I've been using this for months and it's generally pretty good. The UX isn't completely polished yet (as mentioned in the docs), but it's great for simple use cases like "I want to send a photo from my phone to a computer."
Same. It’s labeled as alpha but I’ve had no issues, aside from the UI being a bit lacking. I usually just use it to send stuff to/from my phone easily. In that instance it’s kinda weird that the files just get dropped on my Desktop. But I’ve also used it a few times to transfer stuff to/from other devices.
There’s a lot of tools that fulfill “file transfer between random devices” but this one works great for me. Because I’ve got Tailscale everywhere already, I’ve also got file transfer everywhere too.
I've been using it since the initial announcement too. I filed one bug (on iOS after you send the file there was no way to close the send dialog) but otherwise it has worked well. I use it mainly to send images from my iPhone to my personal Linux desktop.
I'm hoping one day they will add some way on the Linux CLI to pick a file instead of just getting all the files at once. Or, dare to ask, a TUI file picker.
1. As you mentioned, kdeconnect is a much better use case as it offers more features without locking you down to a system.
2. It doesn't actually replace a USB drive. Most people I know e-mail files to themselves or host them somewhere online to be able to perform presentations, but they still carry a USB drive in case there are connectivity problems. This does not solve the connectivity issue.
3. It does not seem very "viral" or income-generating. I know this is premature at this point, but without charging users for the service, is it reasonable to expect to make money off of this?
>3. It does not seem very "viral" or income-generating. I know this is premature at this point, but without charging users for the service, is it reasonable to expect to make money off of this?
KDE people make free software so there is no concept of software being designed in a way to force consumers into a SAAS model or some paid thing.... that is the free software philosophy
>2. It doesn't actually replace a USB drive. Most people I know e-mail files to themselves or host them somewhere online to be able to perform presentations, but they still carry a USB drive in case there are connectivity problems. This does not solve the connectivity issue.
what do you mean? i have a bunch of file i can just "share to kde connect" and that can be another laptop or a phone or a desktop or something else. i regularly use my phone as a "usb stick" because i have kde connect.
I set up Tailscale for personal use a couple years ago (shortly after the general availability announcement). I was blown away by how easy it was so set up, and the functionality it offered (which was only a fraction of what it offers now). I am also heavily involved in purchasing decisions for this sort of software for my employer. Tailscale's personal use plan led directly to a paid plan w/ my employer.
I'm sure I'm not the only such example of that path.
One interesting issue is that as the number of devices rises, the effort required to pair them all together rises as O(n^2) rather than O(n). With Dropbox, you can add all your devices into an account and they'll all share a folder, but on Syncthing you have to add every device to every other device, unless you have a central server (here a laptop I never sleep), set it as an introducer on every other device, then by adding a new device to the server it gets pushed to all other devices connected to the server. KDE Connect, unlike Tailscale, has the O(n^2) problem if you want to pair every device with every other device. I'm not sure the best way out; KDE Connect shouldn't require a central authority like Tailscale's management servers, perhaps a LAN server, or an optional integration to publish keys on Tailscale and auto-pair with keys available there? But is it secure to allow one device to connect to your account and add its keys to all your networked machines? Then again Syncthing introducers already do that, but Syncthing doesn't offer remote code execution while KDE Connect can emulate a keyboard.
Being built on top of wireguard is a plus - although it's a shame tailscale (for good/architectural reasons) doesn't support using standard/kernel mode wireguard.
ZeroTier is source-available - but invents a separate protocol, and so misses out on some shared scrutiny / feedback.
ZeroTier is going to a more standard OSS license for its core components soon, probably the MPL.
As for the protocol: yeah, it actually predates the final release of Wireguard a bit. A Noise-based session protocol with similar security properties to Wireguard but based on AES is in the ZeroTier V2 design. (Wireguard is basically Noise_IK.) I also always point out that a good fraction of what people run over virtual networks is already encrypted: SSH, TLS, etc.
(ZeroTier founder here)
BTW we get asked a lot if Tailscale is our competition. IMHO our competition is the "everything runs in the cloud and all you get is a thin client" model of computing. If that wins out we fail and everyone else doing this kind of thing fails.
The existence of very similar disruptor competitors in an emerging market niche is encouraging since it shows there's some "there" there. No competitors can mean no market. Look how many SQL, NoSQL, NewSQL, etc. database vendors there are and many of them do very well.
> ZeroTier is going to a more standard OSS license for its core components soon, probably the MPL.
What does this mean for embedding ZeroTier applications through the SDK (libzt)? For the sake of your business, I think it makes sense to keep that upper layer, designed specifically for application developers, under something like the Business Source License.
The core, apps, and service would go under the MPL, which are the only parts that 90%+ of users use. The controller and libzt would go under something that makes it free and copyleft for non-commercial / non-for-profit use.
For that we're considering the BSL with fallback to MPL, AGPL, SSPL, or MPL plus commons clause. Haven't decided yet.
For two years I've been remote working from home on the PC located in office via Remote Desktop.
While ZeroTier is still enabled as fallback solution to get access to work PC (as well as Chrome remote)
Main workforce became Tailscale.
