I've watched every bit of the Symposium thus far, and have some thoughts on the subject. Interested in others' thoughts as well....
This whole thing depends on the authenticity of the pcap data. What we've really seen so far is that there are lots of mathematical models that are arrived at through different processes and all arrive at a similar conclusion. That is, various mathematical models can all predict the election outcomes in various states/counties. Said another way, the machine algorithm could be written from scratch and come up with the same results.
However, the smoking gun is the hard evidence - the packet capture data. That shows what did happen and what was altered. The rest of the discussions are essentially deriving the code that alter the actual results.
Also, the pcap data source is the one thing Mike Lindell will not disclose. This is the really, really important part. IMO, this data came from the US military from the captured equipment in Germany. The equipment was the router for the aggregation system.
For those that don't know, a router can be used to decrypt encrypted packets from any machine(s) within its LAN (local network). So control of the router is critical. If you work for a business that can block any connection via https to a website and keep you from using a machine to visit that site, it's doing so by decrypting the local network traffic, understanding what site you're trying to visit, and then using rules to determine whether or not you're allowed to visit that site. Open source tools, like a squid reverse proxy, can illustrate this (ie, if you have control of your router and can run open source tools, you can do this yourself...)
So the biggest reveal in this symposium is probably the data source. Why would they give it to Lindell? I don't know. But the authenticity of that data can definitively prove that this election is stolen, while all of the other discussions revolve around how the data was changed. They are converging on a piece of code that could be set up to mimic exactly what happened and how - if you have the data set collected by the router, you can define how the code is changed on the mainframe. I don't see another means of collecting such a large data set from so many machines - it has to be at an aggregation point. Another such point could be across some node(s) monitored by the NSA, I suppose.
Thoughts?
That's true. It's really a sophisticated MITM attack. I have to try to oversimplify the statement a bit for brevity.
All packet headers have to have information on source and destination, but the data would remain encrypted. However, on the destination side, the data has to be decrypted. Thus, if you can intercept the packets via MITM to locate the destination and can get access to equipment on the destination side, you can get the data. I'm assuming this is what occurred.
I didnt notice this part. Do you really reckon they did the capture with access to the actual machines ? I highly doubt that - either they had to install non standard stuff on the machine, or process the captured encrypted packets offline with the SSL keys for the destination. Either feels impractical.
Hence my deduction that it is a offsite, military operation with encryption breaking non civilian tech.
I'm just assuming that's the case. If I were running an operation, I'd want packets encrypted. But of course, they have to be decrypted on the destination side. I'm just making an assumption, but of course, I have no idea. If it's 37TB of data, all streaming from different sources cast across the country, it would be very hard to capture data and get it all. So I'm assuming they got the aggregated data at a collection point.
Thus, I'm assuming they created certificates for the transport with a master CA they implemented. That would allow the decryption of all data if you got the master CA, any secondary CAs, etc. Just my take...
I am not even sure if the packets were encrypted. Did you hear the, talk about it (or that they used https for all these remote controlling)?
To make MITM work for https, you will have to allow insecure certificates on the machines. That confiuration would be easy to check.
If packets are encrypted and there is no insecure certificate setting, it would indicate a military grade capture. We all suspected that AES512 and below can be decrypted by the military/NSA etc, but we will get to see.
Personally, when I think about the origin of these pcaps, it gives me goosebumps!
I agree. Either we'll have to see that the MIL/NSA/etc can break certificates, or they're home brew certificates and they got the CAs and keys. If the packets were unencrypted, that would be ridiculously silly - but then again, we are dealing with stupid, reckless people....
CA is definitely possible, and I have suspected CA shenanigans even in the past with other things. If they did do that, that would be another redpill.
Its past 1 am here, and I wish I could keep watching the symposium :(
Thanks for the feedback. Get some rest!