• Wilzax@lemmy.world
      link
      fedilink
      English
      arrow-up
      105
      arrow-down
      1
      ·
      3 months ago

      If you distribute encrypted materials you also need to distribute a means of decryption. I’m willing to bet a honeypot was used to trick him into distributing his csam right to the government hinself.

    • mox@lemmy.sdf.org
      link
      fedilink
      English
      arrow-up
      96
      arrow-down
      1
      ·
      edit-2
      3 months ago

      Neither Tor nor end-to-end encrypted messengers will cover the endpoints. It’s possible that they caught him using good old fashioned detective work. You don’t need a software back door for that.

      • mkwt@lemmy.world
        link
        fedilink
        English
        arrow-up
        11
        ·
        3 months ago

        Well it probably wasn’t a Vic Mackey-style rubber hose attack, because it sounds like this chump is getting hauled into court.

      • Vilian@lemmy.ca
        link
        fedilink
        English
        arrow-up
        11
        arrow-down
        17
        ·
        3 months ago

        Tor was created by NSA, half of Tor servers are run by NSA, not that secure

      • Lost_My_Mind@lemmy.world
        link
        fedilink
        English
        arrow-up
        2
        arrow-down
        64
        ·
        3 months ago

        Please don’t talk about child predators, and use the term “back door” in the same sentence. It ain’t right…

        • yoshisaur@lemm.ee
          link
          fedilink
          English
          arrow-up
          36
          arrow-down
          1
          ·
          3 months ago

          we’re talking about encryption here, not…that. please get your mind out of the gutter

    • CrazyLikeGollum@lemmy.world
      link
      fedilink
      English
      arrow-up
      80
      arrow-down
      1
      ·
      3 months ago

      He didn’t use encrypted everything. He had a public telegram group chat in which he stored a lot of his material. Which, as many people in the comments on the article pointed out, is not encrypted, but is presented by telegram as if it is. That’s likely how they caught him.

        • Deello@lemm.ee
          link
          fedilink
          English
          arrow-up
          20
          arrow-down
          1
          ·
          3 months ago

          Recent events have taught me that only individual chats are encrypted*. Group chats don’t have that feature.

          • Geth@lemmy.dbzer0.com
            link
            fedilink
            English
            arrow-up
            10
            ·
            3 months ago

            In telegram nothing is e2e encrypted unless you specifically ask it to be and when you do, it kills all the functionality that makes it better than others.

            • Deello@lemm.ee
              link
              fedilink
              English
              arrow-up
              4
              arrow-down
              1
              ·
              3 months ago

              That’s what I said. The person I replied to said that all messages are encrypted* with the asterisk being only if you specifically enable it. I clarified that it doesn’t apply to group chats though. I don’t use Telegram so the loss of functionality is actually a bigger deal to me than the argument around E2EE. Can you explain what features are lost when you enable it? It’s a messaging app so I’m curious what you sacrifice for E2EE.

        • BearOfaTime@lemm.ee
          link
          fedilink
          English
          arrow-up
          12
          ·
          3 months ago

          Telegram groups are not E2E.

          Chats are encrypted, but the servers hold the encryption keys (I believe).

          There are one-to-one chats that are full e2e, but you have to enable it. And it has all sorts of compromises.

          Qualifier: this is as dicumented by telegram. Since it’s not open source, we can’t really verify it

        • uzay@infosec.pub
          link
          fedilink
          English
          arrow-up
          7
          ·
          3 months ago

          There is no point in encrypting a public group chat since anyone can join and decrypt it anyway.

          • KairuByte@lemmy.dbzer0.com
            link
            fedilink
            English
            arrow-up
            8
            ·
            3 months ago

            The secret chats feature isn’t between anyone I believe, it’s between two people. But I don’t actually know for certain because I’ve not looked into it beyond a cursory googling.

            That said, you’d be correct in that just like any service out there, the moment you let random people join there’s no level of encryption that can keep your secrets secret.

            • uzay@infosec.pub
              link
              fedilink
              English
              arrow-up
              1
              ·
              3 months ago

              If you restrict it, then it isn’t public. I’m not saying that encrypted group chats are useless. But if it is public and anyone can join anyway, then encryption adds no secrecy.

              • sugar_in_your_tea@sh.itjust.works
                link
                fedilink
                English
                arrow-up
                1
                ·
                3 months ago

                Right, I’m just saying that other platforms give you the option of E2EE group chats, which makes sense if you know your group will remain fixed to a certain size. For truly public groups, yeah, encryption just adds a lot of processing overhead without much benefit.

                I, personally, would prefer a platform that gives me the option rather than doesn’t.

