1/n
If you are wondering if there will be anybody at Mike Lindell's cybersymposium who can confirm or refute his "packet captures", well, there's going to be me. I'm a well-known expert on packet captures, and somewhat knowledgeable about election systems.
https://t.co/PGioDBZ47B

2/
I've done a bunch of other techie fact checking, such as confirming that Hunter Biden email was authentic, and debunking that conspiracy-theory of suspicious DNS logs showing secret communication between Russia's Alfa Bank and Trump Tower.

3/
I don't know what Lindell's packet captures contain, but whatever it is, I'll write up a description within a few days after the event. I'll be extending this twitter thread over the next couple days just live tweeting the process.

4/ FYI: nobody is going to win the $5 million. It's impossible to disprove election fraud. It's only possible to demonstrate that claimed evidence fails to prove it.
https://t.co/XSYPVPkedz

5/ BTW, what kind of expert am I? Well, if you capture packets on the public Internet for more than a few minutes, you'll capture some that I created. Since you've been reading this thread, your home router has gotten hit by my packets.

6/ For those who know me, you might want to pile onto this thread, but only BEFORE I write up my conclusions later this week, before you know what the conclusions will be. Afterwards, it looks insecure, just agreeing with the conclusions you want.
https://t.co/OViTvzgrnx

7/ good morning cyber symposium! If you are around, I’m sitting up front to the left of the stage. https://t.co/AXHSkYhJIg

8/ Here’s a pic looking backwards. Btw, I’ll be the guy wearing a mask, because as you know I’m an internet troll and this is the sort of thing I do. https://t.co/IzAVeVHjQv

9/ Before this week, the things Mike Lindell posted were not recognizable as "packet-captures". This is what they normally look like. It's not required to look like this, but it's the level of detail I'll be getting into. https://t.co/T9GtGsLkar

10/ ok, I was wrong about the contest rules. They are much better than I thought: simply proving its not election data. However, the data supplied before this week seems to have been already public registration data and not votes. https://t.co/owt2ZW87ig

11/ For example, here is data that I got from the State of Georgia, a hexdump of early voting records. It's public, anybody can download it from the net.

So I don't care if it's "election data", I got that already. I'll be looking for hard evidence proving election fraud. https://t.co/jDuY0pzHtY

12/ Everyone is friendly and nice. Which is what I expected. We like to demonize our opponents, but really, they are almost always reasonable, kind hearted people -- even if in our own opinion they are wrong. On both sides.
https://t.co/QF0CyRTPOI

13/ For a specific list of questions that I'll be trying to answer, I'll start with this, and then have additional questions depending upon the data.

Either way, I'll write things up and EXPLAIN in simple terms what the data shows.
https://t.co/X6avDWvhps

14/ I go to a lot of cyber security conferences and have a ton of old badges hanging from the wall in my closet - I’ll just add this one to the pile. https://t.co/M2HcPkCZ5E

15/ This is an excellent question. I'm starting on the skeptic side because, so far, he hasn't published any good data. I don't understand why he hasn't simply dumped the raw data for everyone to see.
https://t.co/TALuGdBO6S

16/ “I invited the Fakebook fact checkers” — Lindell

Also statements about inviting fake media like CNN. When he mentioned Fox News the crowd booed.

17/ they have scrolling hexdumps. For one thing they scroll too fast to read, and for another, they are too blurry to read, and lastly, even experts can’t generally read hexdumps without decoders. https://t.co/MBH1zb64xS

18/ The reason why the question “what’s the source of data” is so important is because we know that media reports of vote tallies where highly inaccurate, the media made lots of accidental mistakes. https://t.co/bVef3KXg4z

19/ We know the flaws of the NYTime live election night data feed, how it didn't accurately reflect the official counts, why it appeared to show flipped votes and jumps on one side or the other.

The question is whether such things exist in the raw data.

20/ "they work for LeadStories? fact checkers? shame on them!!! .... they are the enemies of the people"

That's me!!! That's me!!!!
I'm not feeling ashamed, though.

