New vulnerability lets attackers hijack Chrysler vehicles over the web - READ THIS!!! - Page 3
NEWS
 
  1. Welcome to Chrysler 200 Forum : Chrysler 200 Forums – General discussion forum for Toyota Trucks

    Welcome to Chrysler 200 Forum : Chrysler 200 Forums - a website dedicated to all things Chrysler 200.

    You are currently viewing our forum as a guest, which gives you limited access to view most discussions and access our other features. By joining our community, at no cost, you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content and access many other special features. Registration is free, fast and simple, Join Chrysler 200 Forum : Chrysler 200 Forums today!
     
+ Reply to Thread
Page 3 of 8 FirstFirst 1 2 3 4 5 ... LastLast
Results 21 to 30 of 76

Thread: New vulnerability lets attackers hijack Chrysler vehicles over the web - READ THIS!!!

  1. #21
    Senior Member New2Chrysler2015's Avatar
    Join Date
    Jan 2015
    Posts
    323
    Thanks
    0
    Thanked 22 Times in 20 Posts

    Default

    Quote Originally Posted by PlymouthBob View Post
    I've been to the web site twice, put in my vin and told twice there is no update for my vehicle. Is this for all uconnect systems?

    It will happen unless you change the security settings on your browser. Google Chrome kept telling me the same thing until I allowed unsecured scripts. Also after you type in your VIN (or copy and paste) hit the "delete" key on your keyboard to remove any empty spaces after it.

    I had to make several attempts on both updates I performed. Its not a real user friendly site.

  2. Remove Advertisements
    Chrysler 200 Forum
    Advertisements
     

  3. #22
    Senior Member slope's Avatar
    Join Date
    Aug 2014
    Posts
    410
    Thanks
    28
    Thanked 47 Times in 40 Posts

    Default

    You mean to release the patch as a recall, since one is already available on a come in basis

    But guys I think someone was hacking into my 9 speed transmission for the past year
    I bet someone from GM and Ford has been adjusting my shift patterns from their office chairs
    2015 Chrysler 200 Limited FWD 2.4L I4
    Billet Silver Metallic, Comfort Group, Convenience Group
    HID conversion, Winter Car
    Alpine MRV-F300 4 channel amp
    Alpine Type S dash tweeters
    Audio Control Epicenter Plus/LOC
    Audio Control EQX Equalizer
    JL Audio 500/1 subwoofer amp
    JL Audio CP-112-W0V3 subwoofer
    JL Audio C2-650 Door speakers



  4. #23
    Junior Member
    Join Date
    Apr 2015
    Posts
    24
    Thanks
    0
    Thanked 4 Times in 2 Posts

    Default

    New2Chrysler2015:

    The link to the patch is in the 3rd paragraph of my first post to this thread...

    Regards,
    D2

  5. Remove Advertisements
    Chrysler 200 Forum
    Advertisements
     

  6. #24
    Senior Member New2Chrysler2015's Avatar
    Join Date
    Jan 2015
    Posts
    323
    Thanks
    0
    Thanked 22 Times in 20 Posts

    Default

    Quote Originally Posted by D2015Blue200c View Post
    New2Chrysler2015:

    The link to the patch is in the 3rd paragraph of my first post to this thread...

    Regards,
    D2
    I've already downloaded the latest uconnect update just last week. Although it was "released" in July the file was created in April. I know because when I right click on the unzipped file and go to details it shows the date it was "modified".

    So the problem with Chrysler's uconnect site is there are no release notes which describe what has been updated. So, without knowing specifically what has been updated in the latest release how can we know the vulnerability has been patched?