    • Angry_Autist (he/him)@lemmy.world
      link
      fedilink
      English
      arrow-up
      2
      ·
      3 months ago

      It’s better they don’t disclose it and catch more people doing the same.

      I’m all for transparency but if that means less caught child molesters, I’m ok with a little obfuscation, even from the fucking pigs.

  • jqubed@lemmy.world
    link
    fedilink
    English
    arrow-up
    107
    ·
    3 months ago

    This whole thing is horrifying, but the last paragraph is especially disturbing:

    Since Herrera himself has a young daughter, and since there are “six children living within his fourplex alone” on Joint Base Elmendorf-Richardson, the government has asked a judge not to release Herrera on bail before his trial.

    Even more disturbing is it said he was also producing content.

      • Angry_Autist (he/him)@lemmy.world
        link
        fedilink
        English
        arrow-up
        2
        arrow-down
        1
        ·
        3 months ago

        As satisfying as it may seem we can’t do this. No group no matter how heinous should be abused by the police. Don’t give the pigs an inch.

        Let him be convicted then see what gen pop has to say about it.

  • Eggyhead@fedia.io
    link
    fedilink
    arrow-up
    94
    arrow-down
    1
    ·
    3 months ago

    Does this go to show that authorities needing backdoors to everything in order to do their jobs is actually kind of nonsense?

    • pop@lemmy.ml
      link
      fedilink
      English
      arrow-up
      62
      ·
      3 months ago

      The article is exaggerating the guy’s setup way too much. Opsec doesn’t end at the application level… The OS (the most popular being in bed with US), ISP, tor nodes, Honeypot VPNs, so on and so on could leave a trail.

      Using telegram public groups and obfuscating a calculator as a password protection layer is hillbilly level of security.

      And i’m glad these fuckos don’t have the knowledge to go beyond App developers marketing.

      • sugar_in_your_tea@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        2
        ·
        3 months ago

        Yup, every time I read about something like this, I look at what I’m doing and it’s way overkill, and I have nothing to hide. I’m guessing there are plenty of sickos that don’t get caught because they practice half-decent opsec, but there are a ton that don’t.

      • Appoxo@lemmy.dbzer0.com
        link
        fedilink
        English
        arrow-up
        66
        ·
        edit-2
        3 months ago

        Heard about a guy doing insane opsec when selling on the dark web (darknet diaries podcast).
        In the end he got busted because a trusted member if his operation got lazy and ignored his rules

        Edit: This guy was essentially
        Leeching internet via a directional antenna from a neighbour that was significantly away
        Not allowing any visitor in with a cell. You had to keep it outside
        All drug related actions are done in a cleaned down room.
        Tripple sealing dark marketplace orders, wiping everything down with corrosive fluids to destroy any sort of dna material
        Not going to the same post office in (I believe 6 months) and only sending of 3-6 shipments at once

        I hope I got it correctly. Please go listen to the episode: https://darknetdiaries.com/episode/132/

        • mlg@lemmy.world
          link
          fedilink
          English
          arrow-up
          34
          arrow-down
          1
          ·
          3 months ago

          Reminds me of the lulzsec leader dude who exposed himself by logging into IRC once without tor on.

          Then he folded instantly and became an informant for the FBI to stay out of jail lol.

          In the end its really about tradeoffs. You can’t be an expert in everything so you need a team if you want to do anything big, but Cyber criminals are still criminals. They don’t trust each other which is what ultimately leads to their downfall even if they do all the implementation and tech part right.

          • barsoap@lemm.ee
            link
            fedilink
            English
            arrow-up
            16
            ·
            edit-2
            3 months ago

            Some German guy got got for logging into IRC via encrypted wifi, the cops did some war driving and correlated timing of traffic spikes with IRC messages until they had a profile with better hit probability than a DNA match.

            The best thing about that? They didn’t even need a search warrant as our genius was broadcasting the side-channel to the whole neighbourhood.

            • Emotet@slrpnk.net
              link
              fedilink
              English
              arrow-up
              6
              ·
              3 months ago

              Sounds interesting, got any links for further reading on that?

              I can’t quite connect the dots between wifi/internet traffic spikes when IRC is so light on traffic that it’s basically background noise and war driving.

              • barsoap@lemm.ee
                link
                fedilink
                English
                arrow-up
                7
                ·
                3 months ago

                When you send a message, that usually fits into an IP packet. That gets completely encrypted by the wifi, but you know that a data packet approximately that size has been sent at exactly that time. Simultaneously, you watch the IRC channel and see when messages are arriving from your suspect, or someone else types a message and that should correlate with another encrypted wifi package.

