Patch your Chrysler vehicle before hackers kill you - Published July 21, 2015

pete_c

Guru
Tom's Guide
By Paul Wagenseil Published July 21, 2015

 
Fiat Chrysler last week quietly issued a software patch for critical security vulnerabilities related to its Uconnect vehicle-connectivity system. The vulnerablities were dramatically detailed in a Wired story that was posted Tuesday.
 
In the Wired piece two "white hat" hackers remotely connected to a Jeep Cherokee as a reporter drove it down a Missouri freeway. They made the radio blast at full volume and turned on the windshield wipers, but also cut off the transmission as a truck approached and, later, disconnected the brakes, sending the Cherokee into a ditch.
 
Owners of 2013, 2014 and 2015 models of Chrysler vehicles can download the new software update onto a USB stick, which then can be plugged into the car. Chrysler dealers will also install the update for free.


It took hackers Charlie Miller and Chris Valasek nearly a year to discover and exploit the Uconnect flaw, of which they plan to provide more details at next month's Black Hat security conference in Las Vegas. The flaw let them remotely install a malicious firmware update that gave them control of the vehicle.
 
IMG_0724-582x437.jpg


Perhaps even more frighteningly, the pair found that any phone on the Sprint cellular network could be used to find and track any vehicle using Uconnect, anywhere in the country. Wired reporter Andy Greenberg watched Miller track a Dodge Ram in Texas, a Jeep Cherokee in California and a Dodge Durango in Michigan.

"When I saw we could do it anywhere, over the Internet, I freaked out," Valasek told Wired. "That's a vehicle on a highway in the middle of the country. Car hacking got real, right then."

In a Tweet this morning, Miller said he and Valasek had notified Chrysler of the flaw in October.

Owners of recent-year Chrysler vehicles should go to http://www.driveuconnect.com/software-update/ to type in their Vehicle Identification Number (VIN) and see whether their vehicle needs the update. From there, the site will provide instructions on how to download and install the software patch.

 
 
Hackers Remotely Kill a Jeep on the Highway—With Me in It

Andy Greenberg    Security Date of Publication: 07.21.15
Time of Publication: 6:00 am.

I was driving 70 mph on the edge of downtown St. Louis when the exploit began to take hold.

Though I hadn’t touched the dashboard, the vents in the Jeep Cherokee started blasting cold air at the maximum setting, chilling the sweat on my back through the in-seat climate control system. Next the radio switched to the local hip hop station and began blaring Skee-lo at full volume. I spun the control knob left and hit the power button, to no avail. Then the windshield wipers turned on, and wiper fluid blurred the glass.

As I tried to cope with all this, a picture of the two hackers performing these stunts appeared on the car’s digital display: Charlie Miller and Chris Valasek, wearing their trademark track suits. A nice touch, I thought.

The Jeep’s strange behavior wasn’t entirely unexpected. I’d come to St. Louis to be Miller and Valasek’s digital crash-test dummy, a willing subject on whom they could test the car-hacking research they’d been doing over the past year. The result of their work was a hacking technique—what the security industry calls a zero-day exploit—that can target Jeep Cherokees and give the attacker wireless control, via the Internet, to any of thousands of vehicles. Their code is an automaker’s nightmare: software that lets hackers send commands through the Jeep’s entertainment system to its dashboard functions, steering, brakes, and transmission, all from a laptop that may be across the country.

To better simulate the experience of driving a vehicle while it’s being hijacked by an invisible, virtual force, Miller and Valasek refused to tell me ahead of time what kinds of attacks they planned to launch from Miller’s laptop in his house 10 miles west. Instead, they merely assured me that they wouldn’t do anything life-threatening. Then they told me to drive the Jeep onto the highway. “Remember, Andy,” Miller had said through my iPhone’s speaker just before I pulled onto the Interstate 64 on-ramp, “no matter what happens, don’t panic.”

As the two hackers remotely toyed with the air-conditioning, radio, and windshield wipers, I mentally congratulated myself on my courage under pressure. That’s when they cut the transmission.

Immediately my accelerator stopped working. As I frantically pressed the pedal and watched the RPMs climb, the Jeep lost half its speed, then slowed to a crawl. This occurred just as I reached a long overpass, with no shoulder to offer an escape. The experiment had ceased to be fun.

At that point, the interstate began to slope upward, so the Jeep lost more momentum and barely crept forward. Cars lined up behind my bumper before passing me, honking. I could see an 18-wheeler approaching in my rearview mirror. I hoped its driver saw me, too, and could tell I was paralyzed on the highway.

“You’re doomed!” Valasek shouted, but I couldn’t make out his heckling over the blast of the radio, now pumping Kanye West. The semi loomed in the mirror, bearing down on my immobilized Jeep.

