Posts

Tesla Patches Faster than Chrysler … and than Android [UPDATED]

Wired’s hack-of-the-day story reports that researchers hacked a Tesla (unlike the Chrysler hack, it required access to the vehicle once, though the Tesla also has a browser vulnerability that might not require direct access).

Two researchers have found that they could plug their laptop into a network cable behind a Model S’ driver’s-side dashboard, start the car with a software command, and drive it. They could also plant a remote-access Trojan on the Model S’ network while they had physical access, then later remotely cut its engine while someone else was driving.

The story notes how much more proactive Tesla was in patching this problem than Chrysler was.

The researchers found six vulnerabilities in the Tesla car and worked with the company for several weeks to develop fixes for some of them. Tesla distributed a patch to every Model S on the road on Wednesday. Unlike Fiat Chrysler, which recently had to issue a recall for 1.4 million cars and mail updates to users on a USB stick to fix vulnerabilities found in its cars, Tesla has the ability to quickly and remotely deliver software updates to its vehicles. Car owners only have to click “yes” when they see a prompt asking if they want to install the upgrade.

In my understanding, Tesla was able to do this both because it responded right away to implement the fix, and because it had the technical ability to distribute the update in such a way that was usable for end users. Chrysler deserves criticism for the former (though at least according to Chrysler, it did start to work on a fix right away, it just didn’t implement it), but the latter is a problem that will take some effort to fix.

Which is one reason I think a better comparison with Tesla’s quick fix is Google’s delayed fix for the Stagefright vulnerability. As the researcher who found it explained, Google address the vulnerability internally immediately, just like Tesla did.

Google has moved quickly to reassure Android users following the announcement of a number of serious vulnerabilities.

The Google Stagefright Media Playback Engine Multiple Remote Code Execution Vulnerabilitiesallow an attacker to send a media file over a MMS message targeting the device’s media playback engine, Stagefright, which is responsible for processing several popular media formats.

Attackers can steal data from infected phones, as well as hijacking the microphone and camera.

Android is currently the most popular mobile operating system in the world — meaning that hundreds of millions of people with a smartphone running Android 2.2 or newer could be at risk.

Joshua Drake, mobile security expert with Zimperium, reports

A fully weaponized successful attack could even delete the message before you see it. You will only see the notification…Unlike spear-phishing, where the victim needs to open a PDF file or a link sent by the attacker, this vulnerability can be triggered while you sleep. Before you wake up, the attacker will remove any signs of the device being compromised and you will continue your day as usual – with a trojaned phone.

Zimperium say that “Google acted promptly and applied the patches to internal code branches within 48 hours, but unfortunately that’s only the beginning of what will be a very lengthy process of update deployment.”

But with Android the updates need to go through manufacturers, which creates a delay — especially given fairly crummy updating regimes by a number of top manufacturers.

The experience with this particular vulnerability may finally be pushing Android-based manufacturers to fix their update process.

It’s been 10 days since Zimperium’s Joshua Drake revealed a new Android vulnerabilitycalled Stagefright — and Android is just starting to recover. The bug allows an attacker to remotely execute code through a phony multimedia text message, in many cases without the user even seeing the message itself. Google has had months to write a patch and already had one ready when the bug was announced, but as expected, getting the patch through manufacturers and carriers was complicated and difficult.

But then, something unexpected happened: the much-maligned Android update system started to work. Samsung, HTC, LG, Sony and Android One have already announced pending patches for the bug, along with a device-specific patch for the Alcatel Idol 3. In Samsung’s case, the shift has kicked off an aggressive new security policy that will deploy patches month by month, an example that’s expected to inspire other manufacturers to follow suit. Google has announced a similar program for its own Nexus phones. Stagefright seems to have scared manufacturers and carriers into action, and as it turns out, this fragmented ecosystem still has lots of ways to protect itself.

I make this comparison for two reasons. One, if Google — the customers of which have the hypothetical ability to send out remote patches, even if they’ve long neglected that ability — still doesn’t have this fixed, it’s unsurprising that Chrysler doesn’t yet.

