Jeep Cherokee hack leads to 1.4-million-vehicle recall

The brightest-eyed proponents of the Internet of Things often seem to envision a world where everything that can have an embedded computer and a network connection of some kind should have those things. Open the door of a modern car, for example, and you're likely to find a sophisticated computer system that's absorbed functions like navigation, entertainment, and climate control into one central interface.

Dig a little deeper, and you'll find that most every onboard system, like the accelerator, brakes, steering, and engine control, are linked together using a standard called the Controller Area Network, or CAN bus. If this sounds similar to the setup of Battlestar Galactica, it kind of is—and recent events on the automotive computing front have been almost as terrifying as the Cylon attack that sets BSG in motion. Wired broke a story earlier this week about a vulnerability in Chrysler's Uconnect onboard entertainment system that allowed a pair of security researchers to remotely take control of a Jeep Cherokee by way of its cellular data connection.

The entire article is well worth a read, but the short version is that many Uconnect-equipped vehicles across the nation could be accessed simply by connecting to Sprint's cellular network using a compatible smartphone's Wi-Fi hotspot. After picking a target, the researchers were able to remotely deploy an exploit that allows them to pass commands over the car's CAN bus, using the Uconnect system as their base of operations.

Once the exploit was in place, the researchers were able to carry out mildly dangerous and distracting attacks like turning on the car's windshield washers, tampering with its climate control system, or blasting the radio. More terrifying is that the car's brakes, steering, or transmission could be interfered with or disabled in the same way—including, as Wired's writer found out, while the car was traveling down a busy freeway.

The consequences of this news have been swift and wide-ranging. Reuters reports that Fiat Chrysler Automotive, Jeep's parent company, has been ordered to recall 1.4 million vehicles by the National Highway Traffic Safety Administration so that a patch can be installed. Reuters also says two members of Congress have introduced a bill to impose stricter security standards for embedded software like Uconnect. For its part, Chrysler says it's implemented "network-level security measures" that prevent the kind of remote access that made the hack possible in the first place. 

Chrysler owners can enter their VIN on the Uconnect site to check whether an update is available. Patching the car requires the update to be copied to a USB stick, which then must be plugged into the head unit. Chrysler warns that "updates can take up to 30-45 minutes and require that your vehicle be parked throughout the software update/installation process."

The story probably won't end here: Wired consulted UCSD computer science professor Stefan Savage for his take on the hackers' findings, and he believes that other modern vehicles could be just as vulnerable as Chrysler's. The importance of security seems likely to grow in magnitude as cars become ever more sophisticated and connected—and researchers continue to pick apart this new fusion of car and computer.

Comments closed
    • d0g_p00p
    • 4 years ago

    Patching your car.

    I don’t know how I feel about that

      • just brew it!
      • 4 years ago

      It’s not like it’s a new concept. A couple of years ago a co-worker needed to have his car’s firmware patched because the “low tire pressure” idiot light kept coming on even though the tires were properly inflated. There’s also been a community of ECU modders for years, who hack their cars’ engine control computers to improve performance.

    • Peter.Parker
    • 4 years ago

    I agree that this is a serious problem.
    However, since the manufacturer seems to favor the lazy approach when it comes to software security, they could fix the problem by hacking and remotely upgrading the car OS for the clients. Ghosting 1.4 million cars might prove a difficult task, but will surely be something fun and exhilarating as opposed to a common recall. I mean, “Recall” .. this so 20th century!!!

    • Krogoth
    • 4 years ago

    This is hardly new.

    This level of remote access is “intentional”. It is meant for dealers to force “leasers” to pay or the dealer gets control of the vehicle and pulls you off to a stop.

      • superjawes
      • 4 years ago

      My wife brought a similar point up, but she pointed to law enforcement being able to shut your vehicle down. The problem with these theories is that neither group needs complete powertrain control. If you want to stop a car on the road, you do just that. Send a command that disables the accelerator and the vehicle will be stopped in no time.

