Lots of conjecture in the comments about how he got caught. Too bad nobody read the article.
Web-based generative AI tools/chatbots
...
he created fake AI CSAM—but using imagery of real kids.
All the privacy apps in the world won't save you if you're uploading pics to a cloud service.
And...that's still not how he got caught. He hit a child porn honey pot and they got his IP.
I would have assumed all his AI work was local on his own server.
Fuck this human
Tldr;
Asshole used encrypted everything and Tor to create and spread csam. Government isn't disclosing how they caught him
If you distribute encrypted materials you also need to distribute a means of decryption. I'm willing to bet a honeypot was used to trick him into distributing his csam right to the government hinself.
True. Or it could have been a backdoor in his phone, or the full running browser in his sim card, or the backdoor into his CPU chips... Maybe they do old fashioned police work for these cases and only use the pegasus spyware for others?
Pretty silly to do anything illegal on a computer when we know how flawed they are, imo
Hey, could I get some info on the
Full running browser in his SIM card
Thing?
I'm quite curious and haven't been able of finding anything on the internet about it
Neither Tor nor end-to-end encrypted messengers will cover the endpoints. It's possible that they caught him using good old fashioned detective work. You don't need a software back door for that.
Tor was created by NSA, half of Tor servers are run by NSA, not that secure
Tor was created by the Naval Research Labs, and was released to the public because it is secure.
The problem is that if it's only the CIA or DIA using it, it's easy figure out who is using it and where. Make it global and now there is a lot of noise to separate out.
Tor was created by the NRL, which is a part of the US Navy and Marine Corps.
Please don't talk about child predators, and use the term "back door" in the same sentence. It ain't right....
we’re talking about encryption here, not…that. please get your mind out of the gutter
Does this go to show that authorities needing backdoors to everything in order to do their jobs is actually kind of nonsense?
Yeah, it does. Perfect opsec is impossible even with encryption.
Heard about a guy doing insane opsec when selling on the dark web (darknet diaries podcast).
In the end he got busted because a trusted member if his operation got lazy and ignored his rules
Edit: This guy was essentially
Leeching internet via a directional antenna from a neighbour that was significantly away
Not allowing any visitor in with a cell. You had to keep it outside
All drug related actions are done in a cleaned down room.
Tripple sealing dark marketplace orders, wiping everything down with corrosive fluids to destroy any sort of dna material
Not going to the same post office in (I believe 6 months) and only sending of 3-6 shipments at once
Reminds me of the lulzsec leader dude who exposed himself by logging into IRC once without tor on.
Then he folded instantly and became an informant for the FBI to stay out of jail lol.
In the end its really about tradeoffs. You can't be an expert in everything so you need a team if you want to do anything big, but Cyber criminals are still criminals. They don't trust each other which is what ultimately leads to their downfall even if they do all the implementation and tech part right.
Some German guy got got for logging into IRC via encrypted wifi, the cops did some war driving and correlated timing of traffic spikes with IRC messages until they had a profile with better hit probability than a DNA match.
The best thing about that? They didn't even need a search warrant as our genius was broadcasting the side-channel to the whole neighbourhood.
That's sounds mostly correct.
His relative also admitted their involvement and flipped on him which destroyed the narrow avenue he had to throw out the original evidence for the warrant.
Of course we only ever hear the cases of people who get caught. If he relative hadn't gotten lazy he may never have been caught.
The lesson there is not to involve other people.
saw a headline the other day about the gov't tracking people on tor using Google ads
I'm still not entirely convinced that tor is as protected as people think it is.
There's only something like 6,000 exit nodes. It really wouldn't be that much money for the government to run thousands of them. If you monitor enough exit nodes and enough relays, you can start to statistically tie connections back together with timing analysis.
I don't know this to be the case for sure but I can't imagine the government hasn't pushed towards breaking the security and identifiability of the tor network
If you read a lot of news, it's really clear Tor isn't protecting anyone from the FBI. It's about as effective as using limewire at this point. Which also, the reporting makes it pretty clear it's not effective to hide criminal acts in the least. But it's pretty great abusers think it's effective so they get caught.
If you read the news it's really clear people commit opsec mistakes - all it takes is one - and get caught.
