UConnect firmware vulnerabiltiy - Page 4 - Jeep Garage - Jeep Forum

Go Back   Jeep Garage - Jeep Forum > Jeep Platform Discussion > Grand Cherokee - WK2 - > 2014+ Jeep Grand Cherokee Ecodiesel 3.0

Join Jeep Garage Today
Reply
 
Thread Tools Display Modes
 
  #37  
Old 07-27-2015, 10:59 AM
DJP2014's Avatar
Member
My Jeep: 2015 3.0L WK2
 
Join Date: Nov 2014
Location: OH
Posts: 33
Thanks: 34
Thanked 14 Times in 12 Posts
Rep Power: 881
DJP2014 is on a distinguished road
Re: UConnect firmware vulnerabiltiy

Can anyone confirm the color coding shown below?
Attached Images
File Type: jpg UCONNECT ANTENNA CONNECTIONS.jpg (140.2 KB, 33 views)

__________________
2015 GC Overland 4x4 3.0CRD
Billet Silver - Indigo/Brown
ATG, ORAII, QD
Reply With Quote
Sponsored Links
Advertisement
 
  #38  
Old 07-27-2015, 11:07 AM
DJP2014's Avatar
Member
My Jeep: 2015 3.0L WK2
 
Join Date: Nov 2014
Location: OH
Posts: 33
Thanks: 34
Thanked 14 Times in 12 Posts
Rep Power: 881
DJP2014 is on a distinguished road
Re: UConnect firmware vulnerabiltiy

Quote:
Originally Posted by thrawn86 View Post
well, I do make use of the uconnect access often so I'd hate to lose that. A friend of mine has an aftermarket system that has 10 times the connectivity and features of ours so there is some functionality/benefit to be had...though there have been stories about those units being hacked as well.

Don't get me wrong, I agree with you...but I really see tremendous value in this "internet of things" and I want to see it work. No one thinks twice about the fact that their cellphones already track location history and that google/verizon/the FBI/etc can already access personal information.
The value of this "internet of things" is not worth it and I certainly think twice about my cell phone being used for tracking… are you kidding me?

Plus our cell phones being hacked and our bank accounts being drained does not compare to having our vehicle hacked and steered into an oncoming truck.

There’s no way to keep up with patches and updates to prevent this. The only option is to completely remove the communication link.
__________________
2015 GC Overland 4x4 3.0CRD
Billet Silver - Indigo/Brown
ATG, ORAII, QD
Reply With Quote
  #39  
Old 07-27-2015, 11:11 AM
MDBones's Avatar
OVERLAND HIGH ALTITUDE
My Jeep: 2016 3.6L WK2
 
Join Date: Mar 2014
Location: Wisconsin's West Coast
Posts: 3,655
Thanks: 664
Thanked 633 Times in 520 Posts
Rep Power: 10712
MDBones has a reputation beyond reputeMDBones has a reputation beyond reputeMDBones has a reputation beyond reputeMDBones has a reputation beyond reputeMDBones has a reputation beyond reputeMDBones has a reputation beyond reputeMDBones has a reputation beyond reputeMDBones has a reputation beyond reputeMDBones has a reputation beyond reputeMDBones has a reputation beyond reputeMDBones has a reputation beyond repute
Garage
Re: UConnect firmware vulnerabiltiy

Quote:
Originally Posted by amanaussie View Post
Does vulnerability only apply to US vehicles?? I am assuming other export vehicles and the ones here in Australia do not need a software update.My Grand Cherokee ( MY13) has to be paired to my mobile (cell) phone using blue tooth in order to use the U connect system.I am also assume that in the USA vehicles are some what different in the manner they connect to a mobile phone
Our phones are paired to U-Connect via bluetooth, the same as yours.
__________________
http://www.jeepgarage.org/members/54562-albums357-picture4858.png
Reply With Quote
  #40  
Old 07-28-2015, 07:48 AM
Diesel Dan's Avatar
Member
My Jeep: 2015 3.0L WK2
 