But some of the additional challenges that Chrysler has that Tesla has fewer of stem from the fragmented industry. Chrysler’s own timeline of its vulnerability describes a “third party” discovering the vulnerability (not the hackers), and a “supplier” fixing it.

In January 2014, through a penetration test conducted by a third party, FCA US LLC (“FCA US”) identified a potential security vulnerability pertaining to certain vehicles equipped with RA3 or RA4 radios.

A communications port was unintentionally left in an open condition allowing it to listen to and accept commands from unauthenticated sources. Additionally, the radio firewall rules were widely open by default which allowed external devices to communicate with the radio. To date, no instances related to this vulnerability have been reported or observed, except in a research setting.

The supplier began to work on security improvements immediately after the penetration testing results were known in January 2014.

But it’s completely unclear whether that “third party” is the “supplier” in question. Which means it’s unclear whether this was found in the supplier’s normal testing process or in something else.

One reason cars are particularly difficult to test are because so many different suppliers provide parts which don’t get tested (or even adequately specced) in an integrated fashion.

Then, if you need to fix something you can’t send out over a satellite or Internet network, you’re dealing with the — in many cases — archaic relationships car makers have with dealers, not to mention the limitations of dealer staff and equipment to make the fix.

I don’t mean to excuse the automotive industry — they’re going to have to fix these problems (and the same problems lie behind fixing some of the defects tied to code that doesn’t stem from hacks, too, such as Toyota’s sudden acceleration problem).

It’s worth noting, however, how simplified supply and delivery chains make fixing a problem a lot easier for Tesla than it is for a number of other entities, both in and outside of the tech industry.

UPDATE — 4:30 PM EDT —

Hey, it’s Rayne here, adding my countervailing two cents (bitcoins?) to the topic after Marcy and I exchanged a few emails about this topic. I have a slightly different take on the situation since I’ve done competitive intelligence work in software, including open source models like Android.

Comparing Fiat Chrysler’s and Google’s Android risks, the size and scale of the exposures are a hell of a lot different. There are far more Android devices exposed than Chrysler car models at risk — +1 billion Android devices shipped annually around the globe as of 4Q2014.

Hell, daily activations of Android devices in 2013 were 1.2 million devices per day — roughly the same number as all the exposed Chrysler vehicles on the road, subject to recall.

Google should have a much greater sense of urgency here due to the size of the problem.

Yet chances of a malware attack on an Android device actually causing immediate mortal threat to one or more persons is very low, compared to severity of Chrysler hack. Could a hacker tinker with household appliances attached via Android? It’s possible — but any outcome now is very different from a hacker taking over and shutting down a vehicle operating at high speed in heavy traffic, versus shutting off a Phillips remote-controlled Hue lamp or a Google Nest thermostat, operating in the Internet of Things. The disparity in annoyance versus potential lethality may explain why Google hasn’t acted as fast as Tesla — but it doesn’t explain at all why Chrysler didn’t handle announcing their vulnerability differently. Why did they wait nearly a year to discuss it in public? Read more

Was Chrysler’s Vehicle Hacking Risk an SEC Disclosure Reportable Event?

[photo: K2D2vaca via Flickr]

[photo: K2D2vaca via Flickr]

Remember the data breach at JPMorgan Chase, exposing 76 million accounts to “hack-mapping“? Last October, JPMorgan Chase publicly disclosed the intrusion and exposure to investors in an 8-K filing with the Securities and Exchange Commission. The statement complied with the SEC’s CF Disclosure Guidance: Topic No. 2 – Cybersecurity.

Other companies whose customers’ data have been exposed also disclosed breaches in 8-Ks, including Target, TJX Companies, Heartland Payment, EMC and Google. (Firms NASDAQ, Citigroup and Amazon have not.)

Disclosure of known cybersecurity threats or attacks with potential material risks allows investors to make informed decisions. Stock share pricing will fluctuate and reflect the true market value once risk has been factored by investors — and not remain artificially high.

Fiat Chrysler America (FCA; NYSE:FCAU) has known for nearly a year about the risk that Chrysler vehicles could be hacked remotely, according to Fortune magazine Thursday.

