Bad security in Taipei

Taipei has deployed a smartcard-based payment system that is open to theft using no more than a $40 card reader and several hours. It's possible to add money to these cards merely by possessing the right software. As the security consultant who demonstrated the exploit remarked, "Using this in the year 2010 as a payment system is ignorant, clueless, and a sign of gross negligence."

How did the government come to make such a boneheaded decision? It seems that the existing EasyCard system, used to make payments for transportation-related services, offered to implement the wider payment system the government wanted. EasyCard, though, was known to be vulnerable to crackers at least three years ago.

According to [security consultant Harald] Welte, researchers from the University of Taiwan wrote a letter protesting the decision, noting the security problems. But early in 2010, the EasyCard system was rolled out on a widespread basis . . .

The Taiwanese government (or the Taipei municipal government; the article isn't clear) either pretended EasyCard wasn't vulnerable but actually knew better, or it genuinely didn't know better. If the government did know better, clearly something shady happened to land EasyCard the concession.

Corrupt or clueless -- which do you prefer?