I still think that the level of Tailscale’s logging is excessive to the point of it having an ulterior motive, but the article does make an attempt at allaying privacy concerns. Interesting read, thanks for sharing.
There’s some other options but a password isn’t one of them, all external accounts.
I feel like most people do not actually benefit from the easy mesh networking Tailscale provides, and could just use a simple central WireGuard server, either on a VPS or at home. I’ve mainly switched back to this setup (well, sort of) and it’s been no problem.
If you actually do need an easy mesh VPN, Netbird might be solid as a self-hosted alternative. I never got a chance to really use it but I know other people who do.
Tailscale is probably “best” if your needs are too complex for WireGuard, and you’re not savvy enough to install Netbird, but between both things that seems like a pretty small percentage of people…
Speaking of not being an anonymity service, I stumbled across this ticket on Tailscale’s GitHub. It’s been open for 3 months with no response:
When “Use Tailscale DNS settings” is checked in macOS, Tailscale additionally records all your system’s DNS queries. This means that when this box is checked, on machines where it is installed, Tailscale will collect metadata about your laptop’s routine web browsing, such as when you visit Google.com, and when your server retrieves updates from Ubuntu, your AWS account ID, your EKS endpoints, and other private hash information that appears in domain names. This is your “Internet browsing metadata”.