      This hack appears to allow for complete powertrain takeover, so it appears to be an example of stupidity on the design/engineering team’s part.

        • TheJack
        • 4 years ago

        Such a level of stupidity is unlikely, considering we are talking about a huge company, with thousands of engineers.

          • just brew it!
          • 4 years ago

          You’ve obviously never worked at a large company with lots of engineers.

            • bthylafh
            • 4 years ago

            Or, as a Usenet acquaintance calls them, “in-juh-nears”.

            • TheJack
            • 4 years ago

            We shall see. If this happens only with the tested cars, then it might as well have been a mistake, otherwise prepare for a new era.

            • just brew it!
            • 4 years ago

            Even if it is more widespread that still proves nothing. In general, designers of embedded systems are woefully oblivious when it comes to security; “security through obscurity” seems to be the norm.

            • TheJack
            • 4 years ago

            I hope you are right, because it is a bad thing. Not only hacking is a danger, other things like a software bug, data corruption, Nand failure…… could trigger some nasty things.

            • just brew it!
            • 4 years ago

            Indeed. IMO, as we move away from mechanical/hydraulic linkages and increasingly come to rely on “drive by wire” technologies, the automotive industry will likely need to move towards adopting safety and reliability certification practices similar to [url=https://en.wikipedia.org/wiki/DO-178C<]what the avionics industry uses[/url<]. When an errant line of code or an unforseen security exploit can result in loss of life, you need a higher level of assurance that the software works properly under all conditions than we (apparently) have at present. Edit: So in DO-178-speak, the software controlling the brakes and steering would be considered Level A. Any other software that can potentially have an adverse effect on a Level A subsystem is implicitly considered to be Level A as well, and must be certified to the same level of "design assurance". A sane system architecture would physically partition the entertainment system (i.e. put it on a separate communications bus), allowing it to be certified to Level D (or even E, which is effectively no certification at all) instead. You REALLY don't want to do Level A unless absolutely necessary, it can increase development costs by an order of magnitude!

            • superjawes
            • 4 years ago

            I did some DO-254 (electronic hardware) Level A work…JBI is absolutely correct on development costs.

            And actually, I was entirely on the verification end of things, which is where the cost gets kicked up. The logical design of the chips could be completed pretty quickly (a few weeks to a couple of months), but testing and verifying that they meet the 10-20 [i<]thousand[/i<] requirements could easily take a couple of years. Oh, and notice that I said chips. These chips go into boards with other chips, and those boards go into boxes, and several boxes can go onto each plane...and they get JBI's software. FAA safety is serious business. Automotive's one saving grace is that their vehicles are on the ground, and even the most "critical" failures are going to be safer compared to an airborne vehicle. (Engine failure comes to mind...)

            • just brew it!
            • 4 years ago

            Yup. Engine control systems on an aircraft – Level A for sure. If we were applying the same standards to an automobile, engine control would probably be classified as Level C… MAYBE Level B. The levels are classified according to the potential consequences of a random failure (catastrophic, hazardous, major, minor, and N/A), and the ability of the operator to safely deal with the resulting situation. Unless you get stuck on a railroad crossing (AND can’t get out of the vehicle in time), or experience a sudden acceleration surge (AND don’t have time to react before hitting something), an engine control malfunction in an automobile typically isn’t fatal.

    • tbone8ty
    • 4 years ago

    New cars are becoming like cellphones. Advertisements are boasting about basically smartphone features. Nothing about the actual car istelf. No thanks.

    I’ll stick to my analog inline 6 rear wheel drive car.

      • Krogoth
      • 4 years ago

      Tell me about it.

      Cars are meant for transportation. There are not meant to be some kind of communication device or be a fool’s PC.

