Austin, Texas discovered its road signs were tampered with only a couple weeks after their vulnerabilities were disclosed, according to the statesman.com:

Someone reprogrammed two city construction road signs near the University of Texas early Monday morning in an attempt to warn Austin of an imminent zombie attack.

Messages that typically alert Lamar Boulevard drivers to a detour for Martin Luther King Jr. Boulevard splashed several warnings like “Caution! Zombies Ahead!” and “Nazi Zombies! Run!!!”

Amusing, but the facts of the case are not as impressive as I had hoped.

Jones, who has one of only two keys to the locked access panels on the portable signs, said that the hacker broke into the panels on each sign and bypassed the passwords before leaving five different zombie messages and even changing one of the passwords. Jones said he had to wait until 8 a.m. to call the manufacturing company to figure out how to override the hacker’s work. He speculated that the hacker could be a computer genius from UT.

Uh huh, a genius. That’s definitely the profile of a person who applies public instructions on how to reprogram a road sign. Note that anyone can reset the password to the default even if it has been changed.

The hacking occurred within weeks of various articles appearing online with descriptions of how to hack into these road signs — which point out that such an act is illegal.

Dennis Crabill, project manager with the Public Works Department, said the access panels are always locked and are not programmed with the default passwords these sites suggest. Short of having a watchman on duty around the clock, he said there is little more the city can do to prevent such vandalism.

Once that stupid reset function has been properly fixed, perhaps stronger passwords? Patches for known vulnerabilities? Maybe a more sophisticated combo/key lock more resistant to cutting, instead of a weak one that requires only a key? How about an alerting system that uses radio or cell to report attempts to break in, or even that the locked panel has been opened? They also could use timed lockouts to prevent brute forcing the password. I guess I could think of a lot of things other than a watchman.

My favorite example so far, of this kind of trespass (hard for me to call it hacking when it comes with instructions), came from MIT last year:

The Deutsche Welle reports on a vetting scandal at the German rail operator.

Peter Schaar, the federal data protection commissioner, said he was appalled by the high number of those who were investigated by the company. “It is complete nonsense when every single conductor falls under general suspicion.”

The screenings took place in 2002 and 2003 when data such as addresses, telephone numbers and banking information was compared with a list of 80,000 companies that do business with Deutsche Bahn. According to those in the committee hearing, out of 173,000 reviews, 100 cases of impropriety turned up.

Stern actually broke the story after it found that Network Deutschland, the company embroiled in last year’s Deutsche Telekom privacy scandal, had also worked with Deutsche Bahn. Expect more privacy regulation in Germany, if not the EU, in response to these stories.

Dark Reading reports:

In January 2007, Oakley contacted the French Embassy and consulates in several U.S. cities to determine the country’s interest in purchasing the nuclear data and equipment, according to the plea agreement. The French government contacted the FBI and set up a sting in which an FBI agent posed as a French government agent.

Hard to imagine why he thought they would not just turn him in to the FBI. Perhaps he thought France was an enemy of the US?

The materials Oakley had tried to sell to a foreign government were, in fact, pieces of equipment known as “barrier” and associated hardware items that play a crucial role in the production of highly enriched uranium — a special nuclear material — through the gaseous diffusion process. In his role as a janitor, Oakley was supposed to have broken up the barrier for disposal. But Oakley says he knew the gaseous diffusion process used in the U.S. is better than the methods currently used in France, and he therefore stole four of the barrier tubes and offered to sell them to French agents.

Interesting to note how educated he was about the quality of the barrier, especially with regard to the French. Did he overhear a conversation, read a brief or just figure it out on his own?

The Deutsche Welle makes light (pun not intended) of an EU decision to sell unwanted security “Nude Scanners”:

[The German interior minister] Schaeuble’s comments eventually led to the start of laboratory tests in Germany in which scientists began working on potential upgrades to the full-body airport screening devices in the hope they would find a way to produce images that do not show passengers naked.

The EU shelved its plans to introduce the scanners around the bloc in November after several were tested in airports around Europe as part of a trial.

EU parliamentarians will now discuss how the scanners in their possession will be sold — and to whom.

Ideas? Perhaps they can be used at a Berlin nightclub.