Join Date: May 2015
Location: Mi.
Posts: 143
Thanks: 5
Thanked 27 Times in 17 Posts
Rep Power: 15106
Diesel Dan has a reputation beyond reputeDiesel Dan has a reputation beyond reputeDiesel Dan has a reputation beyond reputeDiesel Dan has a reputation beyond reputeDiesel Dan has a reputation beyond reputeDiesel Dan has a reputation beyond reputeDiesel Dan has a reputation beyond reputeDiesel Dan has a reputation beyond reputeDiesel Dan has a reputation beyond reputeDiesel Dan has a reputation beyond reputeDiesel Dan has a reputation beyond repute
Re: UConnect firmware vulnerabiltiy

Well, I did the update, and went w/o a glitch. I think it took longer to download and run the exe to the drive than install. Did my flash w/o the motor running.
__________________
'15 GC Limited, Diesel, Adventure 2, Luxury 2, CD, Block Heater, Blue/Black.
Reply With Quote
  #41  
Old 07-28-2015, 08:10 AM
SnoFire's Avatar
The Negotiator
 
Join Date: Jun 2011
Location: Wisconsin
Posts: 5,155
Thanks: 71
Thanked 189 Times in 146 Posts
Rep Power: 391210
SnoFire has a reputation beyond reputeSnoFire has a reputation beyond reputeSnoFire has a reputation beyond reputeSnoFire has a reputation beyond reputeSnoFire has a reputation beyond reputeSnoFire has a reputation beyond reputeSnoFire has a reputation beyond reputeSnoFire has a reputation beyond reputeSnoFire has a reputation beyond reputeSnoFire has a reputation beyond reputeSnoFire has a reputation beyond repute
Garage
Re: UConnect firmware vulnerabiltiy

Hey Admins...Anyway we can combined all of these "Hack" Threads?? People late to the game just keep posting. Also, people need to stop putting the fear of god into others about this vulnerability. BMW basically had the same thing happen to them earlier in the year and no one really made a fuss about that one.
__________________
2017 Grand Cherokee Limited Lux II Granite Metallic

2014 Jeep Grand Cherokee Limited Max Steel V6
2001 Jeep Grand Cherokee Laredo Black 4.0 I6
1997 Jeep Grand Cherokee Laredo Silver I6
Reply With Quote
  #42  
Old 07-28-2015, 06:08 PM
Plik's Avatar
Member
 
Join Date: Aug 2014
Location: Houston, TX
Posts: 147
Thanks: 14
Thanked 25 Times in 19 Posts
Rep Power: 1065
Plik is on a distinguished road
Garage
Re: UConnect firmware vulnerabiltiy

Updated mine last night. Everything went fine. Super easy
__________________

2015 JGC Overland Diesel 4X4 + QDII
Reply With Quote
  #43  
Old 07-28-2015, 09:43 PM
DJP2014's Avatar
Member
My Jeep: 2015 3.0L WK2
 
Join Date: Nov 2014
Location: OH
Posts: 33
Thanks: 34
Thanked 14 Times in 12 Posts
Rep Power: 881
DJP2014 is on a distinguished road
Re: UConnect firmware vulnerabiltiy

This is something that will need patched and updated as often as Window's updates... and the risk of not doing so is dangerous.


I'm not going to try and keep up with patches and updates to prevent this. The only option is to completely remove the communication link.
__________________
2015 GC Overland 4x4 3.0CRD
Billet Silver - Indigo/Brown
ATG, ORAII, QD
Reply With Quote
  #44  
Old 07-28-2015, 10:47 PM
Member
My Jeep: 2015 3.0L WK2
 
Join Date: Nov 2014
Location: Chicago
Posts: 124
Thanks: 24
Thanked 13 Times in 11 Posts
Rep Power: 957
thrawn86 is on a distinguished road
Re: UConnect firmware vulnerabiltiy

If anyone is considering this, please do not just CUT the RF cable from the board/aircard and leave it.