Yet to date no filing with the SEC has been made, disclosing this specific cyber risk to investors, customers, and the public.

The SEC’s Disclosure Guidance, though, is just that — guidance. There aren’t any firm rules yet in place, and the guidance itself was published in October 2011. A lot has happened and changed about technology and cybersecurity risks since then; the guidance has not reflected the increasing threats and attacks to business’ data.

Nor does the SEC’s guidance distinguish between cybersecurity threats to service products (like banking services), versus hardlines or manufactured goods (like automobiles which offer software as an additional, non-essential feature). The software industry’s chronic security patching confuses any distinction; should software companies likewise include all security patches in their SEC filings, or continue as they have without doing so? It’s easy to see how revelations about Adobe Flash after Hacking Team was hacked have materially hurt Adobe and all companies relying on Flash — yet Adobe hasn’t released a statement at its website. (Only a statement addressing the 2013 threat to customer accounts is posted.)

Are financial services firms any more obligated than software firms? Are automobile companies, which claim ownership of on-board software, any more obligated than software companies? Read more

Government Teat-Sucking Bankster, Steven Rattner, Calls Auto Bailout “Un-American”

I’m sure someone thought it was a good idea to trot out Steven Rattner to spin the government’s announced plan to sell its GM stake.

But I don’t know how anyone thought a bankster–and particularly this bankster–could say this and still wield any credibility.

From Washington’s point of view, divesting its remaining shares will end an uncomfortable and distinctly un-American period of government ownership in a major industrial company.

Sure. Rattner places this sentiment in “Washington’s point of view.” Still, consider the messenger.

After all, he barely mentions here–as he did in his book–that this was not just a bailout of some industrial companies. It was also a bailout of two finance companies, Chrysler Finance and GMAC (he mentions that the government still owns Ally/GMAC, but still calls the scorecard, “nearly complete”). As such, it was also the bailout of the Private Equity firm, Cerberus, that had spent the previous years stripping Chrysler in the hopes of retaining just the finance arms.

He also neglects to mention that the government still pursues the un-American policy of treating banks according to a different set of rules, not only providing them free money, but seemingly exempting them from all laws.

Finally, he shows no self-awareness of his own history, including paying kickbacks so his firm could make big money off of New York State (for which he, like all banksters, got a mere wrist-slap).

I’m not saying the government should hold onto its GM stake forever (though unlike Rattner, executive compensation is the last reason I’d cite to applaud this sale). But having someone like Rattner call government intervention in purportedly capitalist companies un-American only perpetuates the idea that industrial companies should have to abide by so-called rules of capitalism that the titans of capitalism, the banksters, have all but discarded.

Why Does Mitt Hate Profit?

[I posted substantially this post yesterday, but the BlogGods ate it along the way. So I’m reposting.]

Along with the deceitful attack on Italians who make better car company owners than GOP Private Equity types and the Lee Iacocca spin, Mitt has rolled out a radio version of attack on the auto bailout. From Greg Sargent, here’s part of the script:

Barack Obama says he saved the auto industry. But for who? Ohio, or China? Under President Obama, GM cut 15,000 American jobs. But they are planning to double the number of cars built in China — which means 15,000 more jobs for China.

And now comes word that Chrysler plans to start making jeeps in — you guessed it — China. What happened to the promises made to autoworkers in Toledo and throughout Ohio — the same hard-working men and women who were told that Obama’s auto bailout would help them?

The ad continues Mitt’s deceptive insinuation that GM and Chrysler aren’t also adding jobs in the US, which they are doing.

But it does something else. It takes a decidedly anti-profit stance.

You see, there are two reasons car companies are so gung-ho to enter (or re-enter, in the case of Jeep) the Chinese market. First, because it’s growing; when I was working in China, auto people considered the rising Chinese middle class to be 300 million–almost an entire US full of population. And most of them were just aspiring to buy their first car. That’s a whole lot of first time car buyers to sell to, as compared to US consumers, who are driving less and replacing their cars at a slower pace given more durable cars.