    • dmjifn
    • 4 years ago

    I am really glad this happened! Most of us certainly knew/suspected/wondered if something like this would eventually be possible. I’m very glad it was [url=http://www.penny-arcade.com/comic/2007/02/09<]uncovered this way[/url<] instead of, you know, [url=https://en.wikipedia.org/wiki/World_Trade_Center<]some other way[/url<].

    • albundy
    • 4 years ago

    KITT…
    yes Michael?
    Enable a bunch of the multi-colored flashing buttons so we don’t get hacked.
    Oh, and Turbo Boost me some more burgers and liquor.

    • chuckula
    • 4 years ago

    NO. NETWORKED. COMPUTERS.
    — Cmdr. Adama

      • sweatshopking
      • 4 years ago

      idkwtf that means, but it sounds nerdy :/

        • odizzido
        • 4 years ago

        you should watch the new BSG. You will understand the comment and also get to watch a good show.

          • TopHatKiller
          • 4 years ago

          Sorry… but not if you watched it to the appalling meaningless end you shouldn’t. Sorry… it was so great, bless Ronald d Moore… but the end. bloody hell.

          • dmjifn
          • 4 years ago

          And maybe if you’re a big enough fan, also play a pretty engaging board game!

    • Ninjitsu
    • 4 years ago

    Who…thought that connecting the driving-related systems of cars to the internet was a good idea? Who’s been asking for that? I’d probably [i<]not[/i<] buy a car just for that - though I'll probably not be buying a car for quite a few years, who knows what'll be 'in' then.

      • ikjadoon
      • 4 years ago

      I don’t have a car like that, but people who do say it’s for wirelessly getting the car started, turning on the AC, etc.

      The easy solution to this particular hack would’ve been as simple as turning off all inbound connections when there is a key in the ignition.

      • dmjifn
      • 4 years ago

      Yeah… this is going to be a thing! Eventually the police will be able to pull your car over for you remotely, too. I’d guess “remote assistance” will be about as likely as traffic cameras.

      • cphite
      • 4 years ago

      Nobody thought that. It wasn’t done intentionally – nobody said “Hey, we should make all this stuff controllable over the internet!”

      Unfortunately, they also didn’t think that someone would be able to remotely access Uconnect (the thing that handles online entertainment) and then from there gain access to the controller area network (the bus handles vehicle control). It was sloppy design, arguably, but not intentional.

      Fortunately it looks like the fix is a fairly straightforward software upgrade.

    • Kharnellius
    • 4 years ago

    “It’s a Jeep thing. “

    • ronch
    • 4 years ago

    My concern is that as this technology/feature gets attention, many other car manufacturers will adopt it to tick off one more bullet point for the sake of competition. As time goes on, it’ll also trickle down to cheaper models. While it’s safe to assume that the technology will be more mature by then, it will by no means become simpler to write the code and code for one model will still differ from another. And that’s the problem. If a cheaper model forces a car maker to cut corners the code may not be as robust. Add to that the fact that more cheaper cars are sold than pricier ones, and you could have the recipe for disaster as more cars on the road become targets.

    • crystall
    • 4 years ago

    The fact that a network-connected computer and the controllers dealing with the drive train & brakes sit on the same bus is worthy of a Picard face-palm. The guy who designed that system on the other hand should be punished by having to manually flash the firmware of every single car affected. Maybe that’ll teach him security best practices.

      • just brew it!
      • 4 years ago

      No kidding! This is a pretty serious (and obvious) flaw, and should’ve never made it past the design review phase, let alone into a shipping product. Even setting aside the possibility of someone intentionally taking control of the vehicle, this is very bad from a safety standpoint in general. If the entertainment system is connected to the same communications bus as critical vehicle systems then all of the hardware and software in the entertainment system needs to be rigorously audited to ensure that it can’t inadvertently cause a vehicle malfunction. Producing the design and verification artifacts necessary to conduct these kinds of safety audits is VERY expensive; because of this you REALLY want to design the system in a way which minimizes the possibility of critical and non-critical systems interacting.

