←back to thread

Tailscale raises $100M

(tailscale.com)
854 points gmemstr | 7 comments | 04 May 22 13:17 UTC | HN request time: 0.441s | source | bottom
1. aaronax ◴[04 May 22 13:58 UTC] No.31260498[source]
I have heard of but never really looked in to Tailscale until today. I'm not impressed.

"Fixing the Internet" is not done by layering more private network garbage on top of it.

Their claim[0] that after you install Tailscale on all your devices: "This final configuration is called 'zero trust networking',” is pretty interesting. It seems this would be more like having a trusted internal network (sure it is overlaid on an untrusted network). A true zero-trust network would mean all of your clients and servers are secure in a manner that they can operate on the public Internet...like O365, Salesforce, etc. To say that you run a zero-trust network because you implement a fancy VPN is C-suite dreaming at its finest.

"get around a misbehaving corporate firewall" like newhouseb sings praises for is exactly the sort of thing that should be happening less, and the opposite of "fixing the Internet". Follow the policies of the network you are being allowed to use, or lobby for them the be fixed. Don't like ISPs messing with DNS traffic? Get rules/laws implemented that prohibit that, instead of garbage like hiding your DNS in DNS over HTTPS. (DNS over TLS seems more acceptable to me.)

[0] https://tailscale.com/blog/how-tailscale-works/

replies(3): >>31260551 #>>31260560 #>>31260730 #
2. rcfox ◴[04 May 22 14:02 UTC] No.31260551[source]
"Don't like entities abusing their power over you? Just change the laws that allow them to do that!" What.
replies(1): >>31261711 #
3. Thaxll ◴[04 May 22 14:02 UTC] No.31260560[source]
> Get rules/laws implemented that prohibit that

You know this does not work in the real world right?

replies(1): >>31263217 #
4. newhouseb ◴[04 May 22 14:14 UTC] No.31260730[source]
To be fair, my "misbehaving corporate firewall" is actually my apartment that has building-managed internet wherein everyone is NAT'ed to the same fiber connection.

For whatever reason, SYN flooding detection triggers when you do more than a few TCP connections per second which makes most TCP-based things super frustrating and their IT is clueless as to how to fix it.

5. gkbrk ◴[04 May 22 15:18 UTC] No.31261711[source]
This is how people fix things caused by commercial entities being abusive. It's done quite a bit, most of the critical things people rely on are regulated.

Do you live in a place that doesn't regulate things?

replies(1): >>31262961 #
6. rcfox ◴[04 May 22 16:52 UTC] No.31262961{3}[source]
You could spend time to learn about the process, deal with months or years of lobbying, deal with counter-lobbying, and eventually win your position or maybe not. Or you could use this technical workaround.

And maybe we're all worse-off for it, but now you're done dealing with that issue.

replies(1): >>31264434 #
7. aaronax ◴[04 May 22 18:56 UTC] No.31264434{4}[source]
Yes, so I think it is reasonable that someone who stumbles upon $100,000,000 and wants to "fix the Internet" aim a little higher than making it as easy as possible to do the technical workarounds that leave us all worse-off.