Uber has hired two famed security researchers that recently were able to show their skills by remotely hacking a Jeep Cherokee.
The two hackers are Charlie Miller and Chris Valasek and they will start work for the ride-hailing company starting next week. Miller recently worked for three years as an engineer of platform services at Twitter while Valasek has been director of vehicle security research at IOActive.
Starting Monday, Miller will start work at Uber’s Advanced Technologies Center in Pittsburgh, Pennsylvania and Valasek will join him, according to Tech Times.
Prior to Miller working for Twitter, he was a global network exploitation analyst for the National Security Agency (NSA) for five years. On his LinkedIn profile, it says he, “identified weaknesses and vulnerabilities in computer networks and executed successful computer network exploitations against foreign targets.”
Valasek was a senior security research scientist at Coverity and Accuvant before doing security research at IOActive and also worked for four years as an X-Force researchers for IBM Internet Security Systems.
He is also known among his peers for discovering the first significant bug in the MacBook Air demonstrating security errors in Mac OS and iOS and for his published book titled, “iOS Hackers’Handbook.”
The two researchers were recently placed on a pedestal as they showcased their skills when they went to the Black Hat and Def Con hacking conference in Las Vegas and revealed what they did in order to stop a moving Jeep Cherokee in its tracks from a remote location.
They were able to take advantage of Jeep’s vulnerable hardware chip of FCA’s (Fiat-Chrysler) UConnect infotainment system and hack into all of Jeep’s systems then wirelessly control hundreds and thousands of vehicles that were set up with UConnect.
During the demonstration, they tracked down the vehicles, pinpointing their exact location, and were able to turn the lights and blinkers off and on, meddle with the GPS and radio controls and also, gain access to controlling the brakes and steering of some of the vehicles.
The pair also were able to take over a Ford and Toyota in 2013 by hacking into the vehicle’s diagnostic port. But at that time, they were dismissed because car manufacturers said that the hackers had to have physical access to control the cars, which ignited the Jeep Cherokee hack, which led the FCA to announcing a recall of 1.4 million vehicles to prevent a real hack.
Besides this duo, Uber has been picking up dozens of the world’s most esteemed security connected car researchers in order to develop a fleet of self-driving cars to deliver people to their desired location in the near future.
Leave a Reply