      • ludi
      • 4 years ago

      The problem is that the CAN bus was developed in the early 1990s to be a simple, reliable means of low-bandwidth communication in an environment which is physically abusive and electrically noisy. It was intended to provide a simple standard so that the traditional engine ECU to communicate with other, separate ECUs supporting emerging features such as airbags, electronically-controlled transmissions, factory-integrated keyless entry and alarms, antilocking brakes, and “smart” sensors to support these kinds of systems.

      As cars have gradually gotten more complex, more and more devices and controls have been added to what is basically an unswitched layer-1 network. It never had the kind of security protocols to deal with the Internet of Things and now we’re starting to see the consequences.

        • crystall
        • 4 years ago

        I don’t think the nature of the bus or network involved is relevant here. The problem is that those two things should never have been connected together.

          • superjawes
          • 4 years ago

          I do wire harnesses for heavy diesel vehicles for a living. We have multiple CAN networks set up to separate stuff like this. So yeah, they should not have been connected together.

          I am somewhat curious as to whether they were separated though…it is technically possible that these were separated, but there was basically no security preventing the private network from communicating on the powertrain one. But that would require an added depth of stupidity…

            • jss21382
            • 4 years ago

            They’re not connected, but the Body Control Module is a gateway between the interior and powertrain bus systems. The networks themselves have little to no security features, because everything has to be accessible by aftermarket generic scan tools. So, being that infotainment is the only system that communicates with the outside world, it has to have solid security features.

            Now, back to updating uconnect software, only about 200 more on the lot right now, plus half the cars that come in for service.

            • Redocbew
            • 4 years ago

            There has got to be ways to make things friendly to those scanner tools without leaving everything wide open, but yeah… It’s either that, or completely overhaul the entire system with a new network. Without something like this happening the chances of that being done on merit alone usually aren’t great.

            • superjawes
            • 4 years ago

            Then the BCM should have the basic security of blocking powertrain commands from external sources. The entertainment system would only need to–at most–read messages from the powertrain network. Reading messages is not a safety issue, so that should be easy to allow. Being able to send external powertrain commands is a problem, and the module doing the gateway work should be able to filter out those messages.

      • odizzido
      • 4 years ago

      That’s exactly what I thought as well. I am extremely surprised that life critical systems would have anything to do with the open fluff systems.

    • AJSB
    • 4 years ago

    Dubious (elements of )Secret Services or specific “needed to do” Black Ops of any Nation have to love Uconnect or DAB…nice way to get rid of “unpleasant” elements w/o a trace…”oh, poor guy, died in a car accident” >:”)

      • DoomGuy64
      • 4 years ago

      [url<]http://www.foxnews.com/us/2013/08/22/michael-hastings-asked-to-use-neighbor-car-night-his-death-report/[/url<]

        • AJSB
        • 4 years ago

        …but of course he suffered a relapse…they always do…always best diversion/cover…that and “heart attacks”…never fails >:”)

      • TheJack
      • 4 years ago

      I was wondering why a cars brakes and steering need to be online. Seems you got the answer.
      How do manufacturers themselves explain this sort of stuff?

        • AJSB
        • 4 years ago

        They don’t…they just whistle away and pretend that didn’t heard your question >:”)
        Just don’t ask too loud…or you might attract the wrong kind of attention O_o

        As for me figured this out…using parts of a music lyrics, “You wan’da step into my World (?) It’s a sociopsychotic state of bliss”…but nevertheless, sometimes i’m right or so it feels 😀

        • Voldenuit
        • 4 years ago

        [quote<]I was wondering why a cars brakes and steering need to be online. [/quote<] From what I understand, the ability to turn off the brakes in software is useful in some maintenance and service operations. The ability to steer (in reverse only, in the case of the Jeep) and apply the gas is used in auto-park systems. The real problem is that Fiat Chrysler (and indeed all other automakers) are using the CAN bus instead of creating a separate higher-level data and power bus specifically for in-dash, navigation, connectivity and entertainment purposes.