The other reason to go to China? Profit margins are bigger there than here. When I was in Shanghai in the mid-2000s, the profit margin on Buick Regals was about $2,000, as compared to the roughly $200 profit margin on a similar car here. The margins are closer now (because manufacturing in the US has gotten cheaper and in China has gotten more expensive), but China still offers good profit margins. Selling Buick Regals or Jeeps in China allows GM and Chrysler to accept lower margins on cars here.

By selling high margin cars in China, US companies can be more competitive here, meaning they will be able to expand sales and therefore production here, too.

All this is implicit in Sergio Marchionne’s response to Mitt’s ignorant rantings.

Together, we are working to establish a global enterprise and previously announced our intent to return Jeep production to China, the world’s largest auto market, in order to satisfy local market demand, which would not otherwise be accessible. Chrysler Group is interested in expanding the customer base for our award-winning Jeep vehicles, which can only be done by establishing local production. This will ultimately help bolster the Jeep brand,and solidify the resilience of U.S. jobs.

Marchionne notes 1) you can’t sell in China unless you build in China, 2) selling in China makes the Jeep brand stronger, 3) making the Jeep brand (and its profit margins) stronger makes it easier to keep up US production.

Marchionne’s implicit point should be where this discussion is heading: free trade hasn’t worked out to be fair trade. China–and Japan and Korea–still protect their markets, meaning if you want to sell there, you’ve got to make cars there.

Mitt has promised to get tough on China. But his series of auto ads have made no mention–not a peep!–of how he’ll reverse this practice and make it possible for Jeep to export cars made in Toledo. Indeed, when Obama launched a trade dispute over auto parts in September, Mitt scoffed at the effort (and ignored Obama’s decent and sustained effort launching trade disputes, one of which pertaining to specialty steel recently won at the WTO).

“The president may think that announcing new trade lawsuits less than two months before the election will distract from his record, but American businesses and workers struggling on an uneven playing field know better,” Mr. Romney said in a speech to the Hispanic Chamber of Commerce in Los Angeles.

Mitt Romney wants to attack American companies for going where profits are. And he’s doing so without discussing why that’s necessary.

That makes him neither a tough guy nor a good businessman.

Lee Iacocca: Mitt Will Make It Easier for Auto Companies to Evade Taxes on Cars Built in China

As part of its effort to pretend that Mitt would be good for the auto industry, the campaign had Lee Iacocca sum up why Mitt would be good for the auto industry.

The first paragraph of specifics reads:

When Mitt Romney is president, he will reduce our nation’s corporate tax rate to 25 percent from 35 percent – currently the highest combined tax rate in the industrial world – so that American car companies can compete on a level playing field at home and abroad. He will also stop the extra tax automakers are forced to pay when they want to bring home their profits to reinvest in the United States.  President Obama could have done this the day he took office since his party controlled both houses of Congress, but he chose not to. [my emphasis]

Obama, of course, has a tax credit specifically for manufacturing companies, meaning under Obama the auto companies would pay less than under Mitt.

But the other part–particularly against Mitt’s egregious claims that the auto bailout has helped Chrysler and GM move production overseas–is even more ridiculous.

Iacocca says Mitt would be better for the auto companies because he’d allow the auto companies to repatriate profits from overseas without paying taxes.

But that assumes, of course, they’re making profits overseas. It would mean they were doing precisely the thing Mitt is attacking–moving into new markets, like China.

So on the same day Mitt attacks Chrysler and GM for making and selling cars in China, generating greater profit it can use to support workers here, his campaign sends out a post boasting that Mitt would require Chrysler and GM to contribute less domestically on the profits they made by making and selling cars in China.

 

Italian Automaker Brings about Chrysler Success after GOP Private Equity Failure

I’ve been a bit tardy in responding to Mitt’s latest cynical ploy, to pretend that rather than expanding production and jobs in both OH and MI, Chrysler is outsourcing production to China.

The Detroit News’ David Shepardson has a good fact check on Mitt’s latest ad here. Greg Sargent rounds of OH papers mocking Mitt’s claims here.

