[erlang-questions] Erlang cookies are secure

[Louis Pilfold]

Hi!

In the event that the cookie is your only security, what do you do
when your cookie gets out?

Event if you cookie is not guessable, there is still a chance that
through malicious act or human error a trusted person within your
organisation shares your cookie with others. I've not got the evidence
to hand, but while preparing for security audits at a previous
workplace our trainer told us that most security breaches are due to
the actions of people within the organisation rather than outside of
it. This seems very plausible to me.

Cheers,
Louis


On 9 June 2016 at 21:20, Lyn Headley <lheadley@REDACTED> wrote:
> I don't understand why so many people are so dismissive of
> cookie-based node security. Here's what Fred Hebert wrote, for
> example:
>
> "While documents like the official Erlang documentation put cookies
> under the topic of security, they're really not security at all. If it
> is, it has to be seen as a joke, because there's no way anybody
> serious considers the cookie a safe thing. Why? Simply because the
> cookie is a little unique value that must be shared between nodes to
> allow them to connect together. They're closer to the idea of user
> names than passwords and I'm pretty sure nobody would consider having
> a username (and nothing else) as a security feature. Cookies make way
> more sense as a mechanism used to divide clusters of nodes than as an
> authentication mechanism."
>
> In opposition to this extremely widespread sentiment, I believe that:
>
> 1) It is feasible to create an unguessable cookie.
> 2) It is feasible to prevent outsiders from seeing the cookie's value.
>
> Therefore attackers cannot take over my node by compromising my cookie.
>
> Where is the flaw in my reasoning?
>
> Lyn Headley
> _______________________________________________
> erlang-questions mailing list
> erlang-questions@REDACTED
> http://erlang.org/mailman/listinfo/erlang-questions