          • TheJack
          • 4 years ago

          In that case the conclusion would be that the cons far outweigh the pros. Just thinking that my care can be remote controlled while being driven simply disgusts me. So AJSBs explanation could really be the real purpose. DO NOT BUY. screw those patches.

    • Meadows
    • 4 years ago

    What do the brakes even have to do with the GPS or radio? Why are they even linked together?

      • VincentHanna
      • 4 years ago

      If you had traveled 10 years into the future as I have, and seen what I’ve seen, you wouldn’t ask that.

      • jss21382
      • 4 years ago

      The vehicle speed and yaw sensors are part of the braking system, which are inputs to the gps system. They’re linked together, because every system on the car uses data provided by other networked systems. They’re not connected, it’s more like radio is on the pci bus and the powertrain systems are on pci-e, with a controller translating between them. Then each system itself has sub networks it uses for various inputs and outputs.

    • rika13
    • 4 years ago

    The real issue is that automakers seemed to have someone with the conern level of a honey badger working as the IT security consultant. These systems should have been airgapped, not connected via an insecure bus. This is why we should ban driverless vehicles and require that the driver always be able to assert control.

    • the
    • 4 years ago

    Huh, I spent a week driving one of these and I didn’t need to worry about being hacked. Not that anything special was done to the vehicle to patch the security holes but rather I was driving around rural Arizona where internet speeds are dial up and cell service can be totally non-existant, even for voice.

    On the bright side, the car is smart enough to tell you when something has punctured your tire before it completely deflates. It helps you find a nice bit of shade so you can talk to some vultures while you wait for road side assistance to arrive.

    • Gyromancer
    • 4 years ago

    Game Theory did an episode on this a year ago, pretty crazy stuff, really cheap to do as well: [url<]https://youtu.be/tNPXoydz_zQ[/url<]

    • Star Brood
    • 4 years ago

    Economics and computer hacking are the wars of our time.

    • TopHatKiller
    • 4 years ago

    Funny. But! Even worse! Here in the UK one of those crypto-firms announced yet another hack route – DAB radio. Apparently the bandwidth available to DAB can be hijacked by ‘viruses’ of some kind and take over your car’s computer systems. Leading to your death.
    Sheesh, this makes me glad I can’t drive. I mean, me, I’d be too worried about driving over people in the first place – what with my incompetence, poor motor skills and excessive alcohol consumption – but to think the car itself could deliberately annihilate people on the road!!
    god, I’m really glad I can’t drive: good luck to you poor, pawns of russian bots, that can!

      • sweatshopking
      • 4 years ago

      thanks, thk. LUCKILY, CANADIANS AREN’T REALLY HUMAN BEINGS, SO I DON’T HAVE TO WORRY.

        • TopHatKiller
        • 4 years ago

        Most relived, and gratified, by your comment. No need to thank me however, I don’t [i<]think[/i<] it's me hacking DAB-radio.

      • ronch
      • 4 years ago

      [quote<]excessive alcohol consumption[/quote<] Aha!

    • superjawes
    • 4 years ago

    You basically need two wires and two terminating resistors to set up a CAN network. Then you just plug in electrical devices to that network and they can all talk. Here’s a fancy thing…you can use ANOTHER two wires terminating resistors and set up a SEPARATE CAN network for different features like…I don’t know…preventing your Jeep from becoming an oversized RC toy.

    /dayjob

    • krazyredboy
    • 4 years ago

    But… I thought, that is why Battlestar Galactica’s computers weren’t networked? Just to keep this scenario FROM happening…

    • brucethemoose
    • 4 years ago

    Scary stuff. I’m sticking to cars that don’t have core systems connected to the Internet 24/7, thank you… That’s my phone’s job anyway.

      • NeelyCam
      • 4 years ago

      Is your phone connected to you car by any chance…? E.g., through bluetooth…?

        • brucethemoose
        • 4 years ago

        Nah, it uses an analog AUX cable and a dumb power cord.

