zlacker

[parent] [thread] 1 comments
1. johnis+(OP)[view] [source] 2026-01-12 09:19:50
The "layers" argument applies equally to WireGuard without Tailscale. Attacker still needs VPN exploit + vulnerable service.

The difference: Tailscale adds attack vectors that do not exist with self-hosted WireGuard: account compromise, coordination plane, client supply chain, other devices on your tailnet. Those are not layers to bypass, they are additional entry points.

Regardless, it is still for convenience, not security.

replies(1): >>twelve+8vi
2. twelve+8vi[view] [source] 2026-01-17 11:17:25
>>johnis+(OP)
yeah i agree, it's less secure than just wireguard + self hosted, to be honest i didn't thoroughly read your original comment
[go to top]