The only 100% solution is to remove the aircard and deal with whatever codes that throws (assuming its even physically accessible) or to properly terminate & load the RF cable from the aircard (not from the antenna). The latter may not be feasible either depending on where and what types of connectors are involved.

Quote:
Originally Posted by DJP2014 View Post
Plus our cell phones being hacked and our bank accounts being drained does not compare to having our vehicle hacked and steered into an oncoming truck.
Those are both pretty scary to me. But you're absolutely right, the most secure thing to do would be to disable the link. Followed by cancelling your cell phone, trashing your computer, and deleting all your internet/forum accounts. Can't be too safe, right?
Reply With Quote
  #45  
Old 07-28-2015, 11:02 PM
DJP2014's Avatar
Member
My Jeep: 2015 3.0L WK2
 
Join Date: Nov 2014
Location: OH
Posts: 33
Thanks: 34
Thanked 14 Times in 12 Posts
Rep Power: 881
DJP2014 is on a distinguished road
Re: UConnect firmware vulnerabiltiy

Quote:
Originally Posted by thrawn86 View Post
Those are both pretty scary to me. But you're absolutely right, the most secure thing to do would be to disable the link. Followed by cancelling your cell phone, trashing your computer, and deleting all your internet/forum accounts. Can't be too safe, right?
Phones, computers, and internet accounts don't pose the same type of risks as this animal. The only reason I chose to go ahead with purchasing one of the 2015 Jeeps is because they still have the mechanical emergency brakes.

Many of the newer cars like Audi, Mercedes, and BMW have gone to an electronic controlled emergency brake which would bother me.

This problem has been around for years via bluetooth networks and other links such as onstar. The problem has only gotten worse as more vehicles now have 3G links built into them.
__________________
2015 GC Overland 4x4 3.0CRD
Billet Silver - Indigo/Brown
ATG, ORAII, QD
Reply With Quote
  #46  
Old 07-28-2015, 11:58 PM
macfan's Avatar
Member
My Jeep: 2014 3.2L KL
 
Join Date: Oct 2013
Location: Fenton, Michigan USA
Posts: 608
Thanks: 130
Thanked 92 Times in 77 Posts
Rep Power: 5988
macfan has a reputation beyond reputemacfan has a reputation beyond reputemacfan has a reputation beyond reputemacfan has a reputation beyond reputemacfan has a reputation beyond reputemacfan has a reputation beyond reputemacfan has a reputation beyond reputemacfan has a reputation beyond reputemacfan has a reputation beyond reputemacfan has a reputation beyond reputemacfan has a reputation beyond repute
Re: UConnect firmware vulnerabiltiy

Quote:
Originally Posted by DJP2014 View Post
The value of this "internet of things" is not worth it and I certainly think twice about my cell phone being used for tracking… are you kidding me?

Plus our cell phones being hacked and our bank accounts being drained does not compare to having our vehicle hacked and steered into an oncoming truck.

There’s no way to keep up with patches and updates to prevent this. The only option is to completely remove the communication link.
I am teasing you but I think you have your tin foil hat on a little tight and are running a bit paranoid. I have never in all of the many, many years I have owned a computer ever run any anti virus software and have never had a problem. The odds of your particular Radio/Uconnect ever being hacked are about the same as being struck by lightening. You are much more likely to be run into by a drunk driver or a teenager texting than hacked if you really want something to worry about.
Reply With Quote
  #47  
Old 07-29-2015, 12:52 AM
DJP2014's Avatar
Member
My Jeep: 2015 3.0L WK2
 
Join Date: Nov 2014
Location: OH
Posts: 33
Thanks: 34
Thanked 14 Times in 12 Posts
Rep Power: 881
DJP2014 is on a distinguished road
Re: UConnect firmware vulnerabiltiy

Quote:
Originally Posted by macfan View Post
I am teasing you but I think you have your tin foil hat on a little tight and are running a bit paranoid. I have never in all of the many, many years I have owned a computer ever run any anti virus software and have never had a problem. The odds of your particular Radio/Uconnect ever being hacked are about the same as being struck by lightening. You are much more likely to be run into by a drunk driver or a teenager texting than hacked if you really want something to worry about.

