This is a most excellent place for technology news and articles.
Lots of conjecture in the comments about how he got caught. Too bad nobody read the article.
Web-based generative AI tools/chatbots
...
he created fake AI CSAM—but using imagery of real kids.
All the privacy apps in the world won't save you if you're uploading pics to a cloud service.
And...that's still not how he got caught. He hit a child porn honey pot and they got his IP.
I would have assumed all his AI work was local on his own server.
Does this go to show that authorities needing backdoors to everything in order to do their jobs is actually kind of nonsense?
Yeah, it does. Perfect opsec is impossible even with encryption.
Heard about a guy doing insane opsec when selling on the dark web (darknet diaries podcast).
In the end he got busted because a trusted member if his operation got lazy and ignored his rules
Edit: This guy was essentially
Leeching internet via a directional antenna from a neighbour that was significantly away
Not allowing any visitor in with a cell. You had to keep it outside
All drug related actions are done in a cleaned down room.
Tripple sealing dark marketplace orders, wiping everything down with corrosive fluids to destroy any sort of dna material
Not going to the same post office in (I believe 6 months) and only sending of 3-6 shipments at once
I hope I got it correctly. Please go listen to the episode: https://darknetdiaries.com/episode/132/
Reminds me of the lulzsec leader dude who exposed himself by logging into IRC once without tor on.
Then he folded instantly and became an informant for the FBI to stay out of jail lol.
In the end its really about tradeoffs. You can't be an expert in everything so you need a team if you want to do anything big, but Cyber criminals are still criminals. They don't trust each other which is what ultimately leads to their downfall even if they do all the implementation and tech part right.
Some German guy got got for logging into IRC via encrypted wifi, the cops did some war driving and correlated timing of traffic spikes with IRC messages until they had a profile with better hit probability than a DNA match.
The best thing about that? They didn't even need a search warrant as our genius was broadcasting the side-channel to the whole neighbourhood.
The article is exaggerating the guy's setup way too much. Opsec doesn't end at the application level... The OS (the most popular being in bed with US), ISP, tor nodes, Honeypot VPNs, so on and so on could leave a trail.
Using telegram public groups and obfuscating a calculator as a password protection layer is hillbilly level of security.
And i'm glad these fuckos don't have the knowledge to go beyond App developers marketing.
It seems irrelevant whether this person is using encrypted channels if they failed to maintain anonymity. If they distributed material and leaked any identifying info (e.g. IP address), then it would be trivial for investigators or CIs to track them down.
In the list of apps he was using I don't see any mention of a VPN. How much you want to bet he raw dogged it with encrypted apps over the clearnet so it was trivial to leak his real IP address
He posted the AI filth to a "public server", so I'm willing to bet his plan was just full of holes. I don't mind pedos getting taken down, buy I do mind encrypted software being owned by the government - any government.
It sounds like he created material, not only AI but actual children then distributed it. The tools to track down the creators of CASM is only getting better.
A single legal image of any of those children posted to social media is going to allow algorithms to make the match and its routine detective work from there.
It only takes one child to talk. No amount of encryption is going to stop that.
Likely, data may have been encrypted but he may have leaked compromising metadata. Even more likely it was bad operation security linking a personal identity to his anonymous persona.
I'm always thankful for incompetent criminals.
It's all publicly approved backdoors until feds are planting child abuse imagery on your PC because you spoke out against them in the wring venue. No one will believe you when they do. Currently you can't trust articles like this, maybe the dude was actually hurting kids. Maybe the feds just needed a win. You won't ever know, and neither will I so long as the same ideology is in control. Now watch them turn every single kid in the pics into a sex offender because the fed believes if you were raped, you WILL rape someone in the future. But by all means keep enjoying their rage bait.
The replies to your comment glow so bright
This whole thing is horrifying, but the last paragraph is especially disturbing:
Since Herrera himself has a young daughter, and since there are "six children living within his fourplex alone" on Joint Base Elmendorf-Richardson, the government has asked a judge not to release Herrera on bail before his trial.
Even more disturbing is it said he was also producing content.
Prison is too good for anyone who keeps child sex abuse images.
Maybe you should research a bit on how child abusers are treated in prison.
