TLS, or Transfer Layer Security, encrypts your data before sending it over the network.
If anybody captures your packets while youre using TLS, then they just see a garbled mess.
Only the recipient and sender of the packet will know what the packet contains if TLS is used.
Now let’s think for a second about Mike Lindell’s PCAPs.
If Mike Lindell has PCAPs that prove there was a cyber operation that targeted the election networks, then first we need to think about how he got the PCAPs.
If we assume TLS was enabled, then Mike Lindell would only be able to get intelligible PCAPs if the person logging the packets was either the sender, receiver, or cracked the encryption of the packets.
If Mike’s team was able to crack TLS then we will have a major problem for anybody who uses the internet.
There are man-in-the-middle techniques which could grab packets thought to be end-to-end encrypted but very few groups are in position to do so. (see: nsa, cloudflare, etc).
Now let’s assume that the sender/receiver of the packets didn’t use TLS.
If Mike’s team was able to run the packet capturing mechanism somewhere along the network routes that the election data took, and TLS was not enabled, then we can essentially conclude that
He. Has. It. All.
The barrier to entry to use TLS is very low. It takes but a minute to enable on a server or software, and takes seconds as an end-user (https is TLS, http isnt).
If election management software sent packets over the internet without at least enabling TLS, then that indicates that they are careless at implementing security at the least, and might even be potentially malicious.
I have not seen Mike Lindells PCAPs and don’t know the circumstances and data he has, but this could potentially be HUGE if he is able to verify and properly analyze what happened on the networks on election night.
Packets consist of two portions: the header and the payload. The header contains information about the packet, such as its origin and destination IP addresses (an IP address is like a computer’s mailing address). The payload is the actual data