        If someone manages to hack my phone, and THEN hack my car’s computer using an analog input, I wouldn’t even be mad. The hacker would also have to deal with a ton of noise from music + the alternator, then deal with the ECU of a strange/obscure engine like my 13B wankel.

      • superjawes
      • 4 years ago

      Someone had a major brain fart over at Chrysler. The vehicles I work on (heavy duty trucks) are dated in the technology department, but they’ve still had multiple CAN networks for nearly a decade. This system should have been isolated to the private J1939, and anything on the private network should have to ask permission to the body controller (or some other control module) to send ANYTHING to the powertrain network.

    • UnfriendlyFire
    • 4 years ago

    And while we’re on the topic about security: [url<]http://www.bbc.com/news/technology-33642728[/url<] "The best-selling smartwatches on the market all have security problems, according to US tech giant Hewlett-Packard." "Only half the watches had a lock function to prevent people other than the owner accessing data stored on it" "A third of the smartwatches allowed unlimited login attempts, which could help attackers guess passwords"

    • bthylafh
    • 4 years ago

    Jaysus, people, don’t network together your essential and nonessential hardware. Something for accessing potentially untrustworthy remote data should not be able to talk to the engine or brake controller.

      • xeridea
      • 4 years ago

      I don’t even know why they feel the need to computerize everything? What is wrong with having normal brakes, steering, and accelerator, electronic transmission to prevent idiots from breaking it, and having knobs and buttons for radio? I would hate to buy a new car these days because the fancy touchscreens are harder to use, and severely distracting to drivers, especially at night. And who thought it a good idea to have critical controls on the same system as the radio?

        • jss21382
        • 4 years ago

        It’s not a radio anymore. The system in question is your input to all the vehicle systems. Want the eyebrow lights turned off? it’s in the “radio”, want the cooled seats to come on automatically? It’s in the “radio”, Want to adjust the adaptive cruise or collision avoidance systems? It’s in the “radio”.

        The radio isn’t just a radio any more than your laptop is just a television.

    • Deanjo
    • 4 years ago

    On the upside, my 54 Dodge truck doesn’t have any of these issues and all that is required to do a complete overhaul is a 7/16″, 1/2″, and 3/4″ wrenches.

    Edit: Oh and a flat blade screwdriver

      • ludi
      • 4 years ago

      Have fun adjusting points.

        • Deanjo
        • 4 years ago

        Pffft, got that mastered. Probably one of the few people that still know how to polarize the generator as well. 😀

        • mnecaise
        • 4 years ago

        In building my ’70 Chevy truck, that’s the one modern update I installed, electronic ignition… I hate breaker point ignition.

          • ludi
          • 4 years ago

          Yeah, there are a lot of vintage car shows in my area during the summer, and it doesn’t matter how modded or stock each car is, probably 80-90% of them have an electronic ignition controller bolted to the firewall somewhere.

      • bthylafh
      • 4 years ago

      On the downside, it gets poor fuel efficiency, pollutes like mad, and stands a good chance of killing you in a crash.

        • Deanjo
        • 4 years ago

        Lol, in a crash, who ever hits me is going to be the one probably killed. They made vehicles out of real metal back then. As far as fuel efficiency goes, still gets about the same as my new pickup give or take a mile per gallon.

          • bthylafh
          • 4 years ago

          Ahem:
          [url<]https://www.youtube.com/watch?v=joMK1WZjP7g[/url<]

            • Deanjo
            • 4 years ago

            Trust me, with the old bull bar (a real bull bar, not these chrome decorations they put on nowdays) on the 54 Dodge, there is no crumpling lol. Grandpa used get hammered by the bulls head on and it used to just polish the paint, he also knocked over a bunch of the ornery ones with it.

            I really have to make a video of that old 218 flathead as well. By far the quietest running engine (even with a red bullet muffler on it).