I followed Miller’s advice: I didn’t panic. I did, however, drop any semblance of bravery, grab my iPhone with a clammy fist, and beg the hackers to make it stop.

Wireless Carjackers

This wasn’t the first time Miller and Valasek had put me behind the wheel of a compromised car. In the summer of 2013, I drove a Ford Escape and a Toyota Prius around a South Bend, Indiana, parking lot while they sat in the backseat with their laptops, cackling as they disabled my brakes, honked the horn, jerked the seat belt, and commandeered the steering wheel. “When you lose faith that a car will do what you tell it to do,” Miller observed at the time, “it really changes your whole view of how the thing works.” Back then, however, their hacks had a comforting limitation: The attacker’s PC had been wired into the vehicles’ onboard diagnostic port, a feature that normally gives repair technicians access to information about the car’s electronically controlled systems.

A mere two years later, that carjacking has gone wireless. Miller and Valasek plan to publish a portion of their exploit on the Internet, timed to a talk they’re giving at the Black Hat security conference in Las Vegas next month. It’s the latest in a series of revelations from the two hackers that have spooked the automotive industry and even helped to inspire legislation; WIRED has learned that senators Ed Markey and Richard Blumenthal plan to introduce an automotive security bill today to set new digital security standards for cars and trucks, first sparked when Markey took note of Miller and Valasek’s work in 2013.

As an auto-hacking antidote, the bill couldn’t be timelier. The attack tools Miller and Valasek developed can remotely trigger more than the dashboard and transmission tricks they used against me on the highway. They demonstrated as much on the same day as my traumatic experience on I-64; After narrowly averting death by semi-trailer, I managed to roll the lame Jeep down an exit ramp, re-engaged the transmission by turning the ignition off and on, and found an empty lot where I could safely continue the experiment.

Miller and Valasek’s full arsenal includes functions that at lower speeds fully kill the engine, abruptly engage the brakes, or disable them altogether. The most disturbing maneuver came when they cut the Jeep’s brakes, leaving me frantically pumping the pedal as the 2-ton SUV slid uncontrollably into a ditch. The researchers say they’re working on perfecting their steering control—for now they can only hijack the wheel when the Jeep is in reverse. Their hack enables surveillance too: They can track a targeted Jeep’s GPS coordinates, measure its speed, and even drop pins on a map to trace its route.

All of this is possible only because Chrysler, like practically all carmakers, is doing its best to turn the modern automobile into a smartphone. Uconnect, an Internet-connected computer feature in hundreds of thousands of Fiat Chrysler cars, SUVs, and trucks, controls the vehicle’s entertainment and navigation, enables phone calls, and even offers a Wi-Fi hot spot. And thanks to one vulnerable element, which Miller and Valasek won’t identify until their Black Hat talk, Uconnect’s cellular connection also lets anyone who knows the car’s IP address gain access from anywhere in the country. “From an attacker’s perspective, it’s a super nice vulnerability,” Miller says.

From that entry point, Miller and Valasek’s attack pivots to an adjacent chip in the car’s head unit—the hardware for its entertainment system—silently rewriting the chip’s firmware to plant their code. That rewritten firmware is capable of sending commands through the car’s internal computer network, known as a CAN bus, to its physical components like the engine and wheels. Miller and Valasek say the attack on the entertainment system seems to work on any Chrysler vehicle with Uconnect from late 2013, all of 2014, and early 2015. They’ve only tested their full set of physical hacks, including ones targeting transmission and braking systems, on a Jeep Cherokee, though they believe that most of their attacks could be tweaked to work on any Chrysler vehicle with the vulnerable Uconnect head unit. They have yet to try remotely hacking into other makes and models of cars.

After the researchers reveal the details of their work in Vegas, only two things will prevent their tool from enabling a wave of attacks on Jeeps around the world. First, they plan to leave out the part of the attack that rewrites the chip’s firmware; hackers following in their footsteps will have to reverse-engineer that element, a process that took Miller and Valasek months. But the code they publish will enable many of the dashboard hijinks they demonstrated on me as well as GPS tracking.

Second, Miller and Valasek have been sharing their research with Chrysler for nearly nine months, enabling the company to quietly release a patch ahead of the Black Hat conference. On July 16, owners of vehicles with the Uconnect feature were notified of the patch in a post on Chrysler’s website that didn’t offer any details or acknowledge Miller and Valasek’s research. “[Fiat Chrysler Automobiles] has a program in place to continuously test vehicles systems to identify vulnerabilities and develop solutions,” reads a statement a Chrysler spokesperson sent to WIRED. “FCA is committed to providing customers with the latest software updates to secure vehicles against any potential vulnerability.”

Unfortunately, Chrysler’s patch must be manually implemented via a USB stick or by a dealership mechanic. (Download the update here.) That means many—if not most—of the vulnerable Jeeps will likely stay vulnerable.

