| ▲ | MarsIronPI 3 days ago |
| I can't tell if you're being sarcastic, but assuming you're not: Tailscale makes security easier because networks are private by default. To achieve a similar effect with Yggdrasil you'd have to use a firewall to whitelist the Yggdrasil IPs of all your devices. So it's more work to set up. |
|
| ▲ | akho 3 days ago | parent [-] |
| You have to use a firewall anyway. If you use Tailscale, you have two firewalls, which is not strictly easier. |
| |
| ▲ | MarsIronPI 2 days ago | parent [-] | | Huh? I thought one of the appeals of Tailscale is that security is done at the network level; plus that your network is private, so you don't get randos knocking at your ports. | | |
| ▲ | akho a day ago | parent [-] | | What does “at the network level” mean?.. Anyway; Tailscale is not your only network. If you’re on a laptop, you need to be able to log onto rando wifi networks. If you’re at home, you need to be mindful of your smart fridge going rogue. You need to run a firewall. Tailscale adds a separate, Tailscale-specific, firewall with centralized management. Now you have two firewalls. | | |
| ▲ | MarsIronPI a day ago | parent [-] | | Ah, I see what you mean now. Yes, that's true; you'd still need a firewall for LAN. > What does “at the network level” mean?.. I meant the normal non-Tailscale firewall (e.g. iptables). |
|
|
|