21/ "We are going to do a mock election... we'll show you how the routers work ... we'll show packet captures in real time".

I'm actually looking forward to this. Dominion machines can be networked, but DEF CON Voting Village didn't have networked machines to play with.

22/ "I saw Hari Hursti is here" (and some criticism of Hari).

He brings voting machines to the DEF CON hacking conference for hackers to play with, confirming they are easily hackable -- but they don't like him because he still rejects the idea that the 2020 election was hacked.

23/ The evidence that I'm here to validate is showing that it was hacked -- not that it could've been hacked. I know it could've been hacked, by either side. I'm hoping to see the raw details showing it was indeed hacked or manipulated or fraud happened.

24/ Yes, the schedule is for later today, to have breakout sessions, where (I think) I'll get to sit down and personally look at raw data -- and hopefully, get to post to the Internet for experts like Laura Chappell to see as well.
https://t.co/F3HWSeUo5E

25/ Phil Waldron kicked off the breakout session. He wasn't involved in collecting the packet-captures, so didn't have clear answers. But he suggested:
1. the packet-captures come from a Chinese network
2. they are in a proprietary BLX/PLX format
But he didn't seem sure.

26/ ...but we haven't got the actual data yet, but soon. We are still dealing with lunch.

27/ They've given us access to a server on the local WiFi network that has the "data" that we are supposed to be analyzing.

We are struggling to figure out what this data contains. I've put the smaller files up on github:
https://t.co/FkJqgNtLlq

28/ So what they gave us were these "HEX.txt" files, which when decoded (`xxd -r -p filename`) produces .rtf files. One of the RTF files contains a table of IP address, the others contain something in an unknown character set.

29/ Here's the current status: nothing.

They've given us a drop of data that makes no sense that they can't explain.

They promise: just wait until later tonight, that's the "real" data.

30/ I mean: they've given us a bunch of confusing stuff they can't explain, but have not given us the "real" stuff yet. They promise the "real" stuff is coming tonight or tomorrow for us to look at.

31/ The delay is explained by a bunch of things going wrong, such as the guy who was a source of data getting a stroke.
https://t.co/J0a7afHAPS

32/ So I had the list of questions I sought to answer this morning at the top of this thread. Current progress = 0%

33/ This is incredibly frustrating. Lindell invited "cyber experts" and "fact checkers" to come and confirm the "packet captures" -- and has yet to provide us any packet captures and it's 4pm already. #ReleaseThePacketCaptures

34/ So I got some straight answers from Spider:
1. the data comes from Dennis Montgomery
2. it's the data shown in those Lindell videos
3. it's the hexdumps that have been scrolling in his videos and kiosk
4. we cyber experts will not be given opportunity to verify it https://t.co/MqdvsFQ8qe

35/ Please don't interpret that as being disproven. This would be the WRONG conclusion. Instead, it means it's simply not confirmed. Montgomery is in the hospital and unable to come, and unable to help us, because it's in a proprietary format.

36/ The vague answers to this question is that it was retrieved with custom tools on the China side of things, as they targeted election systems via the Internet, not collected on the side of the election systems.
https://t.co/nL0MdYdrJz

37/ For all that Mike Lindell attacks critics, do remember that he invited critics to come to the event, which is something I respect. On the other hand, failure to give the critics the data they were promised, well, I'm frustrated by that. I'm a pcap guy who loves pcaps.

38/ Later they will be showing pcaps from Mike Lindell's own people, that are here, that will stand behind them and explain them. I look forward to reading them.
https://t.co/et5uTx10eY

39/ Wait, what? I'll come on stage and defend my findings. It's just that we techies are sitting in breakout rooms in the back and I wasn't aware of the live feed. I'm out front now. Let's go!
https://t.co/VhimzXi8Sc

40/ Sigh. I'm here near the stage, ready to stand up and defend my claims in this thread. Just call me up on stage and let's talk. #ReleaseThePacketCaptures

41/ By the way, this is the data they are NOT giving us, they are not allowing pcap experts to analyze this data. Showing it as a video stream like this is unreadable.
https://t.co/0KnJGw5mQP