Chrysler stated in a response to questions from WIRED that it “appreciates” Miller and Valasek’s work. But the company also seemed leery of their decision to publish part of their exploit. “Under no circumstances does FCA condone or believe it’s appropriate to disclose ‘how-to information’ that would potentially encourage, or help enable hackers to gain unauthorized and unlawful access to vehicle systems,” the company’s statement reads. “We appreciate the contributions of cybersecurity advocates to augment the industry’s understanding of potential vulnerabilities. However, we caution advocates that in the pursuit of improved public safety they not, in fact, compromise public safety.”

The two researchers say that even if their code makes it easier for malicious hackers to attack unpatched Jeeps, the release is nonetheless warranted because it allows their work to be proven through peer review. It also sends a message: Automakers need to be held accountable for their vehicles’ digital security. “If consumers don’t realize this is an issue, they should, and they should start complaining to carmakers,” Miller says. “This might be the kind of software bug most likely to kill someone.”

In fact, Miller and Valasek aren’t the first to hack a car over the Internet. In 2011 a team of researchers from the University of Washington and the University of California at San Diego showed that they could wirelessly disable the locks and brakes on a sedan. But those academics took a more discreet approach, keeping the identity of the hacked car secret and sharing the details of the exploit only with carmakers.

Miller and Valasek represent the second act in a good-cop/bad-cop routine. Carmakers who failed to heed polite warnings in 2011 now face the possibility of a public dump of their vehicles’ security flaws. The result could be product recalls or even civil suits, says UCSD computer science professor Stefan Savage, who worked on the 2011 study. Earlier this month, in fact, Range Rover issued a recall to fix a software security flaw that could be used to unlock vehicles’ doors. “Imagine going up against a class-action lawyer after Anonymous decides it would be fun to brick all the Jeep Cherokees in California,” Savage says.

For the auto industry and its watchdogs, in other words, Miller and Valasek’s release may be the last warning before they see a full-blown zero-day attack. “The regulators and the industry can no longer count on the idea that exploit code won’t be in the wild,” Savage says. “They’ve been thinking it wasn’t an imminent danger you needed to deal with. That implicit assumption is now dead.”

Sitting on a leather couch in Miller’s living room as a summer storm thunders outside, the two researchers scan the Internet for victims.

Uconnect computers are linked to the Internet by Sprint’s cellular network, and only other Sprint devices can talk to them. So Miller has a cheap Kyocera Android phone connected to his battered MacBook. He’s using the burner phone as a Wi-Fi hot spot, scouring for targets using its thin 3G bandwidth.

A set of GPS coordinates, along with a vehicle identification number, make, model, and IP address, appears on the laptop screen. It’s a Dodge Ram. Miller plugs its GPS coordinates into Google Maps to reveal that it’s cruising down a highway in Texarkana, Texas. He keeps scanning, and the next vehicle to appear on his screen is a Jeep Cherokee driving around a highway cloverleaf between San Diego and Anaheim, California. Then he locates a Dodge Durango, moving along a rural road somewhere in the Upper Peninsula of Michigan. When I ask him to keep scanning, he hesitates. Seeing the actual, mapped locations of these unwitting strangers’ vehicles—and knowing that each one is vulnerable to their remote attack—unsettles him.

When Miller and Valasek first found the Uconnect flaw, they thought it might only enable attacks over a direct Wi-Fi link, confining its range to a few dozen yards. When they discovered the Uconnect’s cellular vulnerability earlier this summer, they still thought it might work only on vehicles on the same cell tower as their scanning phone, restricting the range of the attack to a few dozen miles. But they quickly found even that wasn’t the limit. “When I saw we could do it anywhere, over the Internet, I freaked out,” Valasek says. “I was frightened. It was like, holy fuck, that’s a vehicle on a highway in the middle of the country. Car hacking got real, right then.”

That moment was the culmination of almost three years of work. In the fall of 2012, Miller, a security researcher for Twitter and a former NSA hacker, and Valasek, the director of vehicle security research at the consultancy IOActive, were inspired by the UCSD and University of Washington study to apply for a car-hacking research grant from Darpa. With the resulting $80,000, they bought a Toyota Prius and a Ford Escape. They spent the next year tearing the vehicles apart digitally and physically, mapping out their electronic control units, or ECUs—the computers that run practically every component of a modern car—and learning to speak the CAN network protocol that controls them.

When they demonstrated a wired-in attack on those vehicles at the DefCon hacker conference in 2013, though, Toyota, Ford, and others in the automotive industry downplayed the significance of their work, pointing out that the hack had required physical access to the vehicles. Toyota, in particular, argued that its systems were “robust and secure” against wireless attacks. “We didn’t have the impact with the manufacturers that we wanted,” Miller says. To get their attention, they’d need to find a way to hack a vehicle remotely.