The inciting thought of most criminal acts is ''they'll never catch me''. Which if you're as lucky as me, you'll know you'll get caught everytime, and they'll make an example of you. It's kept my nose clean a long time.
I've suspected Tor of being heavily compromised for a while now. It's already known that many onion sites are government honeypots, with sites being taken over rather frequently, sometimes without triggering the canary. While it's better than nothing in some situations, I don't think it can be relied upon for true anonymity anymore.
Prison is too good for anyone who keeps child sex abuse images.
WHO is downvoting you???
People like me, who are against the death penalty on principle. (or even more "creative" forms of punishment people like to come up with in these cases).
No, prison is where this guy belongs. For as long as necessary.
Further to this its not likely to result in less children being abused.
If you have the death penalty for even possessing CSAM as the parent suggests, then there is no incentive to not get into distribution or even actively abusing children and producing CSAM once you posess some. The punishment isnt any worse so why not? Its the same reason for proportionality in other crimes, we dont punish robbing a bank with life in jail as then there would be no reason for anyone who robs a bank to not just murder everyone to leave no witnessess.
And if you propose the death penalty for abusing children, a child abuser has incentive to kill the child afterwards to get rid of the witness.
The punishment can't get any worse, and it reduces the chance of getting caught.
Death penalty is fine if it didn't get abused bit it will be abused. We know this. So yes i agree with you.
But also if cop killed him and there is adequate evidence that athat person actually hurt a child. I just see self defense and if I was no a jury, I would not convict and I hate police lol
Society lost this basic function for self cleansing. At some point these people just need to be disposed off.
Also, state will execute for treason. I look at severe child abuse as a higher order, ie social treason. FAFO
This whole thing is horrifying, but the last paragraph is especially disturbing:
Since Herrera himself has a young daughter, and since there are "six children living within his fourplex alone" on Joint Base Elmendorf-Richardson, the government has asked a judge not to release Herrera on bail before his trial.
Even more disturbing is it said he was also producing content.
Where is the police brutality when you need it?!
As satisfying as it may seem we can't do this. No group no matter how heinous should be abused by the police. Don't give the pigs an inch.
Let him be convicted then see what gen pop has to say about it.
Lots of conjecture in the comments about how he got caught. Too bad nobody read the article.
...
All the privacy apps in the world won't save you if you're uploading pics to a cloud service.
And...that's still not how he got caught. He hit a child porn honey pot and they got his IP.
I would have assumed all his AI work was local on his own server.
Fuck this human
Tldr; Asshole used encrypted everything and Tor to create and spread csam. Government isn't disclosing how they caught him
If you distribute encrypted materials you also need to distribute a means of decryption. I'm willing to bet a honeypot was used to trick him into distributing his csam right to the government hinself.
True. Or it could have been a backdoor in his phone, or the full running browser in his sim card, or the backdoor into his CPU chips... Maybe they do old fashioned police work for these cases and only use the pegasus spyware for others?
Pretty silly to do anything illegal on a computer when we know how flawed they are, imo
Hey, could I get some info on the
Thing?
I'm quite curious and haven't been able of finding anything on the internet about it
Neither Tor nor end-to-end encrypted messengers will cover the endpoints. It's possible that they caught him using good old fashioned detective work. You don't need a software back door for that.
Tor was created by NSA, half of Tor servers are run by NSA, not that secure
Tor was created by the Naval Research Labs, and was released to the public because it is secure.
The problem is that if it's only the CIA or DIA using it, it's easy figure out who is using it and where. Make it global and now there is a lot of noise to separate out.
Tor was created by the NRL, which is a part of the US Navy and Marine Corps.
Please don't talk about child predators, and use the term "back door" in the same sentence. It ain't right....
we’re talking about encryption here, not…that. please get your mind out of the gutter
Does this go to show that authorities needing backdoors to everything in order to do their jobs is actually kind of nonsense?
Yeah, it does. Perfect opsec is impossible even with encryption.
Heard about a guy doing insane opsec when selling on the dark web (darknet diaries podcast).
In the end he got busted because a trusted member if his operation got lazy and ignored his rules
Edit: This guy was essentially
Leeching internet via a directional antenna from a neighbour that was significantly away
Not allowing any visitor in with a cell. You had to keep it outside
All drug related actions are done in a cleaned down room.
