Last week, we told you of how two US researchers were able to hack into a vehicle (A Jeep Cherokee) by through the vehicle’s infotainment system. The two, were able to take control of a vehicle being driven by a Wired.com reporter. They used a feature in the Jeep Cherokee’s telematics system called Uconnect by sending data to the car’s internet-connected entertainment and navigation system through a mobile phone network. During the experiment, the Jeep’s radio was turned on, with other non-essential features of the vehicles also turned on. The two, then rewrote the code embedded in the car’s infotainment system hardware, and then went on to issue commands for steering, braking and engine control. They were also able to control the car’s air conditioning , radio and windscreen wipers. Fiat Chrysler the owners of the Jeep brand, released a software update to deal with the vulnerabilities besides also recalling 1.4 Million vehicles.
The Jeeps run on QNX Neutrino OS owned by QNX systems, a Blackberry subsidiary. There have been numerous reports on the internet speculating Blackberry’s role with regards to the hacks. In a blog post, Blackberry has since clarified that the flaw being exploited was not within the OS itself but from a vulnerability from certain architecture and software components unrelated to the QNX Neutrino OS. Blackberry goes further to argue that the researchers did not target the QNX OS but the Uconnect connectivity software that runs on top of QNX. A lawsuit has since been filed by the owners of the 1.4 million vehicles that faced recalls against Chrysler and the provider of the infotainment systems but does not include Blackberry in the suit.