←back to thread

Tailscale raises $100M

(tailscale.com)
854 points gmemstr | 2 comments | 04 May 22 13:17 UTC | HN request time: 0.406s | source
Show context
arsome ◴[04 May 22 14:39 UTC] No.31261100[source]
I was going to try TailScale but then it seemed the only option to do so as an individual was to login with a 3rd party cloud provider, which I in no way want tied into my networks.

I gave up and just setup wireguard directly instead, I don't trust Tailscale either if that's their attitude towards privacy, it's permanently marred my vision of their product.

replies(10): >>31261128 #>>31261230 #>>31261250 #>>31261558 #>>31261667 #>>31261807 #>>31261815 #>>31261981 #>>31262022 #>>31262899 #
1. Saris ◴[04 May 22 14:41 UTC] No.31261128[source]
Yeah that's the biggest hangup I have, it just seems strange to rely on a third party login to be able to access something as important as a VPN. If my google account or whatever gets shut off for any reason I'd be pretty hosed.
replies(1): >>31261470 #
2. ignoramous ◴[04 May 22 15:02 UTC] No.31261470[source]
Avery, co-founder at Tailscale, has some strong opinions about why SSO is sufficient for their product.

They wrote a bit about their thought process: Factors in authentication (2019), https://apenwarr.ca/log/20190114

> It seems to me that the above successful enrollment patterns all use one or more of the following techniques:

> A human authenticates you and issues you a token (usually in person).

> A short-distance, physical link (proximity-based authentication) like a biometric sensor, or USB or bluetooth connection.

> Delegation to an existing authenticator [SSO]...

> What people tend to miss... is that enrollment is necessary whether or not you send a push notification to the phone during login. The push notification is only secure if this specific browser instance is enrolled; but if this browser is enrolled, then the push notification adds no extra security... The enrollment was the security.

Fully expect them to ship u2f authenticators or sell them at tsCare shops!