The December 2022 issue of IEEE Spectrum is here!

Close bar

Hackers Commandeer a Moving Jeep

Of course, it's staged, and Jeep has now issued a security patch. But it shows how full of holes automated autos can be

2 min read
Hackers Commandeer a Moving Jeep
Photo: Chrysler

Two hackers took remote control of a Jeep on a highway, turning on music, windshield wipers, and the air conditioning system. Then they flashed their smiling faces on the display.

It was all staged, of course, by our redoubtable rival, Wired magazine, whose Andy Greenberg knew only that he’d be hacked, not how. In fact, after recovering from the poltergeist-like possession of the Jeep’s peripheral features he got the full treatment: the transmission cut out and he slowed to a crawl. 

Staged or not, it was a genuine demonstration of the point that hackers Charlie Miller and Chris Valasek have been making with such tricks over the years: today’s connected cars are full of holes. More tricks are in store, from them and others, including a hacker-fest which Tesla is sponsoring at a “black hat” hacker’s convention early next month Las Vegas. The goal is to breach the security of a Tesla Model S.

At that convention Miller and Valasek will give details on how they commandeered the Jeep. All they’ve said so far is that they entered it via Chrysler’s Uconnect car communications system, needing to know nothing more than the Jeep’s IP address.

Such systems are typically the weakest point in today’s car. Last year a 14-year-old at a computer summer camp bought $15 worth of parts to build a box that let him hack into a Chevrolet Impala, exploiting General Motors’ Onstar communications system.

Fiat Chrysler, the manufacturer of the Jeep, denounced the pair for describing the exploit, even though the company—after working with the hackers for nine months—has been able to cover this particular hole with a software patch, which it has issued to Jeep owners.

“Unfortunately, Chrysler’s patch must be manually implemented via a USB stick or by a dealership mechanic,” writes Greenberg. “That means many—if not most—of the vulnerable Jeeps will likely stay vulnerable.”

The Conversation (0)

Chinese Joint Venture Will Begin Mass-Producing an Autonomous Electric Car

With the Robo-01, Baidu and Chinese carmaker Geely aim for a fully self-driving car

4 min read
A black car sits against a white backdrop decorated with Chinese writing. The car’s doors are open, like a butterfly’s wings. Two charging stations are on the car’s left; two men stand on the right.

The Robo-01 autonomous electric car shows off its butterfly doors at a reveal to the media in Beijing, in June 2022.

Tingshu Wang/Reuters/Alamy
Purple

In October, a startup called Jidu Automotive, backed by Chinese AI giant Baidu and Chinese carmaker Geely, officially released an autonomous electric car, the Robo-01 Lunar Edition. In 2023, the car will go on sale.

At roughly US $55,000, the Robo-01 Lunar Edition is a limited edition, cobranded with China’s Lunar Exploration Project. It has two lidars, a 5-millimeter-range radar, 12 ultrasonic sensors, and 12 high-definition cameras. It is the first vehicle to offer on-board, AI-assisted voice recognition, with voice response speeds within 700 milliseconds, thanks to the Qualcomm Snapdragon 8295 chip.

Keep Reading ↓Show less