                The mistake was a) using wifi, exposing the data in the first place and b) not torrenting while you’re chatting. That would’ve obscured the time correlations.

                • Emotet@slrpnk.net
                  link
                  fedilink
                  English
                  arrow-up
                  3
                  ·
                  3 months ago

                  I have an understanding of the underlying concepts. I’m mostly interested in the war driving. War driving, at least in my understanding, implies that someone, a state agency in this case, physically went to the very specific location of the suspect, penetrated their (wireless) network and therefore executed a successful traffic correlation attack.

                  I’m interested in how they got their suspects narrowed down that drastically in the first place. Traffic correlation attacks, at least in my experience, usually happen in a WAN context, not LAN, for example with the help of ISPs.

                • AugustWest@lemmy.world
                  link
                  fedilink
                  English
                  arrow-up
                  3
                  ·
                  3 months ago

                  Laymen with no understanding here. Obviously there were other mistakes, all of which make sense to me on a rudimentary level, but the first mistake you listed was him using wifi? What is the more secure alternative? Or do you just mean sending data directly over a true wifi connection and not using TOR or another medium?

        • Clent@lemmy.world
          link
          fedilink
          English
          arrow-up
          9
          arrow-down
          1
          ·
          3 months ago

          That’s sounds mostly correct.

          His relative also admitted their involvement and flipped on him which destroyed the narrow avenue he had to throw out the original evidence for the warrant.

          Of course we only ever hear the cases of people who get caught. If he relative hadn’t gotten lazy he may never have been caught.

          The lesson there is not to involve other people.

  • catloaf@lemm.ee
    link
    fedilink
    English
    arrow-up
    65
    ·
    edit-2
    3 months ago

    The Ars article seems to suggest that they were able to crack his phones pretty easily, which is a bit scary. I don’t see anything about a computer.

    Although it doesn’t appear he was actually using any encryption apps to store material; rather, he used a fake calculator app as password protection. Obviously not the brightest bulb in the drawer.

    • Snot Flickerman@lemmy.blahaj.zone
      link
      fedilink
      English
      arrow-up
      64
      ·
      3 months ago

      The material was allegedly stored behind password protection on his phone(s) but also on Mega and on Telegram, where Herrera is said to have “created his own public Telegram group to store his CSAM.” He also joined “multiple CSAM-related Enigma groups” and frequented dark websites with taglines like “The Only Child Porn Site you need!”

      My guess would honestly be Telegram. For starters, they aren’t end-to-end encrypted by default, you have to turn it on. The only end-to-end encryption that Telegram offers is their “secret chats” which are only available between two users. Groups are not encrypted.

        • BearOfaTime@lemm.ee
          link
          fedilink
          English
          arrow-up
          5
          ·
          3 months ago

          What propaganda?

          That groups aren’t encrypted is documented. If you don’t know that, it’s because you didn’t bother to see how it works.

    • Ace! _SL/S@ani.social
      link
      fedilink
      English
      arrow-up
      31
      ·
      3 months ago

      The Ars article seems to suggest that they were able to crack his phones pretty easily

      Android uses data at rest encryption, which isn’t really useful without a lockscreen PIN/password since data gets decrypted after you unlock your screen the first time after each boot

      Although it doesn’t appear he was actually using any encryption apps to store material; rather, he used a fake calculator app as password protection. Obviously not the brightest bulb in the drawer.

      Agreed, he probably felt safe enough “hiding” the files. Definitely not the sharpest tool in the shed, which is great because fuck this guy

    • chimera@lemm.ee
      link
      fedilink
      English
      arrow-up
      19
      arrow-down
      1
      ·
      3 months ago

      I honestly don’t think he really had any opsec apart from those few applications, look at what tools he was using, what a joke. Fake calculator app to store files are great to protect from your parents, not the FBI.

      He was clearly using Android and I bet he was using the stock rom, kyc sim card, and not even a vpn behind tor.

      Don’t get me wrong, I’m very happy and relieved he was caught, but if he had done serious research and did a better opsec, it wouldn’t have been so easy for the authorities to get him

      • Siegfried@lemmy.world
        link
        fedilink
        English
        arrow-up
        8
        arrow-down
        1
        ·
        3 months ago

        Recently? Maybe i’m wrong, but i remember a 2 years old news telling that france was pursuing allowing the police to spy on rioter’s phones… I remember it was not long after the “end” of the yellow jacket’s riots, so maybe it’s even older.

        Dysthopic vibes.

      • rottingleaf@lemmy.world
        link
        fedilink
        English
        arrow-up
        7
        ·
        3 months ago

        Telegram is not safe from governments. Maybe safe from Western ones.

