I have been looking at TLS recently, and I am unsure as to why it is so secure, but probably thanks to a misunderstanding of how it works. But if the entire handshake is recorded, either using a man in the middle attack or a packet sniffer on the target computer, then any of the remaining communication can be decrypted as you would have all the info that the client and the server used to generate the encryption keys.
I doubt there would be such a hole in tls, but could anyone tell me how tls defends against this?
The critical data sent by the client to the server in the TLS handshake is encrypted using the server's public key. So even if the packets are captured on the wire, it would require the private key (which is assumed to be known only to the server) to decrypt the packets.