OK, you don’t like my comparisons. I don’t see them as spreading misinformation. Your objection was that Tailscale is a company offering something for free with some proprietary bits and a paid tier. All the software I mentioned also offer something for free with some proprietary bits with a paid tier where they make their money.
Maybe a more apt comparison would be Bitwarden.
At least in the US each company is required by law to disclose what information they collect and what they are allowed to do with it. Tailscale’s disclosure can be found at Privacy Policy · Tailscale
The relevant bits include:
We collect and use information only on behalf of our Customers, and do not use such information for any other purpose except as set out in this privacy policy or as required or permitted by applicable laws.
…
To create and administer your account: You do not have to create a Tailscale account to visit our website or download our client applications. However, you will be required to create an account in order to use the Tailscale Service. To create and administer your account, we will collect information such as your email address, as well as your first and last name. We will ask you to authenticate, using your email address, with your domain’s corresponding OAuth2 or SAML provider.
…
When you log into our product through these third-party sites, we may collect certain information associated with your account on the third party’s site (e.g., name, username, email address, profile picture, gender) in order to create and manage your account, or as part of the operation of the third party’s website, plug-in or application.
…
We collect information about our Customers’ use of the Tailscale Service, including information about each device used (such as the type of device hardware, hostname, all IP addresses, internal and private network routing information, operating system version, cryptographic public key, user agent (where applicable), the version of the Tailscale software installed, aggregate usage information (such as timestamps and connection logs between devices, as well as the sum of data transferred between devices by a given user), language settings, and the date and time the app accesses our servers). We use this information to provide, monitor, and manage the quality of our services, as well as to provide technical assistance. In some cases, The Tailscale Service uses this information to assist in establishing connections between pairs of devices.
…
We do not sell or disclose your personal information to third parties without your consent, except as set forth below or as required or permitted by law.
…
Service providers: Your personal information will be transferred (or otherwise made available) to certain third parties that provide services on our behalf. We use service providers to provide services such as hosting the website, operating certain of its features, processing payments, providing authentication services, data analysis to better understand and improve product and website usage, and providing advertising and marketing services. Our service providers are only provided with the information they need to perform their designated functions and are not authorized to use or disclose personal information for their own marketing or other purposes. Our service providers may be located in the U.S., Canada or other foreign jurisdictions.
…Legal and compliance: We and our Canadian, U.S. and other foreign service providers may provide your personal information in response to a search warrant to other legally valid inquiry or order, or to another organization for the purposes of investigating a breach of an agreement or contravention of law or detecting, suppressing or preventing fraud, or as otherwise may be required or permitted by applicable Canadian, U.S. or other law or legal process, which may include lawful access by U.S. or foreign courts, law enforcement or other government authorities. Your personal information may also be disclosed where necessary for the establishment, exercise or defence of legal claims and to investigate or prevent actual or suspected loss or harm to persons or property.
Sale of business: We may transfer any information we have about you as an asset in connection with a proposed or completed merger, acquisition or sale (including transfers made as part of insolvency or bankruptcy proceedings) involving all or part of Tailscale Inc. or as part of a corporate reorganization or other change in corporate control.
tl;dr: they collect what they need to make the service work and monitor the health and status of the system. They share just what is required by their service providers to do their job or where required to by law. And of course if they are bought, the data goes to the new company.
This is not a company that makes money off of selling information about its customers. They make money because if you are trying to use it for anything more than a home network you will need to pay for a plan.
Believe it or not I really did do my homework on this. I’m not just blindly promoting them. I looked at who they are, where they came from, the company’s history, how it works technically, the licenses, privacy policy, and more.
I’ve also set up and used OpenVPN configured by hand, Wireguard configured by hand, PIVPN, various OpenVPN wizards on various firewalls and gateways.
Tailscale is the first where I was able to send an email to my dad with three simple steps to install it and get connected that he was able to follow. This is the same person who I constantly have to answer “I saved a file, where did it go?” questions. And so I promote it to users for whom setting up a VPN using these other methods is too hard for them or too daunting.
Of course not. Why would I? If a user has the ability to install and set up headscale they would have the ability to set up Wireguard or OpenVPN in the first place and wouldn’t need Tailscale. And if they wanted Tailscale but not want to use their “closed bits”, they can do the same search in DuckDuckGo that I did after reading in Tailscale’s own documentation that it’s possible to code your own coordination service.
I’ve never said everyone should use Tailscale. I didn’t recommend the OP switch to Tailscale. I’ve always said people who are unwilling or unable to deal with the complexities of setting up a VPN on their own should look at Tailscale. And I stand by that recommendation. And I will keep making that recommendation.