So the next year, they signed up for mechanic’s accounts on the websites of every major automaker and downloaded dozens of vehicles’ technical manuals and wiring diagrams. Using those specs, they rated 24 cars, SUVs, and trucks on three factors they thought might determine their vulnerability to hackers: How many and what types of radios connected the vehicle’s systems to the Internet; whether the Internet-connected computers were properly isolated from critical driving systems, and whether those critical systems had “cyberphysical” components—whether digital commands could trigger physical actions like turning the wheel or activating brakes.

Based on that study, they rated Jeep Cherokee the most hackable model. Cadillac’s Escalade and Infiniti’s Q50 didn’t fare much better; Miller and Valasek ranked them second- and third-most vulnerable. When WIRED told Infiniti that at least one of Miller and Valasek’s warnings had been borne out, the company responded in a statement that its engineers “look forward to the findings of this [new] study” and will “continue to integrate security features into our vehicles to protect against cyberattacks.” Cadillac emphasized in a written statement that the company has released a new Escalade since Miller and Valasek’s last study, but that cybersecurity is “an emerging area in which we are devoting more resources and tools,” including the recent hire of a chief product cybersecurity officer.

After Miller and Valasek decided to focus on the Jeep Cherokee in 2014, it took them another year of hunting for hackable bugs and reverse-engineering to prove their educated guess. It wasn’t until June that Valasek issued a command from his laptop in Pittsburgh and turned on the windshield wipers of the Jeep in Miller’s St. Louis driveway.

Since then, Miller has scanned Sprint’s network multiple times for vulnerable vehicles and recorded their vehicle identification numbers. Plugging that data into an algorithm sometimes used for tagging and tracking wild animals to estimate their population size, he estimated that there are as many as 471,000 vehicles with vulnerable Uconnect systems on the road.

Pinpointing a vehicle belonging to a specific person isn’t easy. Miller and Valasek’s scans reveal random VINs, IP addresses, and GPS coordinates. Finding a particular victim’s vehicle out of thousands is unlikely through the slow and random probing of one Sprint-enabled phone. But enough phones scanning together, Miller says, could allow an individual to be found and targeted. Worse, he suggests, a skilled hacker could take over a group of Uconnect head units and use them to perform more scans—as with any collection of hijacked computers—worming from one dashboard to the next over Sprint’s network. The result would be a wirelessly controlled automotive botnet encompassing hundreds of thousands of vehicles.

“For all the critics in 2013 who said our work didn’t count because we were plugged into the dashboard,” Valasek says, “well, now what?”
 
Holy crap. How will electronic controls ever be secure from people who want to hack them? Are we just going to have to get used to cars crashing due to hacking and get used to it like we have gotten used to road kill which I find equally upsetting? It will make the evening news even more entertaining than it is now.
 
Mike.
 
Speaking of car computers....I recently bought a Ford with My Sync. Does anyone have any interesting MySync stories to share? Does it work well for you or is it troublesome? I like it so far but find the voice commands difficult to get the hang of. I think that it is pilot error and will be easier after I memorize a few of the commands.
 
Mike.
 
Yup; here kids (well not really kids now) just purchased a Ford Fusion and Ford Edge Crossover (geez same color) with all of the bells and whistles. They have not mentioned any issues relating to the technology in the vehicles.

So I got no MySync stories ,,,,,

How do you like your Ford?

Personally here never much of a Fiat person although I did rent a Fiat for a 6 week adventure through Europe in the 1980's.  It ran fine for 6 weeks.
 
Isn't six weeks the warranty period for a Fiat?
 
I love the Ford so far but I've only owned it for about a month. I traded my 2003 Nissan Frontier for a 2015 F-150 pickup. The Frontier was always good to me and only had 37k miles but after 12 years it is time that it will be needing timing belt, brakes, tires, water pump, maybe radiator and/or heater core and all the other stuff that is known to fail with age.
 
It was also just time for a change, 12 years is a long time to drive the same car and I wanted to buy an American car with what has happened to the auto industry in the past decade.
 
Mike.
 
Isn't six weeks the warranty period for a Fiat?
 
;)
 
Yeah not OP related here recall a vacation in Jamaica in the late 80's and seeing mostly Lada's and Fiat's there looking almost identical at the time.
 
Noticed that Fiat moved their HQ to the Netherlands.  Didn't know that happened.
 
I've done a bit of programming work on CAN bus systems for the Chrysler vehicles. Radio's and dash controls have now morphed into "infotainment" systems. Your touchscreen display now provides the interface for your Navigation, climate controls, vehicle settings, radio and video player. Many of the benefits of these new "gadgets" in the vehicles come from the ability of the systems to all talk to each other and share (and control) data. The unfortunate issue here is that when enabling internet access to the infotainment system, Chrysler didn't really think much about network security. It is a pretty simple fix, but something they should have thought about up front.
 