But there’s an angle on Mitt’s claims that has been missed. His ad says,

Obama … sold Chrysler to Italians who are going to build Jeeps, in China.

As Shepardson notes, Chrysler used to build Jeeps in China for the Chinese market. Ford builds cars in China for the Chinese market. GM builds cars in China for the Chinese market (GM also exports Chinese-built subcompacts to Latin America). Chrysler’s return to the world’s largest car market is smart business, something any viable global brand needs to do.

If it’s a moral failing for Presidents to preside over private car companies trying to compete in China, then Mitt has a problem with St. Reagan, during whose Administration Jeep first made groundbreaking entries into the Chinese market.

And if Mitt has a problem with Chrysler (or Ford or GM) building cars in China to sell in China, then he had better prepare to get far tougher with China than he has threatened to do so far. China still slaps huge tariffs on cars made outside of the country, so to be viable in the world’s largest automotive market, you have to build in China. That is the crux of the argument American car companies (and Midwestern politicians) have been making for decades: while the US allows imports from all countries, Japan and Korea and now China make it very difficult to export to those countries. This is not fair trade.

But I’m most offended by Mitt’s insinuation that selling Chrysler to an Italian company–he doesn’t mention Fiat by name–was disloyal.

Recall Chrysler’s recent history. Chrysler’s most recent strong point was the early 2000s, when it succeeded in developing nifty (albeit gimmicky) cars with shortened development cycles (think PT Cruiser). But as Daimler took more control over Chrysler, it invested less in the brand. GOP Private Equity firm Cerberus bought its first 80% of the company in 2007 and picked up the rest in 2009.

Cerberus had no intention of bringing Chrysler back to its former strength. Rather, it wanted to strip out the finance side of the company (it was investing in GMAC at the same time) and sell off the rest. But with the impending financial crisis, it never managed to pull off the trick (though it did get a bank bailout in the very last days of the Bush Administration). Meanwhile, it virtually put the Chrysler model development on autopilot while it tried to find a way to cut its losses.

Thus, when it came time for bailouts, there didn’t seem much to bail out at Chrysler. Unlike GM, which really had started making a turnaround, Chrysler had no product in the pipeline to suggest it would be worth bailing out (though it did have a few super efficient factories in the US).

Choosing to bailout Chrysler was the most difficult decision Obama made during the auto bailout. I’m not even sure I would have chosen to bail it out. And it was difficult precisely because a bunch of Republican vulture capitalist types–people like former VP Dan Quayle and former Treasury Secretary John Snow–had stripped the company.

[youtube]SKL254Y_jtc[/youtube]

In came Fiat and its Steve Jobs-like CEO Sergio Marchionne. Read more

Mitt Advocates Taking Healthcare from Retirees to Give Money to Bailed Out Banks

Someone gave Mitt Romney a shovel just in time to dig shit snow in MI for the next two weeks. There’s a lot that is fact-impaired in this op-ed doubling down on the “let GM go bankrupt” (starting with the lack of funding for a bankruptcy, meaning a managed bankruptcy was impossible).

By the spring of 2009, instead of the free market doing what it does best, we got a major taste of crony capitalism, Obama-style.

Thus, the outcome of the managed bankruptcy proceedings was dictated by the terms of the bailout. Chrysler’s “secured creditors,” who in the normal course of affairs should have been first in line for compensation, were given short shrift, while at the same time, the UAWs’ union-boss-controlled trust fund received a 55 percent stake in the firm.

He’s complaining, of course, that VEBA (the trust fund run by professionals that allowed the auto companies to spin off contractual obligations–retiree healthcare–to the unions) got a stake in Chrysler while Chrysler’s secured creditors took a haircut.

So, in part, he’s basically complaining that the bailout preserved the healthcare a bunch of 55+ year old blue collar workers were promised. He’s pissed they got to keep their healthcare.

He’s also complaining that banks took a haircut, as would happen in any managed bankruptcy.

