deleted by creator
If you distribute encrypted materials you also need to distribute a means of decryption. I’m willing to bet a honeypot was used to trick him into distributing his csam right to the government hinself.
deleted by creator
Hey, could I get some info on the
Full running browser in his SIM card
Thing?
I’m quite curious and haven’t been able of finding anything on the internet about it
Neither Tor nor end-to-end encrypted messengers will cover the endpoints. It’s possible that they caught him using good old fashioned detective work. You don’t need a software back door for that.
Well it probably wasn’t a Vic Mackey-style rubber hose attack, because it sounds like this chump is getting hauled into court.
Tor was created by NSA, half of Tor servers are run by NSA, not that secure
Tor was created by the Naval Research Labs, and was released to the public because it is secure.
The problem is that if it’s only the CIA or DIA using it, it’s easy figure out who is using it and where. Make it global and now there is a lot of noise to separate out.
Yeah, the security of tor relies on the nodes being different, but when most of them are owned by the same person/government body the security go downhill, sadly i2p isn’t that popular, because every person is a node
Please don’t talk about child predators, and use the term “back door” in the same sentence. It ain’t right…
we’re talking about encryption here, not…that. please get your mind out of the gutter
He didn’t use encrypted everything. He had a public telegram group chat in which he stored a lot of his material. Which, as many people in the comments on the article pointed out, is not encrypted, but is presented by telegram as if it is. That’s likely how they caught him.
They got it by running a honeypot exit node like they always do
It’s better they don’t disclose it and catch more people doing the same.
I’m all for transparency but if that means less caught child molesters, I’m ok with a little obfuscation, even from the fucking pigs.
This whole thing is horrifying, but the last paragraph is especially disturbing:
Since Herrera himself has a young daughter, and since there are “six children living within his fourplex alone” on Joint Base Elmendorf-Richardson, the government has asked a judge not to release Herrera on bail before his trial.
Even more disturbing is it said he was also producing content.
The Ars article seems to suggest that they were able to crack his phones pretty easily, which is a bit scary. I don’t see anything about a computer.
Although it doesn’t appear he was actually using any encryption apps to store material; rather, he used a fake calculator app as password protection. Obviously not the brightest bulb in the drawer.
The material was allegedly stored behind password protection on his phone(s) but also on Mega and on Telegram, where Herrera is said to have “created his own public Telegram group to store his CSAM.” He also joined “multiple CSAM-related Enigma groups” and frequented dark websites with taglines like “The Only Child Porn Site you need!”
My guess would honestly be Telegram. For starters, they aren’t end-to-end encrypted by default, you have to turn it on. The only end-to-end encryption that Telegram offers is their “secret chats” which are only available between two users. Groups are not encrypted.
So telegram’s delusional propaganda did something good for once?
What propaganda?
That groups aren’t encrypted is documented. If you don’t know that, it’s because you didn’t bother to see how it works.
I honestly don’t think he really had any opsec apart from those few applications, look at what tools he was using, what a joke. Fake calculator app to store files are great to protect from your parents, not the FBI.
He was clearly using Android and I bet he was using the stock rom, kyc sim card, and not even a vpn behind tor.
Don’t get me wrong, I’m very happy and relieved he was caught, but if he had done serious research and did a better opsec, it wouldn’t have been so easy for the authorities to get him
Phones are horseshit for OPSec, always. Every darknet admin and their dog know that.
It seems irrelevant whether this person is using encrypted channels if they failed to maintain anonymity. If they distributed material and leaked any identifying info (e.g. IP address), then it would be trivial for investigators or CIs to track them down.
Likely, data may have been encrypted but he may have leaked compromising metadata. Even more likely it was bad operation security linking a personal identity to his anonymous persona.
I’m always thankful for incompetent criminals.
In the list of apps he was using I don’t see any mention of a VPN. How much you want to bet he raw dogged it with encrypted apps over the clearnet so it was trivial to leak his real IP address
He posted the AI filth to a “public server”, so I’m willing to bet his plan was just full of holes. I don’t mind pedos getting taken down, buy I do mind encrypted software being owned by the government - any government.
It sounds like he created material, not only AI but actual children then distributed it. The tools to track down the creators of CASM is only getting better.
A single legal image of any of those children posted to social media is going to allow algorithms to make the match and its routine detective work from there.
It only takes one child to talk. No amount of encryption is going to stop that.
i watched some documatnary about hackers, and usually, they catch them because they talk way to mouch about themselves.
This dude wasn’t a hacker by any stretch
But when you do anything illegal like this, you need to act like one.
i believe thats a given…
All this is obvious.
Since nobody pressures Signal and Wire in Europe, it really seems to me that the pressure is mostly applied to those who do have the ability to spy upon their users.
That would be too optimistic about humanity, but maybe not. What if.
deleted by creator
And…that’s still not how he got caught. He hit a child porn honey pot and they got his IP.
I would have assumed all his AI work was local on his own server.
saw a headline the other day about the gov’t tracking people on tor using Google ads
I’m still not entirely convinced that tor is as protected as people think it is.
There’s only something like 6,000 exit nodes. It really wouldn’t be that much money for the government to run thousands of them. If you monitor enough exit nodes and enough relays, you can start to statistically tie connections back together with timing analysis.
I don’t know this to be the case for sure but I can’t imagine the government hasn’t pushed towards breaking the security and identifiability of the tor network
If you read a lot of news, it’s really clear Tor isn’t protecting anyone from the FBI. It’s about as effective as using limewire at this point. Which also, the reporting makes it pretty clear it’s not effective to hide criminal acts in the least. But it’s pretty great abusers think it’s effective so they get caught.
If you read the news it’s really clear people commit opsec mistakes - all it takes is one - and get caught.
The inciting thought of most criminal acts is ‘‘they’ll never catch me’’. Which if you’re as lucky as me, you’ll know you’ll get caught everytime, and they’ll make an example of you. It’s kept my nose clean a long time.
Shhh I want an excuse to not protect my privacy, it’s hard
I2P has more protection against this kind of analysis.
It’s not as protected as people think it is. This has popped up on headlines for years. It helps, but if someone really wants to find you on there, they can. It’s just not as easy.
It would be more effective if you spread the load between the 5+ eyes instead.
Can you share the source
Prison is too good for anyone who keeps child sex abuse images.
So what do you recommend, Siberia?
That’s a good idea.
WHO is downvoting you???
It is also because of people like him that laws like Going Dark become plausible to the eyes of the politicians and the masses
the fool! you can’t use ROT-104 encryption against 4 cores!
It’s all publicly approved backdoors until feds are planting child abuse imagery on your PC because you spoke out against them in the wring venue. No one will believe you when they do. Currently you can’t trust articles like this, maybe the dude was actually hurting kids. Maybe the feds just needed a win. You won’t ever know, and neither will I so long as the same ideology is in control. Now watch them turn every single kid in the pics into a sex offender because the fed believes if you were raped, you WILL rape someone in the future. But by all means keep enjoying their rage bait.
Are you ok?
Are you a dumbass?
Damn, thats weird. Are you mentally ill or st?
Well, this person (according to their post history) has schizophrenia, but this could kinda be real and probably also happned, if not recently, probably sometime in history. Of course the stereotype about rape victims actually exists.
The replies to your comment glow so bright
Removed by mod
Counterpoint: Those who produce and collect CP deserve to be in jail
I mean, you are right, but I don’t buy that the solution is mass government surveillance.
That’s the funny thing. This guy got busted through plain old detective work.
Did you read the article? Mass surveillance had nothing to do with this.
