This is not correct. Wireguard establishes a tunnel between peer A and B, and its simplicity stops there. Tailscale does tons of complex networking, filtering, nat traversal, DNS, file sharing, etc. Wireguard is a small part of the codebase today, which has grown a lot.
It’s a bit like saying Dropbox is just a GUI on top of TLS.
I think the parent commenter used "understood" to mean "recognized."
That said, I don't really understand the supposed misunderstanding you point out. It seems that dang argues that "the exchange was pleasant and successful." I've never seen someone claim otherwise.
Rather, I've seen it used as an example of how technical users can fail to recognize the complexity inherent in their workflows, and therefore may also fail to see the real-world business value in creating (and selling) simpler interfaces. See also a SMOP: https://en.wikipedia.org/wiki/Small_matter_of_programming
No, it's not that simple. This is an instance of context collapse; people dunk on that exchange because they believe it's an HN person belittling Dropbox as a product, when in fact it was an HN person helpfully offering notes on a YC application.
Whether the poster was "belittling Dropbox as a product" or "helpfully offering notes" seems like a judgment one can make about the exchange, regardless of poster's intent. I never understood this to be the reason it was referenced, more the SMOP thing. But I hear what you're saying about the details getting warped over time. (edit: And I do think people sometimes use it as a case of "if you listen to everyone's feedback..." but I think that still rings true: regardless of the judgment you place on it, it could have been demoralizing to Dropbox's founders.)
They dunk on it because the author didn't see the the benefit of the product over using FTP. And it's hard to say the usage of "quite trivially" isn't "belittling" in some form, although I don't think using a loaded word is useful here. Even the followup response shows the same issue with the commenter's thinking:
>You are correct that this presents a very good, easy-to-install piece of functionality for Windows users. The Windows shortcomings that you point out are certainly problems, and I think that your software does a good job of overcoming that. (emphasis added.)
They still fail to understand that this is not a Windows or Linux issue but a reliability and ease of use issue. Not to mention the fact that the desktop Linux marketshare was probably less than 1% and therefore irrelevant in this context to begin with.
a fun thought exercise - what would have to happen to HN for this to come true? basically all the old guard have to age out and not pass on the reference?
Most of this was successfully done 20 years ago by tinc, which is a project written by a couple of European guys in their free time. It even supports routing traffic through other peers and does peer discovery just like BitTorrent (but before BitTorrent even existed) — there is no need for a central server.
What tailscale has over it is hype, lots and lots of hype. Also a much more well thought out, and arguably more secure VPN protocol underneath, which is why GP's comment is on point.
If it's hype, it's not hype the way you're thinking. I've shown Tailscale to a lot of people (this is less salient now, when pretty much everybody uses Tailscale) and the most common reaction I've gotten is "holy shit". It is spooky simple to get working, and it's spooky simple to go from a working installation to a VPN configuration that would take many many hours to replicate with pre-existing tools.
There may be VPN nerds out there who think there's nothing special happening with Tailscale, but I submit those nerds haven't spent a lot of time dealing with the median, replacement-level VPN configuration prior to Tailscale. I'm a pentester, and so I have had that pleasure. Tailscale is revolutionary compared to what it replaced.
Because you're delegating the control plane to Tailscale. Somehow we went decades without this being a thing for security reasons, dealt with the management of VPN appliances, and now suddenly everyone is OK with Tailscale owning the control plane of their VPN for the sake of convenience.
For a company this is probably okay: companies rely on other companies all the time, and can enforce contracts. I would gladly use tailscale at my company.
For an individual, heck no. Fortunately, headscale exists for individuals to use.
My only technical complaint with Tailscale is that its hole punching doesn't seem to work with some common CGNATs/double NATs when both endpoints are using them, and then traffic ends up trickling through their public proxy servers, while running your own is kinda annoying and not recommended or documented.
It’s a bit like saying Dropbox is just a GUI on top of TLS.