But it’s more than that. He’s complaining that a bunch of banks that themselves had been bailed out had to take a haircut. He’s complaining, for example, that JP Morgan Chase, Chrysler’s largest creditor at the time and the recipient, itself, of $68.6B in bailout loans, had to take a haircut on $2B in loans to Chrysler.

Mitt’s op-ed makes him sound a lot like Jimmy Lee, Chase’s top negotiator on the auto bailout, who,

demanded to know why, if the government thought banks important enough to give them tens of billions in TARP money, it wanted to squeeze them on [the Chrysler] deal.

I guess Mitt, too, thinks the banks are so important they should take precedence over retiree healthcare, too.

But as the kind of bankster who, at Bain, relied on government subsidies to fund his “restructurings” that ended up taking people’s jobs and healthcare, that’s not all that surprising.

Still, the UAW retirees who still have healthcare today instead of Jamie Dimon having another yacht probably don’t feel the same way as Mitt does.

Chrysler’s Halftime Lesson: Government Investment for America’s Rebound

[youtube]pGMOhOYvcw4[/youtube]

Once again, Chrysler had one of the best ads in yesterday’s Super Bowl, once again using the aesthetic of Detroit disaster porn to offer gritty inspiration. And while it’s not as good as the Eminem version last year, it might appeal to Chrysler’s target market even more, as it generalizes the uncertainty so many people feel.

I was struck by an irony at the core of the ad, though. Eminem really does embody Detroit. Clint Eastwood, in contrast, has no such personal tie to the city. And while his gritty voice works great for the ad. His delivery of, “This country can’t be knocked out with one punch” perfectly caught his performed toughness (it reminded me of his Million Dollar Baby, which I loved).

The one other reason to choose Eastwood for this ad, it seems to me, is the role he played as Walt Kowalski in his Gran Torino. That guy, an old Korean war vet struggling with the increasing diversity of his lifetime neighborhood, did embody Detroit, as much as Eminem does.

Yet, as written, Kowalski was not a lifetime Detroiter. Rather, screenwriter Nick Schenk based him on a bunch of veterans he met while working in a liquor store in his native Twin Cities. (h/t Wizardkitten)

“And in all of those jobs, especially in the liquor store, I would meet a lot of guys who were vets,” he said.

Schenk recalls asking customers with military tattoos about where and when they served.

“Little by little, as they came in every day for their bottle of ‘medicine,’ they’d tell you a little bit more,” he said.

“If you were respectful — I think everyone wants to get stuff off their chest, and they’re not going to tell their wives, they’re not going to tell their kids — and so if they can find an outlet to dump it out off on, that was me. I had a lot of guys telling me stories for years,” he said.

Those experiences helped him shape the character of Walt Kowalski, a Korean War veteran played by Clint Eastwood.

And the Hmong community was based on the Twin Cities’ sizable Hmong community.

Gran Torino, that tale of troubled old America coming into conflict with, and learning to love, the future of America, was shot in Detroit rather than the Twin Cities because of government intervention. The film was shot during the period when film credits offered under Jennifer Granholm and cut under Rick Snyder brought lots of new, creative jobs to MI; it was one of the first big films to be shot using the credits. Walt Kowalski was a native Detroiter only because MI invested in making him one.

And so Clint Eastwood, that Bay Area native who told a story about the Twin Cities but set it in Detroit, generalized the Detroit-specific ad about resilience from last year. But both the invocation of the Chrysler bailout and the use of Eastwood remind that rebounds work best when governments invest.

One more detail: this story–as told by Chrysler–leaves out a key part of the story. As John Nichols reported this morning, Chrysler specifically edited unions out of this story.

At the fifty-second point in the ad, images from last year’s mass pro-union protests in Madison, Wisconsin, were featured.

But something was missing: union signs.

The images from Madison appear to have been taken from a historic video by Matt Wisniewski, a Madison photographer whose chronicling of the protests drew international attention and praise. Wisniewski’s work went viral, and was even featured in a video by rocker Tom Morello.

