The Tailscale VPN client, the same one which runs on other devices, is compiled to WASM. It handles all of the key exchanges to connect to the tailnet. The SSH session is running as a WASM Tailscale client.

The browser, opening connections from within the browser engine, doesn't have the keys for SSH or VPN access.

Sounds like about "as good as this gets" if you happen to want to do this in browsers. Good job.

It doesn’t have the keys, but it can inject any javascript and do whatever the user can do.

Like intercepting your oauth token next time you login into SSO and then use that to access your tailnet.

This was true even before this new feature.

The new threat model is entirely psychological.

"Installing a keylogger" is a vast oversimplification, even if it is outside of their threat model.

Installing almost anything in your browser is usually a matter of a couple of clicks.

The wasm code runs in the browser, hence the keys live in browser memory, so the browser has access to the keys.

And then the addon intercepts the loading of the Wasm code, injects it’s own payload into it and has access to the keys.

What keys? I think the implementation does not use regular SSH keys for SSH authentication, but rather something custom (I believe traffic to port 22 on each SSH enabled client is intercepted and the daemon handles authentication itself).

For the downvotes: Am I misunderstanding Tailscale's implementation?

I'm not commenting on whether it's a good or bad idea, but we should at least be talking about the same thing.

If you have an actively malwared extension, there's probably an easier way to exploit any given target-- the simplest being recording passwords.

There's not really a "safe" website when the browser is malicious.

This is turning a remote server into a previously "safe website" and expanding the threat model to include remote web browser attacks.

I believe that replacing vscode.exe that you just downloaded is entirely possible with extension. So if you’ve got compromised browser, it’s gotta be hard to stay safe elsewhere. Lots of attack vectors. Better don’t get infected.