Step Away from the (Hackable) Vehicle! Part 1 of 2 - Page 2 - 2014+ Jeep Cherokee Forums
User Tag List

 28Likes
Reply
 
LinkBack Thread Tools
post #11 of 42 (permalink) Old 08-04-2015, 10:12 PM
Hardcore Member
 
Ruffnredi's Avatar
 
Join Date: Jul 2015
Posts: 784
Step Away from the (Hackable) Vehicle! Part 1 of 2

But in order for someone to even take control of the car they had to create a new version of the UConnect firmware. Also this hack was done by white hat (aka ethical) hackers. It's not like ISIS has their hands on it. It's much todo about nothing. It's great that it's making automakers think more about security. But seriously, patch your car and call it a day. It's super simple to do from home all you need is a 4gb USB drive and about 30 minutes.

Last edited by Ruffnredi; 08-04-2015 at 10:14 PM. Reason: Premature send
Ruffnredi is offline  
Sponsored Links
Advertisement
 
post #12 of 42 (permalink) Old 08-04-2015, 10:14 PM
Moderator
 
SkipW's Avatar
 
Join Date: Dec 2013
Location: Midcoast Maine
Posts: 5,983
Quote:
Originally Posted by Mark_ View Post
There must be at least one computer savvy employee in there, capable of getting the update on a USB stick and flash it for you.
If you insist just a little, I don't see why they wouldn't consider it. Print out the procedure for them (.pdf document), and bring your own USB stick if they can't locate one. Doing it this way is just as fast as doing it with their own machine.
Oh, I've already downloaded it and have the .iso file ready....I just went in to get my free USB stick (supposedly loaded with the update) that is supposed to be shipped to dealers with eligible customers with affected vehicles.

They have the file and are very tech savvy and were willing to schedule me for the update, I meant they don't have the update from FCA on USB sticks as promised.

.
.

The best time to plant a tree was 20 years ago. The second best time is now.

http://jeepcherokeeclub.com/4-2014-j...rum-rules.html
SkipW is offline  
post #13 of 42 (permalink) Old 08-05-2015, 01:57 AM
Enthusiast Member
 
SJetc's Avatar
 
Join Date: Jun 2014
Location: NSW Australia
Posts: 405
Ummm... This implies that its the HK radio that has the flaw. Now, possibly everyone's Cherokee has the HK installed but on our Grand Cherokee's downunder, only the Summit and I believe the SRT's have the HK. We have an Alpine instead on the Laredo, Limited and Overland variants down here. So, my question - do all KL's in the US regardless of variant get the HK or only the upper models? and also, do all GC's in the US get the HK or like us downunder, only the Summits and the SRT's.

http://www.driven.co.nz/news/news/ha...fiat-chrysler/

MY15 KL Limited CRD - True Blue ADII, Tech group, Electronics/Conv groups and Pano
MY14 Grand Cherokee Overland CRD - DCR ORAII
MY07 Grand Cherokee Limited 5.7 Hemi - Silver (Sold)
SJetc is offline  
 
post #14 of 42 (permalink) Old 08-05-2015, 05:23 AM
Forum Elder
 
David_Baker's Avatar
 
Join Date: Jun 2015
Location: Sunny subtropical Noosa Heads, QLD, Australia
Posts: 1,710
Garage
I think the head unit is still HK (the Uconnect part of the system) just the amplifier is Alpine?
SJetc likes this.

Cheers, Dave.


2015 Granite Pearl Trailhawk 3.2L V6 with Aussie Lift and 245/70 R17 Duratracs

Technology group | Comfort/Convenience Group | Electronics convenience group | Safety and Security Group | Panoramic Sunroof | Leather Interior Group |
Uconnect 8.4N Am/Fm/DAB/Bt/NAV with 9 Speaker + Sub | Trailer Tow Group.
Born 6th June 2015, Adopted 31st August 2015
CLICK HERE FOR THE AUSSIE LIFT INFO!!!
David_Baker is offline  
post #15 of 42 (permalink) Old 08-05-2015, 06:15 AM
Enthusiast Member
 
SJetc's Avatar
 
Join Date: Jun 2014
Location: NSW Australia
Posts: 405
Quote:
Originally Posted by David_Baker View Post
I think the head unit is still HK (the Uconnect part of the system) just the amplifier is Alpine?
You could be right Dave. It's just confused me with the reports of the HK systems being the only ones involved.

Not that it affects us down-under of course, but I was just interested.
David_Baker likes this.

MY15 KL Limited CRD - True Blue ADII, Tech group, Electronics/Conv groups and Pano
MY14 Grand Cherokee Overland CRD - DCR ORAII
MY07 Grand Cherokee Limited 5.7 Hemi - Silver (Sold)
SJetc is offline  
post #16 of 42 (permalink) Old 08-05-2015, 06:48 AM
Enthusiast Member
 
Join Date: Dec 2013
Location: Richmond VA
Posts: 360
Skip,

Chrysler will mail 1.4 million USB drives to UConnect 8.4 owners. Dealers aren't handing them out.