Wisniewski’s original video, from an evening rally at the King Street entrance to the Wisconsin Capitol, features images (at the two-minute, seventeen-second mark) of signs raised by members of Madison Teachers Inc. (MTI), the local education union that played a pivotal role in the protests. One sign features the MTI logo, another reads: “Care About Educators Like They Care for Your Child.”

In the Chrysler ad, the MTI logo is missing and the “Care About Educators…” sign is replaced with one featuring an image of an alarm clock. Several other union signs are simply whited out.

It’s an incomplete picture, because government support is not enough to bring on America’s second half. But it is a key part of it.

Update: Karl Rove hates it. Always a good sign, in my book.

Obama Administration Finally Brags about Jobs Created in Auto Bailout

The Obama Administration was gung ho to brag about the GM IPO last year. But if I’m not mistaken, this is the first time the White House has bragged nationally about jobs created thanks to the auto bailout (Ron Bloom, who got promoted into an official Assistant to the President role at the beginning of the year, wrote this).

Today brings word of more good news for the American auto industry. GM announced that it would hire 4,200 workers at seventeen of its plants around the country.

President Obama took office amidst the worst recession in a generation and nowhere was this devastion [sic] felt harder than in the American auto industry and the communities it has supported for decades. In the year before GM and Chrysler filed for bankruptcy, the auto industry shed over 400,000 jobs.

Facing this situation head on, the President made a bold and, at the time, politically unpopular choice: Despite calls from critics to simply let these companies – and the entire American auto industry – crumble, he refused to allow these companies to fail. Had the Administration failed to intervene, conservative estimates suggest that it would have cost at least an additional one million jobs and devastated vast parts of our nation’s industrial heartland.

But at the same time, the President did not provide unconditional support.  He insisted that the companies and their stakeholders make tough choices and undertake massive restructurings requiring huge sacrifices from all of their stakeholders.

Because of this “tough love,” the American auto industry is now positioned to grow and prosper as the economy recovers.  Since GM and Chrysler emerged from bankruptcy in June 2009 the auto industry has added 115,000 jobs – the fastest pace of job growth in the auto industry since 1998. Last year, for the first time in 16 years, the Detroit Three actually gained market share compared to their foreign counterparts.

And these companies are not  just making cars and trucks – they’re making the kind of fuel efficient cars and trucks that will power us to energy independence, protect consumers against rising gas prices, and ensure America wins the future.

Some of the workers GM is hiring and re-hiring in today’s announcement will be at work producing larger-than-initially-planned quantities of the widely acclaimed Chevy Volt. And just last month, Ford – which didn’t receive government assistance but which supported our aid to GM and Chrysler and has said publicly that it would not have survived if the rest of the American auto industry had been allowed to collapse – reported its best first-quarter profit in more than a decade thanks in large part to its new fuel-efficient vehicles.

In the wake of an historic recession, there is no doubt that much work remains. And we will not rest until every American who is looking for work can find a job. But today’s announcement is another positive sign – including more than 2 million private sector jobs created over the past 14 months – that we’re seeing across the country.

The comparative silence about the success of the bailout in the terms that really matter to actual people–jobs–not only confirms Main Street suspicions about the White House viewing the economy solely through the lens of the banksters, but it also leads beltway folks like John Dickerson to wonder out loud whether there is anything a President can do to fix the economy (Dickerson must have skipped those weeks when his American history class covered the New Deal).

The effects of the too-small stimulus, though real, are a lot harder to see. But aside from the decade-long Military Industrial Complex stimulus the DC area has enjoyed, the auto bailout and related energy investments was the biggest concentrated stimulus the Administration championed. And it has had an effect, both in hiring at GM and Chrysler, but also in hiring in MI more generally.

It’d be nice if the Administration not only bragged about that, but replicated it for places like Nevada.

Update: John Dickerson corrects me; this July 2010 briefing (a presser leading up to an Obama trip to visit several plants in the MidWest, bragged about jobs created). Thanks to Dickerson for the correction.

Citi’s Fear

I wanted to return to a detail I mentioned in yesterday’s book salon. As I noted, in his book on the auto bailout, Steven Rattner described Citi as being worried during the Chrysler negotiations that retail customers would retaliate if Citi played hard ball.

