A new feature for you–this may become regular if a) you tell me you love it and b) it doesn’t cause my day to go into instant meltdown.

From Kable, news that the DTI has $4 million available for research projects aimed at reducing human error, which the DTI claims is the largest risk to IT security. It cited the results of a survey it conducted, involving over 1,800 people, on the use of passwords. It found that:

just over one third recorded their password or security information by either writing it down or storing it somewhere on their computer;
nearly two thirds never changed their password; and
one in five people used the same password for non-banking websites as well as their online bank.

Brer Fox, allow me to point out the luxurious accoutrements of the henhouse we’d like you to guard: Also via Kable, news that the Ministry of Defence has awarded Logica CMG a contract to help the MOD improve… their… IT… procurement skills. I guess the headline justifies the project… if not the winner.

In the subtle erosion department, news that a pilot scheme with Consumer Direct is going to give the police access to consumer complaints in an attempt to ‘fight doorstop crime.’ I wonder what their recorded message will say. ‘Your call may be monitored by the police for quality reasons.’

Oh–well that’s okay, then. The Home Office has said other EU countries will not have full access to the National DNA Database (NDNAD).

Can we get an early look? The CSIA (proud sponsors of this weblog and associated wiki) is preparing a strategy document at making information assurance issues a part of the normal business agenda for boards of directors.

If you’re too old fogeyish to transact over the internet, you’re too old to drive? The DVLA wants to drive (sorry) people to use electronic vehicle licensing on their website. They have 30% usage now, short term plans to get to 60% and long term plans for 80%. They claim they’re one of the biggest e-tailers in the country; ‘bigger than Tesco.’ But I think their Club points system might be a bit different.

From Risks Digest, news that in the U.S. the 21st lawsuit has been filed over the exposure of 45 million credit/debit cards to fraud by TJX Companies. From my brief experience with email marketing, you could value each of those card information packets at up to £100 each for legitimate purposes. Hmm.

Will they read it while they block it? AT&T wants to monitor network traffic in an attempt to block pirated content.

From Light Blue Torchpaper, two interesting posts–the first a look at phishing which actually recommends a solution and the second another account of reading sampled traffic–this is more disturbing, as I’m sure that AT&T will get theirs wrong.

If you want more posts like this, tell me in the comments! This took 38 minutes, and didn’t cover one third of the sites I wanted to look at.