2014 white I4 Fwd Limited with Technology package
Lil_Kee is offline  
post #17 of 42 (permalink) Old 08-05-2015, 07:19 AM
Premium Member
 
Jeepster1's Avatar
 
Join Date: Dec 2013
Location: West Central Illinois by the old Mississippi.
Posts: 3,685
Garage
From the original articles it seems the Hack is very controlled. But it does put FCA and Owners on notice that it is possible. In fact it is very possible in the years ahead.
The only question I would have is why not keep the W-Fi off by default unless you want it on.
See no reason it should even be on. Especially if you do not use it or subscribe to it. That is unless FCA is using it to communicate with your vehicle and/or your vehicle communicates with FCA.
Just a thought.

I did mine as soon as FCA released the update.

2014 Cherokee Limited 4x4
V6 w/ AD2
Tech Group (both parts)
Luxury Group
Tow Group
Navigation
Cherry Red
12/11/13 build
Max Care Life Service Plan
Jeepster1 is offline  
post #18 of 42 (permalink) Old 08-05-2015, 07:34 AM
Forum Elder
 
David_Baker's Avatar
 
Join Date: Jun 2015
Location: Sunny subtropical Noosa Heads, QLD, Australia
Posts: 1,710
Garage
Its not the wifi thats the problem, the hack was accessed directly from the internet connectivity over the mobile phone data network.

Cheers, Dave.


2015 Granite Pearl Trailhawk 3.2L V6 with Aussie Lift and 245/70 R17 Duratracs

Technology group | Comfort/Convenience Group | Electronics convenience group | Safety and Security Group | Panoramic Sunroof | Leather Interior Group |
Uconnect 8.4N Am/Fm/DAB/Bt/NAV with 9 Speaker + Sub | Trailer Tow Group.
Born 6th June 2015, Adopted 31st August 2015
CLICK HERE FOR THE AUSSIE LIFT INFO!!!
David_Baker is offline  
post #19 of 42 (permalink) Old 08-05-2015, 08:36 AM
Enthusiast Member
 
ladydulayne's Avatar
 
Join Date: Apr 2015
Location: Baltimore, MD
Posts: 336
Quote:
Originally Posted by ptrudel View Post
When I got my TH I was kinda bummed we didn't get the apps, but right now, I'm ok with it lol
Yeah a few days after I bought my Sport model with the 5.0 UConnect, I was also bummed I didn't have the 8 inch with the extra features. I got over it and now I am glad.

2015 Cherokee Sport - Build Date: 7/2014 - Deep Cherry Red - R05 & R01 Completed - Aftermarket: Alloy Konig Zero In Wheels, Chrome Lower Front Grill and Chrome Door Handles
ladydulayne is offline  
post #20 of 42 (permalink) Old 08-05-2015, 10:27 AM
Forum Elder
 
Mark_'s Avatar
 
Join Date: Jun 2015
Location: Québec, Canada
Posts: 3,759
Quote:
Originally Posted by SkipW View Post
Oh, I've already downloaded it and have the .iso file ready....I just went in to get my free USB stick (supposedly loaded with the update) that is supposed to be shipped to dealers with eligible customers with affected vehicles.

They have the file and are very tech savvy and were willing to schedule me for the update, I meant they don't have the update from FCA on USB sticks as promised.
Gotcha.

As someone else pointed out, I believe FCA will be mailing the sticks though, not sending any to dealers directly.

If you are even slightly worried about the integrity of the downloaded .iso file, I would tell you not to worry... Tons of us on the forums have gotten the updates and installed them without any incident. I don't feel that a stick received via mail, stuffed with the update by...?.... is any safer than a file I've downloaded from UConnect and handled myself. One major advantage of doing it yourself : it gets done quickly.

My avatar is the Elder Predator (goes well with my forum status and overall temper )
2015 North (Canada) - V6 - AD1
Cold, Tow, 8.4A, 9 speakers with sub
Mark_ is offline  
Reply

Quick Reply
Message:
Options

Register Now



In order to be able to post messages on the 2014+ Jeep Cherokee Forums forums, you must first register.
Please enter your desired user name, your email address and other required details in the form below.

User Name:
Password
Please enter a password for your user account. Note that passwords are case-sensitive.

Password:


Confirm Password:
Email Address
Please enter a valid email address for yourself.

Email Address:
OR

Log-in









Human Verification

In order to verify that you are a human and not a spam bot, please enter the answer into the following box below based on the instructions contained in the graphic.



Thread Tools
Show Printable Version Show Printable Version
Email this Page Email this Page



  Similar Threads
Thread Thread Starter Forum Replies Last Post
Cherokee is "most hackable" vehicle jferris33 2014+ Jeep Cherokee General Discussion 171 08-10-2015 11:23 AM
Beaver Step? WhiteHawk One Exterior 1 11-24-2014 10:13 AM
2014 Jeep Cherokee rated as "most hackable" cherokee The Car Lounge 27 11-17-2014 11:36 PM

Posting Rules  
You may not post new threads
You may post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On