Bankers for Goldman and Citi had advised [JP Morgan Chase VP and the Chrysler bondholder’s lead negotiator] Jimmy Lee to make the best of a bad situation. Privately they felt his brinksmanship was embarrassing and potentially costly. Citi especially wanted to avoid a liquidation. Its analysis showed it would recover no more than 20 cents on the dollar in that instance. Citi also feared losing business in its branches in states like Michigan and Ohio where consumers might blame it for Chrysler’s demise. (173)

That didn’t make sense to me given that Citi doesn’t have branches in MI and OH; the closest actual branches are in Chicago. Compare that to Chase, which just took over from Comerica as the biggest bank in MI by deposits and was presumably second at the time of the bailout negotiations. Citi should only fear retaliation from consumers elsewhere, in those urban areas that actually have Citi branches, or they should fear retaliation some other way, presumably through their credit card business. I asked Rattner why Citi was worried, but JP Morgan Chase was not, given its much greater involvement in the auto states. He responded, “Yes, they were definitely worried.”

Frankly, I don’t know what to make of this. Given the context of the claim–in which Goldman and Citi are portrayed as talking Jimmy Lee down from a hardass negotiating position–JPMC appears not to have been sufficiently worried to change its behavior. And the Citi claim doesn’t make sense on its face. Perhaps Citi was worried about something else. Perhaps they were just more worried because they were insolvent? There are a few details he pretty clearly got wrong in his book (such as his claim that Nissan’s consideration of a deal with Chrysler was secret), but this seems instead like one of the abundant examples of where Rattner is an unreliable narrator. Rattner chose to portray Citi as worried (and quickly agree the hard-bargaining JPMC was, too), but it’s unclear whether that was really true or just nice spin on the banks.

What Rattner probably didn’t know was that FDL was trying to increase this worry at the time by encouraging people to take their money out of Chase. That was a mostly unsuccessful effort (let me tell you, Chrysler is  no more popular in this country than the big banks) to target the banksters for actions that hurt the communities they’re in.

As unsuccessful as our effort was in terms of numbers, if Rattner-the-unreliable-narrator’s claim has any basis in fact, then our effort to pressure JPMC to behave better worked. Sort of.

Since then, Arianna’s Move Your Money campaign has more successfully advocated for people and institutions to move their money out of the big banks. By April, they claimed $5 billion had been moved. And it does seem like some of the banks are losing market share to smaller banks.

The largest banks in Michigan are losing market share and Chase Bank now has the most deposits in the state, according to new data released Thursday by the Federal Deposit Insurance Corp.

As of June 30, the five biggest banks in Michigan — Chase Bank, Comerica Bank, PNC Bank, Bank of America and Fifth Third Bank — accounted for 55% of all deposits in the state. That’s down from 57.3% on June 30, 2009.

I raise all this because of another interesting discussion about whether consumer action might more effectively target the banks. Via Yves Smith, I found this Playboy article on Edmundo Braverman’s WallStreetOasis.com’s proposal on How to Destroy a Bank (Yup, it appears you have to have a pierced navel and no pubic hair to be a Playboy model these days).

This article set forth a plan for how consumers could destroy one of America’s four largest banks. Customers would deliver a series of escalating threats against Wells Fargo, Bank of America, JPMorgan Chase and Citibank, demanding policy changes. The threats would culminate in a series of flash-mob bank runs that targeted one of the banks.

In a comment in Yves thread, Braverman acknowledged his idea was a thought exercise to take Move Your Money the next step.

The whole thing was inspired by Arianna Huffington’s “Move Your Money” idea. I thought it was a good idea, but not one that would be dramatic enough to produce any changes in the way the banks did business. So I asked myself, “What would have an impact on the banks?” and that’s when I came up with the Tank-A-Bank plan.

It was always just a thought exercise, and never something I advocated.

Yves seems to be thinking more about this; what can consumers do that won’t get them jailed as terrorists but will get us to a point where the finance industry isn’t dragging our country down even while stealing our money in the process?

Read more