            Here’s a video of the same engine, sounds a bit louder but that’s more than likely because he does not have the oil soaked air filter on it.

            [url<]https://www.youtube.com/watch?v=1CMlzxIbvPM[/url<]

            • dmitriylm
            • 4 years ago

            Controlled crumple zones are what would save your life. If the energy isn’t being absorbed by the crumple zones it’s being absorbed by your body which drastically increases the likelihood of death.

            • f0d
            • 4 years ago

            if no crumpling was actually safe then they would have designed pretty much all modern cars cars to be tough and stiff at the front rear and sides

            it would also save car companies money as millions of dollars goes into designing crumple zones for each car so that the cabin is stiff and strong but the rest will crumple safely

            fact is crumpling SAVES you in a crash as it absorbs the impact

            think of it this way, would you like to be dropped onto a concrete floor from 50ft with or without a safety net to absorb the fall?

            • rika13
            • 4 years ago

            Ever seen an F1 car practically explode when it hits the wall? That is intentional to dissipate the kinetic energy into something other than squishy human.

            • NovusBogus
            • 4 years ago

            [quote<] think of it this way, would you like to be dropped onto a concrete floor from 50ft with or without a safety net to absorb the fall?[/quote<] This comparison presupposes that the vehicle comes to a complete stop, i.e. hits a building or semi head-on. Most of the times it's a battle of weight, and his big heavy truck is almost definitely going to win. I was standing up on a city bus when it sideswiped a car, barely felt the impact.

            • jihadjoe
            • 4 years ago

            [url<]https://www.youtube.com/watch?v=EfRHwlLcMhE[/url<] It's not easy to find crash tests of old pickup trucks, but they come from a time when rigidity was falsely equated with safety. You're probably right about your assessment of crashing into someone else, provided they are driving the smaller car. But crash into someone driving something bigger, or rigid and stationary and it won't be as anywhere near as safe as a modern car.

            • f0d
            • 4 years ago

            nice video

            just goes to show how far we have come making vehicles safer

            vehicles are now more stiffer and stronger where they need to be (cabin area) and crumple where it doesnt matter (everywhere else)

        • James296
        • 4 years ago

        fuel efficiency depends more on the driver and his/her driving style then on the vehicle. of course fuel injection gets better mileage then carb but not if you have a lead foot.

          • bthylafh
          • 4 years ago

          I think we’ve made a *few* improvements in fuel efficiency in the last 60 years, given equal driving styles. More efficient engines, better aerodynamics, lighter structures.

          Obviously a bad driver can get poor efficiency with a new vehicle, nobody with two neurons to rub together is going to contest that. Take the same driver and put him in a ’50s truck and he’ll do worse.

          • Deanjo
          • 4 years ago

          [quote<]f course fuel injection gets better mileage then carb but not if you have a lead foot.[/quote<] Not necessarily. When I had my 86 Chevy Nova it got better mileage than the clone fuel injected Corolla.

        • cheesyking
        • 4 years ago

        While it might chuck more rubbish out the exhaust it probably less polluting over it’s lifetime than most modern vehicles. A huge amount of a vehicles total pollution comes from manufacture and disposal. If only all vehicles lasted for 60+ years verses the 10-15 of modern ones.

          • bthylafh
          • 4 years ago

          OK, George Will.

          There’s a couple problems with that: first off, there aren’t enough old cars to go around so we’d have to make new ones anyway; secondly, most of those old cars would crap out before 100k miles, so you’d be looking at various new parts and/or rebuilds *anyway*, requiring pollution for that on a more frequent basis than for new cars.

          Thirdly, you’re seeing survivor bias. Most of those old cars *did* *not* *last* sixty years. Most of them crapped out at so many tens of thousands of miles and were either scrapped or broken down for parts. Having driven three ’80s Detroit cars, I’m confident that my 10-year-old Honda’s going to last far longer than they did. It’s already beaten each of them for mileage, let alone the fact that every single part and system is still functioning nearly as well as it did from the factory, which I could *not* say about any of my previous cars.

