This whole thing is horrifying, but the last paragraph is especially disturbing:
Since Herrera himself has a young daughter, and since there are “six children living within his fourplex alone” on Joint Base Elmendorf-Richardson, the government has asked a judge not to release Herrera on bail before his trial.
Even more disturbing is it said he was also producing content.
Where is the police brutality when you need it?!
As satisfying as it may seem we can’t do this. No group no matter how heinous should be abused by the police. Don’t give the pigs an inch.
Let him be convicted then see what gen pop has to say about it.
Does this go to show that authorities needing backdoors to everything in order to do their jobs is actually kind of nonsense?
The article is exaggerating the guy’s setup way too much. Opsec doesn’t end at the application level… The OS (the most popular being in bed with US), ISP, tor nodes, Honeypot VPNs, so on and so on could leave a trail.
Using telegram public groups and obfuscating a calculator as a password protection layer is hillbilly level of security.
And i’m glad these fuckos don’t have the knowledge to go beyond App developers marketing.
Goes beyond the OSI model, too. Someone has to pay for that VPN, and there has to be an entry point to getting BTC, using a 2nd hand laptop where they can prove you bought it off of someone off of Craigslist, etc.
Mullvad let’s you write down an account number on a piece of paper and mail it in with cash and they’ll activate it.
Yup, every time I read about something like this, I look at what I’m doing and it’s way overkill, and I have nothing to hide. I’m guessing there are plenty of sickos that don’t get caught because they practice half-decent opsec, but there are a ton that don’t.
Yeah, it does. Perfect opsec is impossible even with encryption.
Heard about a guy doing insane opsec when selling on the dark web (darknet diaries podcast).
In the end he got busted because a trusted member if his operation got lazy and ignored his rulesEdit: This guy was essentially
Leeching internet via a directional antenna from a neighbour that was significantly away
Not allowing any visitor in with a cell. You had to keep it outside
All drug related actions are done in a cleaned down room.
Tripple sealing dark marketplace orders, wiping everything down with corrosive fluids to destroy any sort of dna material
Not going to the same post office in (I believe 6 months) and only sending of 3-6 shipments at onceI hope I got it correctly. Please go listen to the episode: https://darknetdiaries.com/episode/132/
Reminds me of the lulzsec leader dude who exposed himself by logging into IRC once without tor on.
Then he folded instantly and became an informant for the FBI to stay out of jail lol.
In the end its really about tradeoffs. You can’t be an expert in everything so you need a team if you want to do anything big, but Cyber criminals are still criminals. They don’t trust each other which is what ultimately leads to their downfall even if they do all the implementation and tech part right.
Some German guy got got for logging into IRC via encrypted wifi, the cops did some war driving and correlated timing of traffic spikes with IRC messages until they had a profile with better hit probability than a DNA match.
The best thing about that? They didn’t even need a search warrant as our genius was broadcasting the side-channel to the whole neighbourhood.
Sounds interesting, got any links for further reading on that?
I can’t quite connect the dots between wifi/internet traffic spikes when IRC is so light on traffic that it’s basically background noise and war driving.
When you send a message, that usually fits into an IP packet. That gets completely encrypted by the wifi, but you know that a data packet approximately that size has been sent at exactly that time. Simultaneously, you watch the IRC channel and see when messages are arriving from your suspect, or someone else types a message and that should correlate with another encrypted wifi package.
The mistake was a) using wifi, exposing the data in the first place and b) not torrenting while you’re chatting. That would’ve obscured the time correlations.
I have an understanding of the underlying concepts. I’m mostly interested in the war driving. War driving, at least in my understanding, implies that someone, a state agency in this case, physically went to the very specific location of the suspect, penetrated their (wireless) network and therefore executed a successful traffic correlation attack.
I’m interested in how they got their suspects narrowed down that drastically in the first place. Traffic correlation attacks, at least in my experience, usually happen in a WAN context, not LAN, for example with the help of ISPs.
Laymen with no understanding here. Obviously there were other mistakes, all of which make sense to me on a rudimentary level, but the first mistake you listed was him using wifi? What is the more secure alternative? Or do you just mean sending data directly over a true wifi connection and not using TOR or another medium?
Timing attacks work, but if they’re running those then they have a pretty good idea as to both sides of the convo.
Put another way, if they’ve got to that point your opsec has already failed.
Well without that they would’ve needed probably months correlating things like “goes to bed at X o clock” with those chat logs. For a whole neighbourhood to then get a search warrant with that. Which of course is not above the capabilities of a state actor but depending on how big a fish he was they might not have bothered spending the resources. Being able to pin-point a house in maybe a day when all you have is a municipality is a whole different ballpark.
krasse sache
He got his first kid IIRC and was sleep deprived.
That’s sounds mostly correct.
His relative also admitted their involvement and flipped on him which destroyed the narrow avenue he had to throw out the original evidence for the warrant.
