Chrysler is striving to turn the traditional automobile into a smart, connected device – and although it’s an innovative, exciting concept, there’s a significant downfall. Chrysler’s UConnect system, which has been installed into cars since the end of 2013, is an Internet-connected feature that controls entertainment and navigation capabilities while offering a Wi-Fi hot spot.
Sounds great, doesn’t it? Not so fast… UConnect actually has a major vulnerability – allowing anyone who’s aware of the car’s IP address to gain access, even if they’re in a far away location. This means an attacker could take complete control of your car – taking you right off the road in an instant.
The Software Bug That Puts Lives at Risk…
Charlie Miller, a researcher looking into the vulnerability, explained, “this might be the kind of software bug most likely to kill someone.” In fact, in a live demo, the vulnerability was exploited to cut off the transmission and brakes in a Jeep Cherokee.
As you can imagine, this is extremely dangerous, especially considering the attacker doesn’t need physical access to the vehicle. The attacker doesn’t even need to be in a nearby region! At the moment, researchers are withholding various details on the bug, in order to prevent the bug from being exploited.
If you’re currently driving an impacted vehicle, get to the dealership or install the patch manually using a USB immediately. Don’t wait. The patch can be downloaded here.
My philosophy when starting OTT was I wanted to create a place that I would want to work at (fun and friendly.) Where there was no corporate politics and we could just do our job fixing things and helping people. We can help people with their technology and not be arrogant or condescending to people. We can actually make a difference in peoples lives and not just say it but do it.