        It does not have E2EE for most things. Which means TG users are not safe from TG owners, and TG owners are not safe from those who are the force behind them.

        Maybe it’s Israel, maybe it’s Russia, Durov’s female friend was spotted in Baku in a “cyber-security” center operated by Israelis, so maybe Azerbaijan. Maybe I don’t know.

        You don’t have to know which exactly force that is. All you have to know is how TG works.

        people who organize demonstrations

        … can use Signal. Its usability has improved a lot since I last tried using it. I’ve just moved half of our family chats there, another half is waiting till a bit later, because they are on another continent. It’s as convenient as WhatsApp.

      • vxx@lemmy.world
        link
        fedilink
        English
        arrow-up
        4
        arrow-down
        12
        ·
        edit-2
        3 months ago

        I assume he was arrested because he is a russian asset.

        Regardless, he was doing business in France and not following its laws. So the official reason still makes more sense than your fantasies.

        Yes, companies should comply with law enforcement when their platform is evidently used for crimes.

    • sunzu2@thebrainbin.org
      link
      fedilink
      arrow-up
      15
      arrow-down
      3
      ·
      3 months ago

      Man ain’t nobody escaping feds in the fucking fed land if they want to fuck you over legit or not.

      But we ain’t got to make it easy for them either, let them do their jobs if they think they got something.

      Privacy for me at least is denying the corporate the data. Your story and many other ones like it reinforces the well known fact that they farm us.

      But clearly shit works based on ad trash cos valuations. But we still got adult men and women out here who got nothing to hide 🤡

    • addictedtochaos@lemm.ee
      link
      fedilink
      English
      arrow-up
      12
      arrow-down
      1
      ·
      3 months ago

      its way more likely that your mom searched for cancer related information on google. and you are connected to your mom, so you get ads as well.

      • Siegfried@lemmy.world
        link
        fedilink
        English
        arrow-up
        4
        ·
        edit-2
        3 months ago

        I get the feeling this thing, I mean, the ad targeting is far stronger in the USA (maybe also in europe) than in the rest of the world. My “ad targeting” is idiotic. I once was in brazil (argentinian here!). And got ads in portuguese for a year or so. I was a month planning on buying a computer, with all that that involves (google searchs, looking for prices on internet) and i never got an ad until i actually bought everything, then it was 2 months of ads recommending me to buy the exact same components i already bought.

        As today, half of my ads are in german. Jokes on them, i use them to learn.

        • Kallioapina@lemmy.dbzer0.com
          link
          fedilink
          English
          arrow-up
          4
          arrow-down
          2
          ·
          edit-2
          3 months ago

          I dont mean to be snide, but the abbreviation for advertisement is ‘ad’, not add.

          Also, using uBlock Origin on Firefox (or its various forks) gets you rid of ads pretty much universally. It’s also a security feature in the post-2000’s internet; lots of malware use ads as an attack vector.

          You should not need to suffer through ads - no one should.

          • Siegfried@lemmy.world
            link
            fedilink
            English
            arrow-up
            3
            ·
            3 months ago

            I dont mean to be snide, but the abbreviation for advertisement is ‘ad’, not add.

            Thank you

    • linearchaos@lemmy.world
      link
      fedilink
      English
      arrow-up
      29
      ·
      3 months ago

      I’m still not entirely convinced that tor is as protected as people think it is.

      There’s only something like 6,000 exit nodes. It really wouldn’t be that much money for the government to run thousands of them. If you monitor enough exit nodes and enough relays, you can start to statistically tie connections back together with timing analysis.

      I don’t know this to be the case for sure but I can’t imagine the government hasn’t pushed towards breaking the security and identifiability of the tor network

      • Snowclone@lemmy.world
        link
        fedilink
        English
        arrow-up
        14
        ·
        3 months ago

        If you read a lot of news, it’s really clear Tor isn’t protecting anyone from the FBI. It’s about as effective as using limewire at this point. Which also, the reporting makes it pretty clear it’s not effective to hide criminal acts in the least. But it’s pretty great abusers think it’s effective so they get caught.

      • Chozo@fedia.io
        link
        fedilink
        arrow-up
        15
        arrow-down
        2
        ·
        3 months ago

        I’ve suspected Tor of being heavily compromised for a while now. It’s already known that many onion sites are government honeypots, with sites being taken over rather frequently, sometimes without triggering the canary. While it’s better than nothing in some situations, I don’t think it can be relied upon for true anonymity anymore.

      • yeehaw@lemmy.ca
        link
        fedilink
        English
        arrow-up
        3
        ·
        3 months ago

        It’s not as protected as people think it is. This has popped up on headlines for years. It helps, but if someone really wants to find you on there, they can. It’s just not as easy.

