With ‘recall,’ Fiat Chrysler makes its car hack worse

After Wired showed two hackers remotely gain access and immobilize a moving Jeep by exploiting software vulnerabilities last week, Fiat Chrysler responded by patching the vulnerability in several Jeep, Dodge, and Chrysler models that were equipped with the Uconnect software that was hacked. How they went about issuing the patch, however, may just put the company’s customers further at risk.

Rather than simply treating the software patch as a traditional recall (i.e. requiring them to visit a service center and have an expert make the fix), Fiat Chrysler is mailing a USB thumb drive to owners of the affected cars. From there, the cars’ owners can plug the USB drive into the cars’ USB port to patch the software vulnerability. This seems like a convenient way to issue a recall for something that car owners can fix themselves. 

To read this article in full or to leave a comment, please click here

Network World Colin Neagle