With Zerotier RD connection were not stable. Even using same ISP at home and at work don't help a lot.
With Tailscale I've forgot about this kind of issues. It's just works.
Also now I'm constantly using Tailscale as a VPN on mobile devices.
Tailscale's insistence on using third party auth is an absolute PITA. With the withdrawal of GMail's free email to a custom domain/workspace product, our org switched email provider. The pain that then followed with TS support to switch auth providers was bad. TS don't have familiarity with the auth services they are promoting, all of the options available add at least $5/user to the bill, and it was a massive timesink for a 'just works' service to switch configs. All because TS don't want to manage their own auth infrastructure (I don't buy the marketing BS around this).
Headscale (see github) looks like a good way of taking back control of the auth side-of-things, and if we go that route, tailscale will lose the revenue they could have otherwise retained if they were more on the ball.
I agree. I won't use any VPN that isn't completely self-hosted. I don't trust external auth providers (including when it's the provider themselves like with zerotier). It's like giving Microsoft or Google the keys to my house :/
Zerotier does not seem to work behind my University's firewall, which seems to be a CG-NAT, and bans UDP traffic. It gets stuck on connection. It seems to connect to a relay but it does not actually work. Tailscale works out of the box.
The TL;DR is there isn't much difference besides the protocol being used. Tailscale published their own comparison that seems pretty fair to both sides (they do this for a few other options as well) https://tailscale.com/compare/zerotier.
That's pretty nice, I've been thinking of moving to tailscale for my private VPN especially now that there's a cloud-free personal server available (headscale).
I've used this a few times as a replacement for AirDrop (which hasn't been working well for me when sending things from iPhone to Mac) and it has worked very well. I would love to be able to send other things - not just files - as well, like sharing a web page from Safari. Basically everything I would do with AirDrop should ideally work with Taildrop.
With a P2P/mesh VPN solution this is pretty standard yes.
But with a traditional VPN it's not. If I transfer a file to a colleague when we're both in the same coffee shop and we're both connected to Global Protect (terrible traditional VPN) it will go all the way to the server and back.
So it's a value prop of the type of VPN. Not the transfer software per se.
No. I'm not even sure why this is a question. The article has instructions on how to use this with macOS, Windows, Linux, iOS, and Android. Both for receiving and sending to each of them. Only two of those OSes are phone OSes.
It's Tailscale SSH, not Tailscale core. Some users don't want SSH key management (or even don't run sshd, especially on Windows) but just want file transfer.
You can already scp over tailscale without running sshd. I'm still not understanding what this provides over scp. Some kind of GUI? Works on phones? The marketing page does a poor job.
How do I scp files to or from my iPhone? Do I have to run some kind of terminal app? Approximately nobody wants to do that. That can't seriously be confusing to you?
While I could probably scp from my windows laptop, id have to do some setup. I don’t really use my laptop for dev stuff. On the other hand, it’s already in my Tailscale network. So I can also just right click a file, and select “send to my-cloud-server”
Same from my iPhone. I can easily send any file to or from any of my devices. It appears in the share menu on my iPhone.
They are really trying to get booted out of enterprise environments. They were on thin ice adding remote management (SSH) out of nowhere to what was supposed to be a VPN replacement. Now sysadmins and security have to deal with users randomly shooting files around between devices.
I totally get that they are trying to appeal to tech startups and not big companies. But how jazzed would you be that a manager at your bank can zip your mortgage documents over to his cell phone to review them on the go?
They have ACLs. You can use those. Then don't enable Taildrop on certain machines.
The enterprise option is nifty. I'm gonna use it for my next startup. I find it to be pretty freaking amazing. But if you're suggesting that having an open port on a secure connection is dangerous... well that's why you have a secure connection. So just use ACLs to restrict access to machines you shouldn't have access to. And you can do it by port. Is there something I'm missing?
> They were on thin ice adding remote management (SSH) out of nowhere to what was supposed to be a VPN replacement. Now sysadmins and security have to deal with users randomly shooting files around between devices.
historical note: Taildrop pre-dates Tailscale SSH by more than a year, so if you had concerns about Taildrop's functionality, those were valid way before ssh functionality was enabled.
Both Taildrop and Tailscale SSH are disabled the moment any ACL but the default (which allows everything to access anything which is what no enterprise runs with) is configured because their ACL feature allows only access but no denial, so if something isn't listed explicitly, it's denied.
I'm just a regular dev who does a little sysadmin for home office situations for myself and friends and even I'm smart enough to do a scan for open ports and services. running on any new devices or software servers. and well read the docs a little bit.
The manager could already try emailing the files to herself and get fired for that. If she can set up Tailscale on her office PC, the sysadmins should be fired as well.
Are you a Tailscale employee familiar with the "go to market" plan for this feature? I'm curious how you know they are planning to enable it for all users by default once it reaches GA.
> zip your mortgage documents over to his cell phone to review them on the go?
If they’re using Tailscale they can already spin up a good old HTTP server over whatever open port and download from there, if said enterprise isn’t competent enough to configure proper access control.
I'll mention one more time: if you'd like to contact info@tailscale.com we can set up a time to talk about upcoming features and philosophy on releasing them.
