Documents just released by US Immigration & Customs Enforcement (ICE) in response to one of EFF’s Freedom of Information Act requests show that DHS is considering collecting DNA from kids ages 14 and up—and is exploring expanding its regulations to allow collection from kids younger than that. The proposal appears to be working its way through DHS in the wake of regulations from the Department of Justice that require all federal agencies—including DHS and its components such as ICE—to collect DNA from individuals arrested for federal crimes as well as “from non-United States persons who are detained under the authority of the United States,” whether or not they have been involved in criminal activity. While the law specifically exempts a few classes of “aliens,” the documents we received show DHS may start DNA collection from anyone it fingerprints. Currently, that’s any child over 14 who’s detained, but we also found records that show ICE could lower that age even more.

In the battle to prevent law enforcement from collecting data about the activities of users online for fishing expeditions, there are few tools available in the arsenal of accountholders. Which makes it all the more important for internet companies like Twitter, Google and others to fight back on behalf of users. That’s exactly what Twitter did when it filed a surprisingly feisty motion (.pdf) this week in New York City Criminal Court to quash a court order demanding that it hand over information to law enforcement about one of its account holders — an activist who participated in the Occupy Wall Street protests — as well as Tweets that he allegedly posted to the account over a three-month period. The company stepped in with the motion after the account holder lost his own bid to quash the order.

Yahoo! introduced a new “browser”, Axis, last night, both as a standalone application for iPhone and iPad and as a browser extension on Chrome, Firefox, Internet Explorer and Safari. Axis is meant to offer faster, smarter searching using Yahoo’s services. Within hours of the launch, hacker and blogger Nik Cubrilovic posted on his blog that the Chrome extension came with a worrying extra, a Yahoo private certificate file which was used to sign the extension package and prove the package’s authenticity to the Google browser.

As Ralph Waldo Emerson once surmised, “Build a better mousetrap and the world will beat a path to your door.” Maybe so. Then again, maybe no. I have to say I was equally intrigued and amused by the recent news announced by Artemis introducing a new top-level domain (TLD) that folds in security for Internet member sites from inception. As reported on Decrypted.com, to become a secure “member” in this club you would first submit your organization for screening. In turn the screening process would confirm you are who you say you are by verifying things like articles of incorporation, trademarks, site address, IP address, so on. Once you pass this level of screening you would be supplied with hardware which supports two-factor authentication and register this at the location for the edge of your network.

Security specialist Behrang Fouladi has managed to clone the software token from RSA’s SecurID two-factor authentication system. SecurID serves as an additional layer of security, for example when logging into a company’s VPN. It uses secret seed values known only by the two communication partners to create temporary token codes, which users must then enter, in addition to their password, when logging in.

Did you hear the one about the New York state lawmakers who forgot about the First Amendment in the name of combating cyberbullying and “baseless political attacks”? Proposed legislation in both chambers would require New York-based websites, such as blogs and newspapers, to “remove any comments posted on his or her website by an anonymous poster unless such anonymous poster agrees to attach his or her name to the post.” No votes on the measures have been taken. But unless the First Amendment is repealed, they stand no chance of surviving any constitutional scrutiny even if they were approved. Republican Assemblyman Jim Conte said the legislation would cut down on “mean-spirited and baseless political attacks” and “turns the spotlight on cyberbullies by forcing them to reveal their identity.”

Nearly three years after the last major release of Nmap, version 6.0 of the open source network scanner has been released. Nmap is a popular utility for scanning and mapping network ranges to extract information about the systems attached to the network and the network’s topology. In version 6.0, the developers have added full IPv6 support while enhancing Nmap’s scripting engine, web scanning, mapping GUI and scanning performance, while also introducing a new tool called Nping.