Of course we only ever hear the cases of people who get caught. If he relative hadn’t gotten lazy he may never have been caught.
The lesson there is not to involve other people.
Just exterminate all statists within 52’000 km and donezo
The Ars article seems to suggest that they were able to crack his phones pretty easily, which is a bit scary. I don’t see anything about a computer.
Although it doesn’t appear he was actually using any encryption apps to store material; rather, he used a fake calculator app as password protection. Obviously not the brightest bulb in the drawer.
The material was allegedly stored behind password protection on his phone(s) but also on Mega and on Telegram, where Herrera is said to have “created his own public Telegram group to store his CSAM.” He also joined “multiple CSAM-related Enigma groups” and frequented dark websites with taglines like “The Only Child Porn Site you need!”
My guess would honestly be Telegram. For starters, they aren’t end-to-end encrypted by default, you have to turn it on. The only end-to-end encryption that Telegram offers is their “secret chats” which are only available between two users. Groups are not encrypted.
So telegram’s delusional propaganda did something good for once?
What propaganda?
That groups aren’t encrypted is documented. If you don’t know that, it’s because you didn’t bother to see how it works.
The Ars article seems to suggest that they were able to crack his phones pretty easily
Android uses data at rest encryption, which isn’t really useful without a lockscreen PIN/password since data gets decrypted after you unlock your screen the first time after each boot
Although it doesn’t appear he was actually using any encryption apps to store material; rather, he used a fake calculator app as password protection. Obviously not the brightest bulb in the drawer.
Agreed, he probably felt safe enough “hiding” the files. Definitely not the sharpest tool in the shed, which is great because fuck this guy
I honestly don’t think he really had any opsec apart from those few applications, look at what tools he was using, what a joke. Fake calculator app to store files are great to protect from your parents, not the FBI.
He was clearly using Android and I bet he was using the stock rom, kyc sim card, and not even a vpn behind tor.
Don’t get me wrong, I’m very happy and relieved he was caught, but if he had done serious research and did a better opsec, it wouldn’t have been so easy for the authorities to get him
actually using a vpn with tor is not a good idea: https://support.torproject.org/faq/faq-5/
true but only if you do : tor > vpn
if you do : vpn > tor in this order, it’s way more resistant, because if the onion node is compromised, it’s the vpn’s ip address that is exposed, not yours
oh wow i didn’t know that!! thanx for clarifying :]
Phones are horseshit for OPSec, always. Every darknet admin and their dog know that.
It seems irrelevant whether this person is using encrypted channels if they failed to maintain anonymity. If they distributed material and leaked any identifying info (e.g. IP address), then it would be trivial for investigators or CIs to track them down.
Likely, data may have been encrypted but he may have leaked compromising metadata. Even more likely it was bad operation security linking a personal identity to his anonymous persona.
I’m always thankful for incompetent criminals.
Thankfully it seems pretty unrealistic that someone addicted to CSAM would maintain perfect OpSec over a lifetime of abuse.
In the list of apps he was using I don’t see any mention of a VPN. How much you want to bet he raw dogged it with encrypted apps over the clearnet so it was trivial to leak his real IP address
He posted the AI filth to a “public server”, so I’m willing to bet his plan was just full of holes. I don’t mind pedos getting taken down, buy I do mind encrypted software being owned by the government - any government.
It sounds like he created material, not only AI but actual children then distributed it. The tools to track down the creators of CASM is only getting better.
A single legal image of any of those children posted to social media is going to allow algorithms to make the match and its routine detective work from there.
It only takes one child to talk. No amount of encryption is going to stop that.
i watched some documatnary about hackers, and usually, they catch them because they talk way to mouch about themselves.
This dude wasn’t a hacker by any stretch
But when you do anything illegal like this, you need to act like one.
i believe thats a given…
All this is obvious.
Since nobody pressures Signal and Wire in Europe, it really seems to me that the pressure is mostly applied to those who do have the ability to spy upon their users.
That would be too optimistic about humanity, but maybe not. What if.
saw a headline the other day about the gov’t tracking people on tor using Google ads
I’m still not entirely convinced that tor is as protected as people think it is.
There’s only something like 6,000 exit nodes. It really wouldn’t be that much money for the government to run thousands of them. If you monitor enough exit nodes and enough relays, you can start to statistically tie connections back together with timing analysis.
I don’t know this to be the case for sure but I can’t imagine the government hasn’t pushed towards breaking the security and identifiability of the tor network
If you read a lot of news, it’s really clear Tor isn’t protecting anyone from the FBI. It’s about as effective as using limewire at this point. Which also, the reporting makes it pretty clear it’s not effective to hide criminal acts in the least. But it’s pretty great abusers think it’s effective so they get caught.
If you read the news it’s really clear people commit opsec mistakes - all it takes is one - and get caught.