Yeah never paid attention and did the doo of the wiki relating to Fiat ....here got a bit involved in the 90's with one Chrylser assembly plant in Canada...relating to IT integration (for the build...not internals) ....
 
I read some where that this television commercial made folks purchase the Chrysler over a Chevy or Ford in those years....
 
[youtube]http://youtu.be/tfKHBB4vt4c[/youtube]
 
@Mike ....not paying much attention these days....guessing maybe the big four automotive companies some day may be Google, Amazon, Microsoft and Apple .....
 
I think Fiat built a bunch of assembly plants in South America (Brazil?) a couple of years back? 
 
Many of the benefits of these new "gadgets" in the vehicles come from the ability of the systems to all talk to each other and share (and control) data.
 
Yup that has always been an issue.  Same stuff / issues have come up with Aeroplane designs....internet access and what have you...(front of cockpit versus back of cockpit stuff or integration of the two)..
 
On 20 January 2009, Fiat S.p.A. and Chrysler LLC announced their intention to form a global alliance. Under the terms of the agreement, Fiat would take a 20% stake in Chrysler and gain access to its North American distribution network in exchange for providing Chrysler with technology and platforms to build smaller, more fuel-efficient vehicles in the US and providing reciprocal access to Fiat's global distribution network. Agreements were signed on 30 April 2009, with Fiat's future shareholding capped at 49% until all government loans had been repaid.

Fiat would not have to pay any money for its 20% of Chrysler. On 7 June 2009, the Indiana State Police Pension Fund, the Indiana Teacher's Retirement Fund, and the state's Major Moves Construction Fund asked the US Supreme Court to delay the sale of Chrysler to Fiat while they challenge the deal. The funds argued that the sale went against US bankruptcy law because it unlawfully rewarded unsecured creditors ahead of secured creditors. On 9 June 2009, the Supreme Court lifted the temporary hold, clearing the way for Fiat to acquire Chrysler. See Indiana State Police Pension Trust v. Chrysler for more information. On 10 June, the Supreme Court announced that Fiat was now an owner of the new Chrysler a.k.a. Chrysler Group LLC.

On 10 January 2011, Fiat announced that it had increased its share in Chrysler from 20% to 25% following the achievement of the first of three performance objectives. On 11 April 2011, it announced achievement of the second performance objective, increasing its stake a further 5% to 30%. On 24 May 2011, Fiat announced that it had paid Chrysler US$1,268 million for a further 16% interest, increasing its stake total stake to 46% (fully diluted). The transaction coincided with Chrysler refinancing its debt to the U.S. and Canadian governments. On 25 May autonews.com reported that Fiat could buy government stakes in Chrysler as soon as the end of July 2011, increasing its total stake to 54%.

In May 2011, it emerged that Fiat could actually increase its stake in Chrysler Group to more than 70 percent through the exercise of further options.

In a regulatory filing dated 22 July 2011, the Michigan-based automaker reported that Fiat held a 53.5% interest (fully diluted). Fiat and Chrylser have both stated that they expect that interest to reach 58.5% by the end of 2011 as result of achievement of the third of the three performance objectives. In 5 January 2012 Fiat released press info that the ownership has increased to 58.5%. The stake was further increased to 68.49% in July 2013. On 1 January 2014, Fiat announced it would be acquiring the remaining shares of Chrysler owned by the VEBA worth $3.65 billion. The deal was completed by 21 January.

On 29 January 2014, it was announced that Fiat S.p.A. would be merged into a new company, Fiat Chrysler Automobiles NV, incorporated in the Netherlands with tax domicile in the UK. Fiat Chrysler Automobiles will become the owner of Fiat Group. On 1 August 2014, Fiat S.p.A. received necessary shareholder approval to proceed with the merger (which followed board approval). FCA will be listed on the New York Stock Exchange with an additional listing on the Mercato Telematico Azionario in Milan to follow.
 
Oh I remember those Cordoba comercials and the fiiiine corinthian leather. I had a 76 or so Dodge Coronet and I loved that car. Also a 69 Chrysler Newport that I drove from Connecticut to California and back again.
 
And this girl made me buy a 1971 Norton Commando
 
 
 
 

Attachments

  • images.jpg
    images.jpg
    10.5 KB · Views: 10
She looks like a very convincing authoritive figure..
 
Girlfriend here had a Rambler (very boxy car).  She had her drivers license and I did not at the time.  The Rambler could fit 8 of us in the car and we would go bowling on Saturday Afternoons or go to Chicago's Old Town looking for music.
 
Geez it's been tumultueous road for many car manufacturers. 
 
I remember reading that Porsche was saving Audi / VW as they were almost out of business and during the purchase they devalued themselves so much that Audi / VW ended up saving Porsche.  
 
