I think a lot of companies view their free plan as recruiting/advertising
if you use TailScale personally and have a great experience then you'll bring in business by advocating for it at work.
Of course it could go either way, and I don't rely on TailScale (it's my "backup" VPN to my home network)... we'll see, I guess.
become profitable when needed
By what, laying off all QA and support staff and half your developers the moment a single quarterly earnings report isn't spotlessly gilded?
pre-emptive pikachu face strike
And here I am, still using OpenVPN in 2025 lol
They also had a major ass security issue that a security company should not be able to get away with the other day: assuming everyone with access to an email domain trusts each other unless it's a known-to-them freemail address. And it was by design "to reduce friction".
I don't think a security company where an intentional decision like that can pass through design, development and review can make security products that are fit for purpose. This extends to their published client tooling as used by Headscale, and to some extent the Headscale maintainer hours contributed by Tailscale (which are significant and probably also the first thing to go if the company falls down the usual IPO enshittification).
Isn’t that the entire design philosophy of tailscale?: reduce friction, at the cost of some security.
If security is your main priority, you should be using more secure options, even if they are less convenient or tougher to maintain.
I've realized how easy it is to just actually run a network rather than half ass it with tailscale. I recommend this, it's fun.
So glad my router supports WireGuard/OVPN server hosting, doing it this way also relieves resources off your homelab and for whatever reason your homelab shuts off or loses network access you can at least rely on your router to re-establish the VPN server without further intervention.
Headscale is great if you like networking fun, but that aside I'm not understanding why VC funding is such a black mark to the poster. Tailscale doesn't generate meaningful revenue streams as its early-stage, so it has to secure funding to continue operations until they achieve high enough revenue to go public. That's pretty standard in a business life-cycle, though. It seems like the main complaint is that Tailscale is a business. And what about the Linux Foundation? They are funded through private equity. Should you consider switching away because of that?
Not that it is a business but is a specific kind of business. VC funded startups eyeing an IPO more often than not start doing things users are not happy with. Maybe tailscale won't, but might as well be aware what kind of company they are acknowledge there is a decent chance of rugpulls
It seems like the main complaint is that Tailscale is a business. And what about the Linux Foundation?
The Linux Foundation is not a business.
Yup, I don't know if that is OP's intention, but I would agree myself with the complaint that "Tailscale is a business"
The way I see it, if it's a business it must generate revenue (either now or down the road), and that is enough to have me worried. I do have a Tailscale registration, and the way they approach email communication is already a yellow flag to me (too many ad emails)
That's pretty standard in a business life-cycle, though
I don't know where people ever got the idea that normal = acceptable. I hear this used to justify all sorts of awful crap. It was only ever normalized because users were apathetic.
And what about the Linux Foundation? They are funded through private equity. Should you consider switching away because of that?
Does The Linux Foundation have complete control over Linux?
Question: if I setup Headscale on my network, I would have to open a port on my router to connect to it right? And also if I setup Headscale with some cloud provider, could they theoretically go and use the setup to get to my home network? I know its unlikely, I just mean if the technology is like e2e from clients to my home network, or if the cloud headscale 'centre' would be also an unguarded entry point (from the perspective of cloud admins). I hope I am clear 😀 Thanks (btw you probably guess why I currently use Tailscale 😀)
if I setup Headscale on my network, I would have to open a port on my router to connect to it right?
The way I understand it is:
I would have to open a port on my router to connect to it right?
Yes
if I setup Headscale with some cloud provider, could they theoretically go and use the setup to get to my home network?
If they are able to authorize their own node to your Headscale server, then their node gets on your network. If they take over the Headscale node, they might also be able to access your network, either by changing Headscale's config to auth another node or perhaps if the Headscale node is part of the network, which it might be, I don't recall. But I think that's immaterial. If someone takes over the Headscale machine, they can get on your network either way.
I never really understood the point of using Tailscale over plain ol' WireGuard. I mean I guess if youve got a dozen+ nodes but I feel like most laymens topologies won't be complex beyond a regular old wireguard config
Wireguard doesn't do NAT/Firewall traversal nor does it have SSO
Tailscale manages the underlying Wireguard for you. I would be great if Wireguard had native NAT traversal but that isn't the case.
Simplicity?
NAT punching and proxying when a p2p connection between any 2 nodes cannot be achieved. It’s a world of difference with mobile devices when they always see each other, all the time. However, headscale does all that.
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
No spam posting.
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
No trolling.
Resources:
Any issues on the community? Report it using the report flag.
Questions? DM the mods!