Chrysler has to recall its cars due to security vulnerabilities

Chrysler, whose Jeep Cherokees were demonstrated to be vulnerable to Internet-based attacks on their steering and brakes (as well as radios, air conditioning and other systems) has recalled 1.4M cars due to software vulnerabilities.

The company issued a veiled threat against the security researchers who revealed its incompetence, saying that "manipulating vehicles without authorization" was a "crime." This may be a reference to section 1201 of the Digital Millennium Copyright Act, which makes it a felony to reveal information that helps gain unauthorized access to copyrighted works. Its release also implied that this was an anomaly, and unlikely to be repeated in future.

Earlier this year, GM told the Copyright Office that the software in its cars made automobiles into copyrighted works and believed that copyright law should prevent car owners from altering their own cars or disclosing information about vulnerabilities in the software.

The company will update software to insulate the vehicles from being remotely controlled, and it said in a statement that hackers are committing a crime by manipulating vehicle without authorization.

The recall affects vehicles with 8.4-inch touchscreens including 2013 to 2015 Ram pickups and chassis cabs and Dodge Viper sports cars. Also covered are 2014 and 2015 Dodge Durango and Jeep Grand Cherokee and Cherokee SUVs, as well as the 2015 Chrysler 200 and 300, and the Dodge Charger and Challenger.

Fiat Chrysler says it also has taken security measures on its own vehicle network to prevent hacking. Those measures require no customer action and became effective on Thursday.

The recall covers about 1 million more vehicles than the company had originally believed were affected, all with a certain type of radio, the company statement said.

Researchers have announced that they will reveal flaws in the Tesla S at DEFCON next month.


Fiat Chrysler recalls 1.4M vehicles to prevent hacking [Tom Krisher/AP]