Didn't Fiat also purchase what was left of GM in the EU then got a bit PO'd because the books were cooked?
 
I don't recall Fiat purchasing any GM interest, but they do own Alfa Romeo, Ferrari, Lancia, Maserati, Chrysler, Dodge, Jeep and Ram.
 
A bit of history before Fiat and about Chrysler ...and done now with this post....after final add a few minutes ago....
 
1979 - As soon as the energy crisis ended, it was back to business as usual. 1976 a hugely profitable year: the company’s net income was $422.6 million. 1977 was profitable, but less so: $163.2 million net income. By late 1978, they were running in the red again, losing $204.6 million. The fall of the Shah of Iran and a new US Oil embargo sent prices higher once again. By 1979, Chrysler was looking at its first billion dollar annual loss.
 
Management decided to was time to visit their Uncle Sam.
 
The Chrysler bailout of 1980 was not quite a pre-packaged bankruptcy reorganization. It left the company with the same management team, the same union contracts, the same pension obligations, and the same health care coverage; all the bailout did was buy the company a few more years. Indeed, the pre-bailout industry looked almost identical to the post-bailout industry. None of the Detroit automakers, Chrysler included, received any long-term benefits from the bailout.
 
Chrysler survived, but a slow necrosis gradually handed over the dominance of the US automobile market to the Japanese, Koreans, and Germans. In 1980, Detroit had a ~75% market share of autos sold in the US. For the first time ever in May 2008, that number slipper under 50%, and its now down to ~48%.
 
Had Chrysler been allowed to fall into bankruptcy, it’s not too difficult to imagine a vulture investor obtaining all of the aforementioned assets, and putting them to good use. Just picture a refurbished Chrysler Corporation – newly recapitalized, minus the onerous labor contracts, pension obligations, and healthcare overhead. Its new owner would have been free to pursue new manufacturing methods, new automobile designs, even new markets – with all the advantages Chrysler itself had, but without the defunct company’s baggage.
 
A post bankruptcy Chrysler would have been as leaner, meaner and more cost-efficient, and maybe even more fuel-efficient machine than the rest of Detroit. Surely, they would have been willing to take chances on some new designs that broke free of the stodgy boring cars put out by Detroit in the 1970s and 1980s.
 
Not only would Chrysler have been much more competitive in the US and world markets, their mere existence would have forced GM and Ford to streamline their own processes improve their vehicles in terms of attractiveness, mechanical reliability, and fuel efficiency.
 
In 1998, German automaker Daimler-Benz purchased Chrysler for $36 billion in what was then regarded as one of the largest industrial mergers ever.
 
With shareholders calling Chrysler an "affliction," Daimler essentially paid Cerberus Capital Management $650 million in 2007 to take Chrysler off its hands.
 
"Due diligence? Daimler-Benz never did due diligence before it bought Chrysler, never looked into the future to see whether Chrysler could afford to be competitive with the others in the industry," insists George Peterson, president of Global Insight.
 
Leaving aside losses on the stock market, and noting the $11 billion that Zetsche claims Chrysler added to DaimlerChrysler's operating profit over those nine years, Daimler is about $25.7 billion poorer now than it was before the merger.
 
That's $25.7 billion for the lesson that corporate synergies aren't always positive -- that expensive Daimler technology is still expensive, even when installed on cheap US cars; that the takeover of a brand image is not a one way street; and that company cultures sometimes mix like oil and water.
 
The aces are now distributed differently: Mercedes no longer dominates when the technical avant garde. It's only marginally ahead in safety features, another former selling point. In the meantime other brands have made strides in other areas: BMW and Volkswagen are at the forefront when it comes to energy-efficient engines, and Toyota is taking the lead in the hybrid cars market.
 
Ahh...looked it up...Fiat wanted to purchase GM....looks like they never did...this is from 2009...can't find specific date though..
 
Fiat Group confirmed Sunday that it is in talks to buy General Motors' European operations, in a move that, combined with its planned takeover of Chrysler, would form one of the world's biggest car and truck makers.
 
The new auto manufacturer would have $105 billion in annual revenue, Fiat said in a statement.
Fiat said it is evaluating the possible spinoff of its auto business to form the core of the new company. Fiat Group Automobiles includes the Fiat, Alfa Romeo and Ferrari brands.
 
The statement was issued on the eve of a meeting in Berlin between Fiat Group CEO Sergio Marchionne and the German economy and foreign ministers to discuss Fiat's offer for GM's German unit, Opel.
 
GM Europe also includes the British company Vauxhall and the Swedish carmaker Saab.
 
GM has been trying to find investors for its noncore and unprofitable assets as part of a restructuring in which it has sought billions of dollars in aid from the U.S. government to avert collapse.
 