Shhh I want an excuse to not protect my privacy, it’s hard
The inciting thought of most criminal acts is ‘‘they’ll never catch me’’. Which if you’re as lucky as me, you’ll know you’ll get caught everytime, and they’ll make an example of you. It’s kept my nose clean a long time.
I’ve suspected Tor of being heavily compromised for a while now. It’s already known that many onion sites are government honeypots, with sites being taken over rather frequently, sometimes without triggering the canary. While it’s better than nothing in some situations, I don’t think it can be relied upon for true anonymity anymore.
I2P has more protection against this kind of analysis.
It’s not as protected as people think it is. This has popped up on headlines for years. It helps, but if someone really wants to find you on there, they can. It’s just not as easy.
It would be more effective if you spread the load between the 5+ eyes instead.
Can you share the source
11 years ago
Thanks for pointing out, but how have things changed since then?
I assume Tor blocks third party cookies. Firefox (upstream) certainly added that feature.
It is also because of people like him that laws like Going Dark become plausible to the eyes of the politicians and the masses
Prison is too good for anyone who keeps child sex abuse images.
So what do you recommend, Siberia?
That’s a good idea.
Stalin era gulag style please
Maybe you should research a bit on how child abusers are treated in prison.
WHO is downvoting you???
People like me, who are against the death penalty on principle. (or even more “creative” forms of punishment people like to come up with in these cases).
No, prison is where this guy belongs. For as long as necessary.Further to this its not likely to result in less children being abused.
If you have the death penalty for even possessing CSAM as the parent suggests, then there is no incentive to not get into distribution or even actively abusing children and producing CSAM once you posess some. The punishment isnt any worse so why not? Its the same reason for proportionality in other crimes, we dont punish robbing a bank with life in jail as then there would be no reason for anyone who robs a bank to not just murder everyone to leave no witnessess.
And if you propose the death penalty for abusing children, a child abuser has incentive to kill the child afterwards to get rid of the witness.
The punishment can’t get any worse, and it reduces the chance of getting caught.
Death penalty is fine if it didn’t get abused bit it will be abused. We know this. So yes i agree with you.
But also if cop killed him and there is adequate evidence that athat person actually hurt a child. I just see self defense and if I was no a jury, I would not convict and I hate police lol
Society lost this basic function for self cleansing. At some point these people just need to be disposed off.
Also, state will execute for treason. I look at severe child abuse as a higher order, ie social treason. FAFO
Oh, I was thinking something far worst than death. I was thinking something like a torture rack.
So you’re a sadist, but you try to convince yourself it’s okay because you only want to torture people you think deserve it. Of course, no one deserves to be tortured.
That’s what I meant by more creative forms of punishment.
the fool! you can’t use ROT-104 encryption against 4 cores!
a heavy vehicle driver for the US military
That’s an odd way to describe a soldier. It’s not really surprising when violent people do violent things.
I’m not sure that’s necessarily true. There are plenty of military contractors out there, and a driver is the kind of position you would expect to be likely contracted out. That in no way makes one a soldier.
Plenty of contracting orgs do driving for the military. You don’t need a soldier, you need a trucker, so why use soldiers?
It’s all publicly approved backdoors until feds are planting child abuse imagery on your PC because you spoke out against them in the wring venue. No one will believe you when they do. Currently you can’t trust articles like this, maybe the dude was actually hurting kids. Maybe the feds just needed a win. You won’t ever know, and neither will I so long as the same ideology is in control. Now watch them turn every single kid in the pics into a sex offender because the fed believes if you were raped, you WILL rape someone in the future. But by all means keep enjoying their rage bait.
Are you ok?
Are you a dumbass?
Damn, thats weird. Are you mentally ill or st?
Well, this person (according to their post history) has schizophrenia, but this could kinda be real and probably also happned, if not recently, probably sometime in history. Of course the stereotype about rape victims actually exists.
The replies to your comment glow so bright
Lol, I still don’t know why people like CSAM :v
Lol, it’s a mental illness.
A lot of it out there and a lot of it was enabled by limp dick society. Looking at you cathlics… Fucking disgusting that you allowed your clergy to do this and even cover up for it. And when people spoke up you ostricized them. Pathetic social behavior.
Imagine when your clown social group is more important than children being raped.
Catholic church sure… But look at any religion.
Islam was founded by a pedobear and Muslim in straight up denial about what is going with child abuse while rich Arabs are traffic humans for funzies.
But that’s over there. Cathlic church is doing this within the US. All of major urban areas have extensive allegations of child abuse for decades. Nothing has been done.
Limp dick boomers would rather act like it never happens. Prosecutors and police are limp dick and too busy killing taxpayers lol
Happens in the other religions wasn’t ghandi raping 13 year old girls and everybody was like no big deal, big man earned his due with “peace” 🤡
Pathetic daddy worship enables this behavior
