or the internet, not going to happen.