In a stunt arranged by Wired, two "security researchers" hacked their way into a Jeep Cherokee carrying writer Andy Greenberg in St. Louis and, from a basement 10 miles away, took over the vehicle and steered it into a ditch. And it's not a one-off. Charlie Miller and Chris Valasek say they've spent the past two years hacking away at a variety of cars, and that they plan to reveal at the annual Black Hat and Def Con hacking conferences the fact that hundreds of thousands of vehicles are vulnerable. "I have done a lot of research, but this is the first time I’ve been truly freaked out," Miller tells the New York Times. "When I could hack into a car in Nebraska driving down the freeway, I had that feeling, 'I shouldn’t be able to do this.'"
In response, Chrysler—maker of the Cherokee, deemed the most hackable model—has quietly issued a free software update to fix the vulnerability, reports PC Magazine. "All of this is possible only because Chrysler, like practically all carmakers, is doing its best to turn the modern automobile into a smartphone," writes Greenberg; the access point here is an Internet-connected feature called Uconnect. Self-described "digital crash-test dummy" Greenberg found himself subject to a blast of cold air, Skee-lo blaring at full volume, windshield wipers swooshing at full throttle, an image of the hackers in their track suits, and, when the brakes failed, Greenberg slid into a ditch. The hackers spent nine months sharing their findings with Chrysler, which "appreciates" their work but is leery of any "how-to" disclosures. Product recalls and civil lawsuits may be on the horizon, one expert says. (This hacker is doing similar work on airplanes.)