  7. #25
    Member
    Join Date
    Jun 2015
    Location
    canada
    Posts
    44
    Thanks
    6
    Thanked 1 Time in 1 Post

    Default

    Tried to download this
    said it was for us vehicles only
    bill

  8. #26
    Senior Member
    Join Date
    May 2015
    Posts
    112
    Thanks
    27
    Thanked 8 Times in 8 Posts

    Default

    What is the difference between US and CA sold vehicles?
    Chrysler Limited 200 - 2,4L - 2015,
    Comfort Group, Uconnect 8.4A Multimedia Centre, 18" Satin Silver Aluminum

  9. #27
    Senior Member ChryslerCares's Avatar
    Join Date
    Jul 2011
    Location
    Aurburn Hills, MI
    Posts
    441
    Thanks
    18
    Thanked 77 Times in 62 Posts

    Default

    Quote Originally Posted by New2Chrysler2015 View Post
    Ok, first off these two are releasing the information to other hackers and should and may very well be sued for everything they and their families own. If I find out the Chrysler 200 becomes or is already vulnerable due to this I Will sue them as well as Chrysler myself!!

    Secondly "ChryslerCares", Chrysler needs to be on top of this as of two years ago. If Chrysler thinks I was a pain in the backside when I had Transmission issues, I am originally from Michigan and not afraid to take a drive back there or where ever their new HQ may be and deal with them in person along with my lawyer.

    That patch needs to be released this week!
    Hi New2Chrysler2015,
    The patch has already been developed and was released earlier this week. If your vehicle is in need of the update, I would recommend you contact your local dealership to schedule an appointment with the service department. Let me know if you have any questions!

  10. #28
    Junior Member
    Join Date
    Apr 2015
    Posts
    24
    Thanks
    0
    Thanked 4 Times in 2 Posts

    Default

    Quote Originally Posted by New2Chrysler2015 View Post
    I've already downloaded the latest uconnect update just last week. Although it was "released" in July the file was created in April. I know because when I right click on the unzipped file and go to details it shows the date it was "modified".

    So the problem with Chrysler's uconnect site is there are no release notes which describe what has been updated. So, without knowing specifically what has been updated in the latest release how can we know the vulnerability has been patched?
    The info is available just before you start the download:


    WELCOME TO THE UCONNECT® SOFTWARE UPDATE SITE

    GET STARTED
    UPDATE AVAILABLE
    FREQUENTLY ASKED QUESTIONS
    READY TO UPDATE?

    The software update for your 2015 CHRYSLER 200x FOUR-DOOR SEDAN equipped with the Uconnect 8.4AN AM/FM/BT/Access/NAV system qualifies for a software update available by download.
    BEGIN TUTORIAL
    GETTING STARTED
    DOWNLOADING NETSESSION
    OPEN FILE AND INSTALL
    DOWNLOADING THE UPDATE
    INSTALLING THE UPDATE
    TUTORIAL COMPLETE
    TUTORIAL COMPLETE

    If you cannot complete the Akamai NetSession Interface installation, or if you encounter any issues with downloading updates by using the Akamai NetSession Interface, you can download software updates by clicking the direct download link for each available update.

    Click here to go to your available software updates.

    To return to the beginning of the tutorial, double-click "Previous".

    PREVIOUSSKIPNEXT
    Should you encounter any issues with your update, please contact the Uconnect® Customer Care Center at 1-877-855-8400 and press # to reach a customer support technical specialist. In Canada, please call 1-800-465-2001 (English) or 1-800-387-9983 (French).

    Update 1: UCONNECT® 8.4AN_RA4_15_17_5_MY15 (download)
    Service Bulletin ID: 8-31-15 & 8-35-15
    Release Date: 2015-07-15
    Instructions:
    Once you have downloaded this software update, click here for instructions on how to apply the update to your vehicle.

    In This Version:

    Should you encounter any issues with your update, please contact the Uconnect customer care center at 1-877-855-8400, and press # to reach a customer support technical specialist. Canadian residents , call 1-800-465-2001 (English) or 1-800-387-9983 (French). Residents outside the US and Canada please see your dealer.

