Ram Rebel Forum banner

1 - 11 of 11 Posts

·
Registered
Joined
·
14 Posts
Discussion Starter #1


Last week under the guise of “offering customers improved vehicle electronic security and communication system enhancements”, FCA quietly released a software patch for Uconnect.

This wasn't your run of the mill software update however, professional hackers Charlie Miller and Chris Valasek alerted FCA to vulnerabilities they used to exploit their Uconnect system system and worked with them to patch it.

Miller and Valasek were able to remotely take control of a bone stock 2014 Jeep Cherokee by exploiting the cellular data connection Wi-Fi hot spot equipped Uconnect (with the 8.4 inch screen) vehicles use. The duo was able to crank up the radio volume, speed up the wipers and most alarming, shut the engine off on the highway.

Later in a parking lot they took control of the Cherokee's steering, albeit only in reverse as well as killing the brakes, leaving Wired journalist Andy Greenberg helpless in a ditch.

“Under no circumstances does FCA condone or believe it’s appropriate to disclose “how-to information” that would potentially encourage, or help enable hackers to gain unauthorized and unlawful access to vehicle systems,” the company said in a statement.

“Similar to a smartphone or tablet, vehicle software can require updates for improved security protection to reduce the potential risk of unauthorized and unlawful access to vehicle systems. The software security update, provided at no cost to customers, also includes Uconnect improvements introduced in the 2015 model year designed to enhance customer convenience and enjoyment of their vehicle.”

You can download the patch yourself from driveuconnect.com/software-update/ or you can contact your local dealer to schedule an appointment.

 

·
Registered
Joined
·
254 Posts
Not really that nervous someone is going to do this to my vehicle. I mean, what have I done to make Anonymous angry lately?

Still, it is important to take steps to address this. I read that the US Senate is debating a bill to create standards for cyber security for cars.

Senate Introduces Automotive Anti-Hacking Bill - News - Car and Driver | Car and Driver Blog
hackers are pranksters. Half of what annoymous does is malicious and not motivated by justice in anyway shape or form. All it might take in a few years is a couple of connected kids with a couple of chilled beers...
 

·
Registered
Joined
·
680 Posts
I can only assume that most people are not professional hackers with the know how to do this on their own. I don't suppose we will have the option to turn off the Uconnect wi-fi? At least while I am in it.
 

·
Registered
Joined
·
24 Posts
My guess is no. Likely these were built before the patch. With that said, I would expect dealer prep to take care of it before customer delivery. My truck has version 15.24.1. I can't seem to find that number when I google, and theoretically it is a higher number than version 15.17.5 listed on the update site. But I'm not sure if that's true
 

·
Registered
Joined
·
70 Posts
My guess is no. Likely these were built before the patch. With that said, I would expect dealer prep to take care of it before customer delivery. My truck has version 15.24.1. I can't seem to find that number when I google, and theoretically it is a higher number than version 15.17.5 listed on the update site. But I'm not sure if that's true
That is my understanding, too. I confirmed with my dealer that they had applied the patch prior to accepting delivery and I also have 15.24.1. But just to make sure my dealer was being honest I went to the update site (https://www.driveuconnect.com/software-update/) to check my VIN and it told me my vehicle "qualifies for a software update". Huh? So I called the Uconnect folks and they confirmed that 15.24.1 is the latest and greatest version. Guess my dealer was telling me the truth. Trust but verify...
 

·
Registered
Joined
·
36 Posts
i bought mine at clear lake dodge just south of houston, and i had to apply the patch.....the update was simple, and the lady from uconnect verified the right version was installed....
 

·
Registered
Joined
·
510 Posts
This seems like stuff out of James Bond. Remember this scene?


It's just hard for me to really be afraid of this because it seems so unlikely to happen to me even if its possible. Cyber security breaches keep happening, so I know it does happen, but I think hackers would sooner hack a large data base for a trove of data instead of hacking one random person's car. And if you were to hack one person's car, why not a super luxury car instead of a Ram Rebel?
 
1 - 11 of 11 Posts
Top