  • Todd Bonzalez@lemm.ee
    link
    fedilink
    English
    arrow-up
    27
    arrow-down
    1
    ·
    3 months ago

    Lots of conjecture in the comments about how he got caught. Too bad nobody read the article.

    Web-based generative AI tools/chatbots

    he created fake AI CSAM—but using imagery of real kids.

    All the privacy apps in the world won’t save you if you’re uploading pics to a cloud service.

    • chakan2@lemmy.world
      link
      fedilink
      English
      arrow-up
      3
      ·
      3 months ago

      And…that’s still not how he got caught. He hit a child porn honey pot and they got his IP.

      I would have assumed all his AI work was local on his own server.

  • chimera@lemm.ee
    link
    fedilink
    English
    arrow-up
    14
    ·
    3 months ago

    It is also because of people like him that laws like Going Dark become plausible to the eyes of the politicians and the masses

      • superkret@feddit.org
        link
        fedilink
        English
        arrow-up
        43
        arrow-down
        1
        ·
        3 months ago

        People like me, who are against the death penalty on principle. (or even more “creative” forms of punishment people like to come up with in these cases).
        No, prison is where this guy belongs. For as long as necessary.

        • Womble@lemmy.world
          link
          fedilink
          English
          arrow-up
          14
          arrow-down
          1
          ·
          edit-2
          3 months ago

          Further to this its not likely to result in less children being abused.

          If you have the death penalty for even possessing CSAM as the parent suggests, then there is no incentive to not get into distribution or even actively abusing children and producing CSAM once you posess some. The punishment isnt any worse so why not? Its the same reason for proportionality in other crimes, we dont punish robbing a bank with life in jail as then there would be no reason for anyone who robs a bank to not just murder everyone to leave no witnessess.

          • superkret@feddit.org
            link
            fedilink
            English
            arrow-up
            18
            ·
            3 months ago

            And if you propose the death penalty for abusing children, a child abuser has incentive to kill the child afterwards to get rid of the witness.
            The punishment can’t get any worse, and it reduces the chance of getting caught.

        • sunzu2@thebrainbin.org
          link
          fedilink
          arrow-up
          2
          arrow-down
          10
          ·
          3 months ago

          Death penalty is fine if it didn’t get abused bit it will be abused. We know this. So yes i agree with you.

          But also if cop killed him and there is adequate evidence that athat person actually hurt a child. I just see self defense and if I was no a jury, I would not convict and I hate police lol

          Society lost this basic function for self cleansing. At some point these people just need to be disposed off.

          Also, state will execute for treason. I look at severe child abuse as a higher order, ie social treason. FAFO

        • Lost_My_Mind@lemmy.world
          link
          fedilink
          English
          arrow-up
          3
          arrow-down
          26
          ·
          3 months ago

          Oh, I was thinking something far worst than death. I was thinking something like a torture rack.

          • Saledovil@sh.itjust.works
            link
            fedilink
            English
            arrow-up
            32
            ·
            3 months ago

            So you’re a sadist, but you try to convince yourself it’s okay because you only want to torture people you think deserve it. Of course, no one deserves to be tortured.

  • sumguyonline@lemmy.world
    link
    fedilink
    English
    arrow-up
    9
    arrow-down
    11
    ·
    3 months ago

    It’s all publicly approved backdoors until feds are planting child abuse imagery on your PC because you spoke out against them in the wring venue. No one will believe you when they do. Currently you can’t trust articles like this, maybe the dude was actually hurting kids. Maybe the feds just needed a win. You won’t ever know, and neither will I so long as the same ideology is in control. Now watch them turn every single kid in the pics into a sex offender because the fed believes if you were raped, you WILL rape someone in the future. But by all means keep enjoying their rage bait.

  • technocrit@lemmy.dbzer0.com
    link
    fedilink
    English
    arrow-up
    5
    arrow-down
    8
    ·
    edit-2
    3 months ago

    a heavy vehicle driver for the US military

    That’s an odd way to describe a soldier. It’s not really surprising when violent people do violent things.

    • spongebue@lemmy.world
      link
      fedilink
      English
      arrow-up
      8
      ·
      3 months ago

      I’m not sure that’s necessarily true. There are plenty of military contractors out there, and a driver is the kind of position you would expect to be likely contracted out. That in no way makes one a soldier.

        • catloaf@lemm.ee
          link
          fedilink
          English
          arrow-up
          5
          arrow-down
          1
          ·
          3 months ago

          That’s the funny thing. This guy got busted through plain old detective work.