Tailscale funnel will get you services scanned by Russian IP's
infosec.exchangeFor sure, this is why I personally believe sharing platforms (Funnel, CF Tunnel, ngrok, zrok etc) should all have security hardening, WAF-type features, and auth so that anyone cannot just scan and access your services. To me, this is table stakes which Funnel does not provides.
Agree, but instead we get defaults which will expose and announce services to the world without any auth or warning, all in the name of convenience. And tailscale is far from alone with this as you say, it applies to everything from databases to these services.
Do happen to know if the other services also create unique SSL certs for each service?