Comment by dolmen
2 days ago
The post says:
> Side note: for those wondering, Tailscale is Canadian and can't see the content of connections (although if you're worried about this it's also possible to self-host using Headscale).
However this is no longer the case. From Tailscale's Terms of service "Schedule A", "New customer accounts on or after September 3, 2024" are bound to "Tailscale US Inc., a Delaware corporation"
It can’t see the contents of connections but it records all the metadata. You know a lot about what the contents are going to be based on the ports. The default configuration of Tailscale will also collect all your DNS requests.
https://github.com/tailscale/tailscale/issues/16165
This is completely unacceptable for a service like tailscale to not offer an easy way to opt out of all logs. Uninstalling it now from all my machines.
From the issue:
> I never want to send any fraction of information about my Internet browsing to Tailscale.
I'm slightly confused about this part of the ticket. If you're using Tailscale DNS, how do you avoid sending Tailscale information about your internet browsing?
> If you're using Tailscale DNS, how do you avoid sending Tailscale information about your internet browsing?
You can't.
I don't trust a VC backed company and neither should you. Headscale is extremely easy to configure and setup, go for it instead
So Tailscale is now a US company and you can't bind to Headscale? Enshittification.
> and you can't bind to Headscale?
Can you elaborate on what you actually mean by this? Headscale works fine.