From ArsTechnica:

Charlie Miller (left) and Chris Valasek present the details of their hacks of the Fiat Chrysler Uconnect system at Black Hat in Las Vegas on August 5.Sean Gallagher

Less than a month after their command performances at the Black Hat and Def Con security conferences in Las Vegas, security researchers Charlie Miller (late of Twitter) and Chris Valasek (formerly of the security firm IOActive) have been poached by Uber—which ironically had security flaws in its own in-car technology exposed by University of California-San Diego researchers this month as well. According to a report from Reuters, Uber will announce the hiring of Miller and Valasek on Monday.

Miller and Valasek’s research on Fiat Chrysler’s Uconnect system exposed vulnerabilities in the design of the system that allowed them to take remote control of many of the systems of a targeted vehicle—as they demonstrated by shutting down the throttle of a 2014 Jeep Cherokee while it was being driven on an interstate by Wired reporter Andy Greenberg. The research, coordinated with Fiat Chrysler, led to the distribution of a fix by Chrysler and blocking of vulnerable ports by Sprint, the mobile carrier providing the network for Uconnect. But the attention garnered by the video led to…

Continue Reading