          Your talking point is full of crap.

    • ludi
    • 4 years ago

    Ah, but focus on the positive: with just a few tweaks of this system, we could program software vehicle shutdowns for those pesky situations when execution just shouldn’t continue. I’m envisioning a BSOD such as:

    [code<]A problem has been detected and Jeep Cherokee has been shut down to prevent damage to all that you and other people on the road hold dear. DRIVER_I.Q._NOT_GREATER_OR_EQUAL If this is the first time you've seen this Stop error screen, restart your vehicle. If this screen appears again, follow these steps: Remedial Driving School. If this problem continues, disable or remove any newly installed drivers. Disable BIASED operating conditions such as cursing or tailgating. If you need to use AAA mode to safely add or remove components, restart your infotainment unit, hold the emergency call button for five seconds, and wait for additional assistance. *** STOP: 0x000.... [/code<] So many uses.

    • adisor19
    • 4 years ago

    No. The real problem here is Chrysler not doing the update over the air.

    Why is it that Tesla can do it but nobody else can ?

    Adi

      • oldog
      • 4 years ago

      Um, because they don’t have any dealerships to speak of?

        • wimpishsundew
        • 4 years ago

        They are asking owners to download the update and put it on a usb stick.

        Tesla can do it OTA but Chrysler requires extra work.

      • nanoflower
      • 4 years ago

      So you trust the company that didn’t have any security on the car’s internal network to have security on updates over the air? Or did you just want to have another vector for bad guys to hack into the vehicle such as creating updates that give them even more control over your vehicle?

        • jihadjoe
        • 4 years ago

        Its funny though that bad guys can hack the cars OTA, but Chrysler can’t fix them in the same way.

      • Deanjo
      • 4 years ago

      I actually talked to a GM engineer about a year ago about that when they were having the rash of firmware updates to address their recalls. Basically it boils down to this, reliability of the flash. Unlike flashing a BIOS in a computer system that has extremely tight voltage regulation, most vehicles do not and voltages can greatly very at any time. This increases the chances of a bad flash which can do some really scary things. GM even stresses to pull the fuse for their Onstar system before attempting any ECU update. The example he gave me is say they tried to push an update while a vehicle was parked with someone in it.

      Well during the flash, they try to start it, open the door or even pump their car stereo. It would be possible with todays cars that have their ignition, door locks and climate controls to all of a sudden have a bad flash possibly locking a person in their vehicle with no way to get out possibly even starting the vehicle and cranking the climate controls to high (and who knows what else). That puts lives in danger and that is not a liability that they don’t want to deal with (and could affect thousands of people).

      In short, it could be a dangerous thing to do. I imagine Tesla is able to do it because of it being an electrical vehicle with all types of voltage regulation everywhere.

        • FireGryphon
        • 4 years ago

        Or they have a system like most regular software updates where the software updates, but nothing takes effect until the next time you restart the system.

          • meerkt
          • 4 years ago

          Yeah. Especially on a car. You keep multiple copies of the software, including the new one being written. After everything is written, configured, verified, you switch the active software with an atomic operation.

        • aceuk
        • 4 years ago

        Wouldn’t having a dual-firmware system that verifies the checksums of updates before they are applied solve that problem?

          • Deanjo
          • 4 years ago

          Amazingly enough, dual-firmware is not present in most vehicles. This is why when flashing the ECU a copy is made to the flasher before upgrading.

            • ronch
            • 4 years ago

            They should’ve asked Gigabyte to make their board for them.

        • prestonfaiks
        • 4 years ago

        I doubt that the point of load power supply for the electronics is really that flaky. Power supply design is well understood and its easy to isolate the low voltage/power, from the higher power devices.

        Embedded computer designers just don’t put that much effort into making firmware updates easy, because they don’t expect people will have to do it very often.

Pin It on Pinterest

Share This