 
It is really difficult to see what happened to GM in the EU though.  We purchased an Opel in 1977 but it wasn't EU made at the time. 
 
Main wiki page shows: Founded April 4, 1986, defunct 2010, 14 manufacturing facilities, Headquarted in Zurich Switzerland, defunct 2010 with successor being Opel group.
 
General Motors entered the European market only three years after the company's foundation in 1908. This involved the construction of Chevrolet cars in Denmark in 1923 and Belgium in 1925. This involvement was greatly expanded by the acquisitions of Vauxhall in 1925 and Opel in Germany in 1929. Originally both Opel and Vauxhall had operated independently of each other with totally separate product lines and were direct competitors outside of each other's home markets.
 
Following the 2008 global financial crisis, and GM's plunge towards bankruptcy, on May 30, 2009, it was announced that a deal had been reached to transfer New Opel (Opel plus Vauxhall, minus Saab) assets to a separate company, controlled by a trustee.

The deal, underwritten by the German Government, was negotiated by German Chancellor Angela Merkel. GM was expected to keep a 35% minority stake in the new company, Opel staff 10%, with a plan which proposed to sell the majority of the business to one of two partners:

1 - FIAT
2 - A consortium majority-owned by a Sberbank of Russia (35%), Magna International of Canada (20%), and Opel employees and car dealers (10%)

 
On June 1, 2009, GM filed for bankruptcy in a court in New York. As the sale of Opel has been negotiated two days before, with the preferred bidder the Magna consortia, both companies were in effect ring-fenced from any GM asset liquidation.  Magna stated that their plans for Opel included attracting GM or third-party carmakers to build their cars and electric vehicles in Antwerp.  If Opel needed to reduce production of its own core models then any unused capacity could be used to manufacture vehicles for other carmakers. Inside sources close to Magna revealed that some of the possible third party carmakers include Ford and PSA Peugeot Citroen.

However, negotiations broke down with Magna over details, particularly the sale of intellectual property rights and distribution of all future GM products in the former Soviet Union.

On June 11, 2009 a letter of intent was signed by GM to sell Saab to Koenigsegg.

GM announced that final bids were to be placed with them by July 20, which resulted in three bidders:

1 - Magna, still backed by Sberbank, had made a last-minute change to its bid in order to placate concerns about its Russian partner's influence. This would result in both partners having a 27.5% share in the new company, with GM retaining 35%
2 - Belgian-based investor RHJ International
3 - China's Beijing Automotive Industries - disqualified over "intellectual property issues" a few days later.

Towards the end of August 2009 there were doubts over whether a sale of Opel would actually go ahead, though a German government official later revealed that talks were continuing. This was followed by RHJ International raising its bid for Opel to €300m from €275m.

On 10 September 2009, GM agreed to sell a 55% stake in the German brand Opel to the Magna group with the approval of the German government. With this move, Magna Chairman Frank Stronach aims to take Magna from its current role as a parts supplier to an expanded role as a global automaker that ranks “amongst the leaders in selling and building electric cars.” However, on 3 November 2009 the GM board called off the Magna deal after coming to the conclusion that Opel was crucial to GM's global strategy.

With ongoing restructuring plans Opel announced the closure of its Antwerp plant in Belgium.

 
Some Fiat news yesterday
 
July 23, 2015 - 8:49 am ET
 
NEW YORK (Bloomberg) -- Fiat Chrysler Automobiles NV's plan to raise money by spinning off Ferrari took a step forward with the automaker filing for the unit's initial public offering on the New York Stock Exchange.
Fiat Chrysler, which has estimated the supercar division's value at more than $11 billion, plans to complete the separation in early 2016, the Italian-American manufacturer said in a filing with the U.S. Securities and Exchange Commission.
 
After the separation, joint cash-management arrangements will end and Ferrari will handle finances on its own.
 
The share sale is part of CEO Sergio Marchionne's strategy to raise about $5 billion to cut debt and help fund a 48 billion-euro ($53 billion) investment program that focuses on expanding the Jeep, Alfa Romeo and Maserati brands globally.
 
"Fiat Chrysler needs the money, but will Ferrari stock perform like a Ferrari?" said Erik Gordon, a law professor at the University of Michigan's business school. "There may be a bit of glamor in owning a Ferrari or, for some, a Ferrari t- shirt, but it is hard to show off a share of Ferrari stock."
 
 
Fiat Chrysler has said the Maranello, Italy-based unit is worth "at least" 10 billion euros, equivalent to more than half the parent company's market value.
 
 
Ferrari's sales rose 0.2 percent to 621 million euros in the first quarter. Net income jumped 20 percent to 65 million euros, according to the filing. As part of the separation from the parent carmaker, Ferrari will be listed as a holding company registered in the Netherlands.
 