Tripple sealing dark marketplace orders, wiping everything down with corrosive fluids to destroy any sort of dna material
Not going to the same post office in (I believe 6 months) and only sending of 3-6 shipments at once
I hope I got it correctly. Please go listen to the episode: https://darknetdiaries.com/episode/132/
Reminds me of the lulzsec leader dude who exposed himself by logging into IRC once without tor on.
Then he folded instantly and became an informant for the FBI to stay out of jail lol.
In the end its really about tradeoffs. You can't be an expert in everything so you need a team if you want to do anything big, but Cyber criminals are still criminals. They don't trust each other which is what ultimately leads to their downfall even if they do all the implementation and tech part right.
Some German guy got got for logging into IRC via encrypted wifi, the cops did some war driving and correlated timing of traffic spikes with IRC messages until they had a profile with better hit probability than a DNA match.
The best thing about that? They didn't even need a search warrant as our genius was broadcasting the side-channel to the whole neighbourhood.
That's sounds mostly correct.
His relative also admitted their involvement and flipped on him which destroyed the narrow avenue he had to throw out the original evidence for the warrant.
Of course we only ever hear the cases of people who get caught. If he relative hadn't gotten lazy he may never have been caught.
The lesson there is not to involve other people.
saw a headline the other day about the gov't tracking people on tor using Google ads
I'm still not entirely convinced that tor is as protected as people think it is.
There's only something like 6,000 exit nodes. It really wouldn't be that much money for the government to run thousands of them. If you monitor enough exit nodes and enough relays, you can start to statistically tie connections back together with timing analysis.
I don't know this to be the case for sure but I can't imagine the government hasn't pushed towards breaking the security and identifiability of the tor network
If you read a lot of news, it's really clear Tor isn't protecting anyone from the FBI. It's about as effective as using limewire at this point. Which also, the reporting makes it pretty clear it's not effective to hide criminal acts in the least. But it's pretty great abusers think it's effective so they get caught.
If you read the news it's really clear people commit opsec mistakes - all it takes is one - and get caught.
The inciting thought of most criminal acts is ''they'll never catch me''. Which if you're as lucky as me, you'll know you'll get caught everytime, and they'll make an example of you. It's kept my nose clean a long time.
I've suspected Tor of being heavily compromised for a while now. It's already known that many onion sites are government honeypots, with sites being taken over rather frequently, sometimes without triggering the canary. While it's better than nothing in some situations, I don't think it can be relied upon for true anonymity anymore.
Prison is too good for anyone who keeps child sex abuse images.
WHO is downvoting you???
People like me, who are against the death penalty on principle. (or even more "creative" forms of punishment people like to come up with in these cases).
No, prison is where this guy belongs. For as long as necessary.
Further to this its not likely to result in less children being abused.
If you have the death penalty for even possessing CSAM as the parent suggests, then there is no incentive to not get into distribution or even actively abusing children and producing CSAM once you posess some. The punishment isnt any worse so why not? Its the same reason for proportionality in other crimes, we dont punish robbing a bank with life in jail as then there would be no reason for anyone who robs a bank to not just murder everyone to leave no witnessess.
And if you propose the death penalty for abusing children, a child abuser has incentive to kill the child afterwards to get rid of the witness.
The punishment can't get any worse, and it reduces the chance of getting caught.
Death penalty is fine if it didn't get abused bit it will be abused. We know this. So yes i agree with you.
But also if cop killed him and there is adequate evidence that athat person actually hurt a child. I just see self defense and if I was no a jury, I would not convict and I hate police lol
Society lost this basic function for self cleansing. At some point these people just need to be disposed off.
Also, state will execute for treason. I look at severe child abuse as a higher order, ie social treason. FAFO
This whole thing is horrifying, but the last paragraph is especially disturbing:
Even more disturbing is it said he was also producing content.
Where is the police brutality when you need it?!
As satisfying as it may seem we can't do this. No group no matter how heinous should be abused by the police. Don't give the pigs an inch.
Let him be convicted then see what gen pop has to say about it.
Dumb people deserve to be in jail.