Friendly reminder that Tailscale is VC-funded and driving towards IPO

Just came here to say that the guy looks like a creep!

a long runway that allows us to become profitable when needed

Switch to self-hosting headscale when they enshittify in an attempt to become profitable, duh

Tailscale never sat right with me. The convenience was nice, but - like other VC-funded projects - it followed that ever-familiar pattern of an "easy" service popping up out of nowhere and gaining massive popularity seemingly overnight. 🚩🚩🚩

I can't say I'm surprised by any of this.

I'm unsure if it has been mentioned, but a similar tool which is open source (you can run the backend unlike tailscale), netbird

https://netbird.io/

Join our Discord server for a chat and community support.

Sigh...

And even worse:

Everything in Tailscale is Open Source, except the GUI clients for proprietary OS (Windows and macOS/iOS), and the control server.

Are there better alternatives? I was planning on using tailscale until now. :P

I think I'll just keep using tailscale until they start enshittifying, and then set up a Headscale instance on a VPS - no need to take this step ahead of time, right?

I mean, all the people saying they can avoid any issues by doing the above - what's to stop Tailscale dropping support for Headscale in future if they're serious about enshitification? Their Linux & Android clients are open source, but not IOS or Windows so they could easily block access for them.

My point being - I'll worry when there is something substantial to worry about, til then they can know I'm using like 3 devices and a github account to authenticate. MagicDNS and the reliability of the clients is just too good for me to switch over mild funding concerns.

Friendly reminder that Tailscale is VC-funded and driving towards IPO

You know what's to come.

The answer to the question is immediately. Or switch to OpenZiti or Pangolin even.

Nerds stop recommending corporate crap: challenge: impossible

What's the benefit over just WG?

If I host headscale on a VPS, is that as seamless of an experience as Tailscale? And would I miss out on features, like the Tailscale dashboard? How does the experience change for me (an admin type) and my users (non-technical types)?

Crap, I really need to switch of Tailscale but currently it is an easy way for me to access my stuff outside of home as a temporary solution while I am on a 5G modem.

Am I totally off-base in thinking that MagicDNS and pluggable DNS nameserver overrides are a huge feature of tailscale?

I love that I can refer to my tailnet devices just via their machine name. I use it everywhere. And also that I can just slot in my NextDNS ID so that any device running tailscale now automatically uses that, and I don’t have to mess with my shared router settings or per device settings. Is all that actually really easy to set up outside of tailscale? Cuz if it is and I just somehow missed that when doing all my research, I’ll happily give plain wireguard or other mesh orchestrators like NetBird a go.

And I already know that mDNS is not the answer. That protocol is simply not reliable enough.

I'm not that worried as there are alternatives like Netbird. The underlying tech really isn't hard to replicate since Wireguard is pretty standard.

I think it would be cool if Tailscale made it into the enterprise arena.

pre-emptive pikachu face strike

Headscale is great if you like networking fun, but that aside I'm not understanding why VC funding is such a black mark to the poster. Tailscale doesn't generate meaningful revenue streams as its early-stage, so it has to secure funding to continue operations until they achieve high enough revenue to go public. That's pretty standard in a business life-cycle, though. It seems like the main complaint is that Tailscale is a business. And what about the Linux Foundation? They are funded through private equity. Should you consider switching away because of that?

I think a lot of companies view their free plan as recruiting/advertising --- if you use TailScale personally and have a great experience then you'll bring in business by advocating for it at work.

Of course it could go either way, and I don't rely on TailScale (it's my "backup" VPN to my home network)... we'll see, I guess.

Yeah and steam is closed source DRM platform. Great software sometimes is worth the trade off.

Just use normal wireguard, why do you need tails or heads at all?

become profitable when needed

By what, laying off all QA and support staff and half your developers the moment a single quarterly earnings report isn't spotlessly gilded?

They also had a major ass security issue that a security company should not be able to get away with the other day: assuming everyone with access to an email domain trusts each other unless it's a known-to-them freemail address. And it was by design "to reduce friction".

I don't think a security company where an intentional decision like that can pass through design, development and review can make security products that are fit for purpose. This extends to their published client tooling as used by Headscale, and to some extent the Headscale maintainer hours contributed by Tailscale (which are significant and probably also the first thing to go if the company falls down the usual IPO enshittification).

And here I am, still using OpenVPN in 2025 lol

I never really understood the point of using Tailscale over plain ol' WireGuard. I mean I guess if youve got a dozen+ nodes but I feel like most laymens topologies won't be complex beyond a regular old wireguard config

Tailscale is a business seeking profit? (clutches pearls gasp)

So glad my router supports WireGuard/OVPN server hosting, doing it this way also relieves resources off your homelab and for whatever reason your homelab shuts off or loses network access you can at least rely on your router to re-establish the VPN server without further intervention.

I always knew it was too nice to stay non-shitty forever.
Guess it's time for me to pester my ISP to let me open some ports

Meh. I will keep using it

Question: if I setup Headscale on my network, I would have to open a port on my router to connect to it right? And also if I setup Headscale with some cloud provider, could they theoretically go and use the setup to get to my home network? I know its unlikely, I just mean if the technology is like e2e from clients to my home network, or if the cloud headscale 'centre' would be also an unguarded entry point (from the perspective of cloud admins). I hope I am clear 😀 Thanks (btw you probably guess why I currently use Tailscale 😀)

Didnt even work for me, i use mullvad so if i wanted to use tailscale on my android to connect to my desktop, it wants me to disable mullvad unlike on my desktop..

What is even the point of tailscale? What can it do that other VPN solutions don't? I feel like this is a problem that was solved like 20 years ago and still we're coming up with novel solutions for some reason. At my company they want to start using tailscale and I don't see why we don't just set up wireguard on a node in our k8s cluster instead

Ok and?

I didn't really get the allure of it TBH. For most home-based nerds a simple Wireguard host (or OpnSense, OpenWRT etc running such) should be fine, and there are better options for commercial from better-known vendors in the network security space

Was listening to some computer podcast a while ago and the co-host and ex- hacker was saying that more and more VPNs are getting targeted and it’s just a matter of time we see quite a bit of them owned. (I think he was talking about implementation of VPNs for remote workers, rather than actual VPN providers. Sorry, it was some time ago)

Anyway, the host asked „What about wireguard?“

And the co-host: „Oh yeah, wireguard is solid! But all the services building up on wireguard? … They’ll get popped.“

Doesn’t have to be true, but something to keep in mind.

is this some kind of furry porn CDN

Headscale requires tailscale client so it’s a no-go for me. I’m still trying to block cloudflare from my network.