Is headscale also closed source and in the US?

Isn’t this a closed-source source service based out of the US? The US government could demand a backdoor in it at anytime in a secret court and no one would know.

Why is enshitification the thing being debated?

I feel like the math in this headline is off.

User agent logging is often done by running javascript locally on a machine, so the vpn would just pass the javascript to the local machine on which it would be run, so the data wouldn’t be effected that way.

Sometimes TLS fingerprinting is done to try to identify bots and not sure if bots would be included. They probably would be included because if they were blocked, then the javascript catching user would never be run on their machine, although I’m unsure of whether such bots would run useragent fingerprinting javascriot yo try to blend in or block it to avoid unneeded processing.