The power train (and other vital components) of a car should be air-gapped from the internet. It’s crazy car manufacturers are even able to brick a car like this.
Is your car going to get security updates 5-10-20 years from now? No. The power train should be air-gapped from the internet.
Apparently it was supposed to be. They have the core functions in a “can’t OTA” container, with less important functions like AV/etc in a “can OTA” model.
This update was pushed to the “can update” side and fucked the “can’t update” side, which is its own can of worms. Another can? Jeep pushed a silent, emergency update “to all Jeeps even those who have automatic updates disabled.”
So the issue is not that they have no security model, it’s that it clearly doesn’t work and they can and will push secret updates even when you decline all updates.
https://www.reddit.com/r/Jeep/comments/194cbbj/turn_offdisconnect_remote_access_to_my_2021_gcth/
I just got a text from my dealership saying my oil light was on. Super pissed off about it… When I got the Jeep 2 years ago I asked Jeep to turn off ALL remote access/phone home capabilities to the vehicle. I was on the phone for a couple hours with them until I finally got someone who said they did it.
Weather alerts, contextual ads on my console, distant recording of my travels, whatever, I wanted everything off.
It has a 4G cellular module in the head unit, which connects to a separate 4G antenna via a port on the back of the head unit. Unplug the antenna from the head unit and it cannot communicate to anything. Obviously you have to remove a bunch of trim and the unit.
Now, it’s possible that during maintenance, the process might involve uploading or downloading data to/from the manufacturer. That’s hard to avoid.
Again, WHY in the actual FUCK does a car need software updates?
Apart from maybe a stereo software? Infotainment? Make a good powertrain and leave it alone. Absolute insanity.
This was an update to the entertainment system that somehow had the side effect of disabling the power train while driving. You’d think these would be two entirely separate computer systems, but they must be sharing something.
Don’t buy American. Don’t buy Stellantis vehicles no matter what!
Can confirm; used to indirectly work for them. Stellantis holds nothing but contempt for their employees, suppliers, and customers. Their products are inferior and overpriced.