    This update contains the following improvements and or additions:
    -Improved Radio security protection to reduce the potential risk of unauthorized and unlawful access to vehicle systems (Applies to US market only)
    -Enhanced performance in Navigation, AM/FM Sound Quality and Voice Recognition

    Regards,

    D2

  11. #29
    Senior Member ChryslerCares's Avatar
    Join Date
    Jul 2011
    Location
    Aurburn Hills, MI
    Posts
    441
    Thanks
    18
    Thanked 77 Times in 62 Posts

    Default

    Hi Guys,
    If you have questions regarding the article that was released, I would recommend you visit our blog page http://blog.fcanorthamerica.com/2015...e-hacked-jeep/ for more information. After reading this post, if you have additional questions, please feel free to reach out to me!

  12. #30
    Senior Member New2Chrysler2015's Avatar
    Join Date
    Jan 2015
    Posts
    323
    Thanks
    0
    Thanked 22 Times in 20 Posts

    Default

    [Quote/]This update contains the following improvements and or additions: -Improved Radio security protection to reduce the potential risk of unauthorized and unlawful access to vehicle systems (Applies to US market only) -Enhanced performance in Navigation, AM/FM Sound Quality and Voice Recognition

    Regards,
    D2[Quote/]

    "Improved Radio Security" That update fails to say anything about preventing a hacker from controlling any and all functions of your vehicle to include engine, transmission, steering, brakes, emergency brakes, windows, wipers, heat, A/C, Door Locks, causing your car to crash into a wall, fence, another car, pedestrian, semi, drive off a cliff etc..

    Think about it. If someone had maliciously and successfully hacked someone cruising down the freeway at 70mph or more how they could have toyed with them or simply caused a very bad and potentially deadly wreck and there would be Nothing the driver or anyone else in the car could have done to stop it.

    Why in the world do the sytems that operate the drive train EVER need to be on the same system as the radio? They should be two completely separate computer systems with NO (ZERO, NONE, ZIP, NADA) possibility of outside control!!

    Now that I know this exists I should Never expect my car to be stolen, and if it is it had better be located, shut down and locked within 5 minutes of me reporting it to Chrysler.

    Who would have read that and thought they were preventing something like that without knowing about the article? What exactly did they update or change to prevent the hack? Why did it come down to two guys revealing the vulnerability for Chrysler to "fix" it?

    If that's the update that supposedly patched this vulnerability then I have already updated my car. As I stated before however, the update file was created in April. (Right click on it after you unzip it and check it's properties) so why did Chrysler wait until after the Article was released to send out the fix?

+ Reply to Thread
Page 3 of 8 FirstFirst 1 2 3 4 5 ... LastLast

Quick Reply Quick Reply

Register Now

List your make, model & engine spec

Please select your insurance company (Optional)

Human Verification

In order to verify that you are a human and not a spam bot, please enter the answer into the following box below based on the instructions contained in the graphic.


Similar Threads

  1. Chrysler tipm lawsuit alleges chrysler, dodge and jeep vehicles stall
    By sickofit in forum Chrysler 200 General Discussion Forum
    Replies: 2
    Last Post: 12-14-2015, 09:55 PM
  2. 2015 Chrysler 200 Factory Tour Web Site
    By Pennhaven in forum General Discussion
    Replies: 0
    Last Post: 09-22-2014, 01:20 PM
  3. Replies: 0
    Last Post: 07-23-2014, 06:51 PM
  4. Recall: 2012 Chrysler vehicles—potential engine seizure
    By Mopar in forum Chrysler 200 General Discussion Forum
    Replies: 19
    Last Post: 04-13-2012, 12:51 PM
  5. Lottery lets less than 1 in 10 Beijing drivers buy new cars
    By Mopar in forum Off Topic Discussion
    Replies: 0
    Last Post: 01-26-2011, 05:00 PM

Posting Permissions

  • You may post new threads
  • You may post replies
  • You may not post attachments
  • You may not edit your posts
  •  
Powered by vBadvanced CMPS v4.1.2