Marchionne used the same strategy last year when he led the merger of Fiat with Chrysler to form London-based Fiat Chrysler. UBS AG, Bank of America Corp.'s Merrill Lynch and Banco Santander SA are the joint bookrunners for the listing. UBS is sole global coordinator.
 
One more bit of news today Friday the 24th of July, 2015
 
From Gizmodo
Chrysler Recalls 1.4 Million Cars Because Hackers Can Hijack Them
Kate Knibbs
Filed to: Hacks: 7/24/15 12:24 PM
Local Chicago here is 12:14 PM

If you own a newer Jeep Grand Cherokee or Dodge Durango, you will want to check this out: Fiat Chrysler Automobiles is recalling 1.4 million cars due to a security flaw that leaves the vehicles vulnerable to complete takeovers from hackers.

Yes, over a million popular cars can be commandeered by hackers from thousands of miles away.

This is a response to a Wired investigation demonstrated how hackers can exploit a security hole in the UConnect software installed in many of the company’s popular new models. The software has a flaw can be used to take control over the vehicles, cutting transmission and endangering/scaring the bejeezus out of the people in the car.

    Affected are certain vehicles equipped with 8.4-inch touchscreens among the following populations:

        2013-2015 MY Dodge Viper specialty vehicles
        2013-2015 Ram 1500, 2500 and 3500 pickups
        2013-2015 Ram 3500, 4500, 5500 Chassis Cabs
        2014-2015 Jeep Grand Cherokee and Cherokee SUVs
        2014-2015 Dodge Durango SUVs
        2015 MY Chrysler 200, Chrysler 300 and Dodge Charger sedans
        2015 Dodge Challenger sports coupes

 
Geez...started this post on Tuesday, July 21, 2015 and today is Friday, July 24, 2015. 
 
I did not mean to drag this post out until today. Yesterday I did write that I was finishing the OP.
 
Here deleted my personal take on history in general and how often it repeats itself....and no one ever pays attention anyways....
 
Some old and new news and wondering on what folks here think about this and that.
 
May 23, 2015 - (Reuters)
 
(Reuters) - As part of his quest for a mega merger, Fiat Chrysler Automobiles Chief Executive Sergio Marchionne sent an email to General Motors Chief Executive Officer Mary Barra in March suggesting combining the automakers but was rebuffed, the New York Times reported on Saturday.
 
June 8, 2015 -  (WSJ) - Chrysler Boss Recruits Activists to Prod GM Into a Merger ...

Sergio Marchionne, chief executive of Fiat Chrysler, believes GM and its ... to pay $2 billion to get out of an obligation to buy Fiat's ailing auto business. ... “We are not suggesting that activism cannot offer much needed ...
 
Jun. 17, 2015, 5:17 PM - (Business Insider)
 

LONDON/MILAN/DETROIT (Reuters) - General Motors and Fiat Chrysler Automobiles (FCA) have turned to investment banks for help to deal with a stand-off as FCA seeks to force a merger with its Detroit-based rival, according to sources familiar with the matter.
 
GM is being advised by Goldman Sachs, while FCA is working with UBS on the matter, several sources said, with one adding that Morgan Stanley was also working with GM.
 
August 31, 2015 8:04 a.m. EDT  - (Detroit Free Press)
 
Sergio Marchionne, CEO of Fiat Chrysler Automobiles, is taking another swing at trying to promote the idea of a merger with General Motors.
 
Marchoinne, in a story published Sunday evening by Automotive News, asserts that a merger between the two automakers could generate up to $30 billion annually in earnings before taxes.
 
The idea isn't new, but Marchionne's estimates of potential profits and his forceful tone are. The outspoken CEO sent GM CEO Mary Barra an email earlier this year outlining his idea for a merger of the two automakers and the reasons it makes sense. Since then, Barra has said both publicly and privately the Detroit automaker has no interest in exploring the idea.
 
Marchionne stopped short of saying he is pursuing a hostile deal with GM but said the automaker's board and executives cannot avoid a discussion of the potential cost savings.
 
"Not hostile," he told the publication.
 
"There are varying degrees of hugs.  I can hug you nicely, I can hug you tightly, I can hug you like a bear, I can really hug you.
 
Everything starts with physical contact. Then it can degrade, but it starts with physical contact."
 
Got me thinking about the phrase "All Is Fair in Love and War" (1579)
 
The earliest known origin of the sentiment "all is fair in love in war" is found in poet John Lyly's novel "Euphues: The Anatomy of Wit," published in 1579.
 
History always seems to repeat for whatever reasons; imagine AI in the future well then also a some abstract thoughts of a bootstrap parodox. (casual loop).
 
Unrelated but in the computer world......
 
"When software source code is reused in new software development, the old code is often called legacy code."
 
Interesting to watch GM stock ticking up or down relative to this stuff...I personally like the quote about hugs.....

 
What do you folks think about this?
 
Back
Top