Tailscale raises $100M

(tailscale.com)

854 points gmemstr | 2 comments | 04 May 22 13:17 UTC | HN request time: 0.42s | source

Show context

falcolas ◴[04 May 22 21:49 UTC] No.31266299[source]▶

First - congratulations! I like the idea behind your product. Easily configured VPN tunnels are something I enjoy having.

But, and I'm probably just shouting into the void at this point, relying upon your network being secured as a method of securing your office/product will only result in heartache.

If you're a company SEO or similar trying to protect your company from threats, your first assumption must be "the network is compromised" no matter whether it's on the internet, or VPN tunnels, or firewalled local network.

replies(1): >>31274056 #

1. JoachimSchipper ◴[05 May 22 14:47 UTC] No.31274056[source]▶

>>31266299 #

You may want to take a second look at Tailscale - it can be used as a classic VPN ("exit node"), but it really wants to broker host-to-host connectivity secured by ACLs and SSO.

replies(1): >>31274220 #

2. falcolas ◴[05 May 22 14:59 UTC] No.31274220[source]▶

>>31274056 (TP) #

Respectfully, this doesn't change the advice. Always assume the network is compromised - that someone who shouldn't has access your hosts via the network. A user's device is taken, a new user is added via social engineering, a computer is left unlocked, a host is compromised...

↑