I have never in all the many, many years of driving needed or wanted my vehicle to be networked in any way shape or form to the internet.

Your point is well taken and you have valid points for the times we are living in now. But I have to wonder why there’s no “airplane mode” switch that would allow us tin foil hat people to switch off all of the wireless communication to our vehicle. It’s a very simple request.

Why the strong push to have all new vehicles networked with no opt-out available? I suppose I could choose another vehicle to purchase, but soon there will be no choice in the matter as every vehicle off the assembly line will have to be networked.

I suppose we get what we ask for and based on the feedback in this forum I’m in the minority and I’m getting what “we’re” asking for. Hopefully the manufacturers peruse these forums and see that some of us want options.
__________________
2015 GC Overland 4x4 3.0CRD
Billet Silver - Indigo/Brown
ATG, ORAII, QD
Reply With Quote
  #48  
Old 07-29-2015, 06:19 PM
Senior Member
 
Join Date: Sep 2013
Posts: 1,328
Thanks: 49
Thanked 165 Times in 133 Posts
Rep Power: 2931
Roadkill has a reputation beyond reputeRoadkill has a reputation beyond reputeRoadkill has a reputation beyond reputeRoadkill has a reputation beyond reputeRoadkill has a reputation beyond reputeRoadkill has a reputation beyond reputeRoadkill has a reputation beyond reputeRoadkill has a reputation beyond reputeRoadkill has a reputation beyond reputeRoadkill has a reputation beyond reputeRoadkill has a reputation beyond repute
Quote:
Originally Posted by thrawn86 View Post
If anyone is considering this, please do not just CUT the RF cable from the board/aircard and leave it.
The CDMA antenna has its own connection plug and will not require wire cutters. We've got a new member, Rocketrancher, working on a finding a terminator for us. The card senses the disconnected antenna (likely due to impedance mismatch), but Rocketrancher already demonstrated the proof of concept with pics of the back of the radio and screenshots of the uConnect app icon showing a disconnected icon while the other antennas (SXM/TrafficLink, AM/FM, GPS) continue to work.
Quote:
Originally Posted by DJP2014 View Post
But I have to wonder why there’s no “airplane mode” switch that would allow us tin foil hat people to switch off all of the wireless communication to our vehicle. It’s a very simple request.
Those of us who want the datalink physically disabled should be satisfied soon. Neutering the antenna is better than an "airplane mode" that can lie, anyway.
Reply With Quote
The Following User Says Thank You to Roadkill For This Useful Post:
Reply

Tags
uconnect

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
New Uconnect Firmware Thanandon Audio/Visual/Navigation 26 07-27-2015 12:33 PM
New Uconnect Firmware seedar Export Grand Cherokee 2011+ 2 08-20-2014 10:13 PM
REC NAV radio with uconnect latest firmware? jeepmanjim Grand Cherokee - WK 3 12-02-2013 02:51 AM
My uConnect 8.4AN with 13.28.2 Firmware rebooted on me mswlogo Grand Cherokee - WK2 - 12 09-18-2013 06:49 AM
430N RHB Firmware Update DieselvRR Audio/Visual/Navigation 20 10-06-2011 12:23 AM

Powered by vBadvanced CMPS v3.2.3

All times are GMT -5. The time now is 05:46 PM.


Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2017, vBulletin Solutions, Inc.
Copyright 2012 - JeepGarage.Org
The Jeep Grand Cherokee Owners Community

JeepGarage.org is in no way associated with or endorsed by FCA US LLC. Chrysler, Dodge, Jeep, Ram, Mopar and SRT are registered trademarks of FCA US LLC.