79.
HN
Tailscale Peer Relays is now generally available
Tailscale has made its Peer Relay feature generally available to enhance connectivity in challenging network environments where direct peer-to-peer connections are obstructed by firewalls, NATs, and cloud networking constraints. The Peer Relays provide a secure and high-throughput option for Tailscale users, with key improvements such as increased throughput, enhanced performance with multiple clients, optimized interface selection, and better lock contention handling. A new feature allows the use of static endpoints through the `--relay-server-static-endpoints` flag, enabling operation behind infrastructure like AWS Network Load Balancers, thus facilitating connectivity in restrictive cloud environments.
The Peer Relays are integrated into Tailscale's visibility tools, offering insights into relay usage, latency, and reliability. These metrics can be accessed by monitoring systems such as Prometheus and Grafana, which assists in troubleshooting by simplifying the assessment of relay health and performance impacts. Available across all Tailscale plans, Peer Relays enable high-throughput connections where direct paths are unavailable, support deployments in restricted cloud environments, and facilitate full mesh configurations within private subnets.
The feature maintains Tailscale's core guarantees, including end-to-end encryption, least-privilege access, and ease of use. It also provides enhanced observability, auditability, and debuggability. Users can enable Peer Relays on any supported node via the CLI, with deployment controls facilitated through Access Control Lists (ACLs).
Keywords: #phi4, ACLs, Cloud Networking, Debuggability, Encryption, Firewalls, GA, Grafana, High-throughput, Load Balancers, MagicDNS, Metrics, NATs, Observability, Path Selection, Peer Relays, Performance, Prometheus, Reliability, SSH, Static Endpoints, Subnet Routers, Tailscale, Visibility
tailscale.com 6 hours ago
https://github.com/juanfont/headscale 4 hours ago
https://netbird.io/ 4 hours ago
https://tailscale.com/blog/free-plan 4 hours ago
https://headscale.net/ 4 hours ago
https://github.com/openziti/ziti 4 hours ago
https://betakit.com/corporate-vpn-startup-tailscale-secures- 3 hours ago
https://tailscale.com/docs/features/logging 3 hours ago
https://tailscale.com/docs/features/logging#opt-ou 3 hours ago
https://github.com/tailscale/tailscale/issues/ 3 hours ago
https://github.com/tailscale/tailscale/issues/ 3 hours ago
https://i.postimg.cc/14h3Q9mD/Screenshot-20260219-00135 3 hours ago
https://github.com/tailscale/tailscale/issues/ an hour ago
https://tailscale.com/docs/concepts an hour ago
https://github.com/ClassicOldSong/Apollo an hour ago
https://tailscale.com/docs/features/peer-relay an hour ago
|
231.
HN
Automated Least Privilege for Coding Agents
Over the past year, Oso has shifted from experimenting with coding agents to incorporating them into everyday use among all its engineers, reflecting a broader industry trend where AI-assisted code development is becoming standard in companies like Anthropic and Ramp. This transition emphasizes enhanced productivity but also brings significant security concerns due to the broad permissions granted to these agents by default—a stark contrast to the more restrained actions typical of human users. The discourse within the industry has evolved from debating the adoption of coding agents to strategizing on managing their inherent risks without sacrificing efficiency.
High-profile incidents such as Moltbot and Moltbook have underscored the potential dangers posed by these tools, prompting a move away from traditional AI policies that were often insufficient in addressing security concerns. Oso's approach involves implementing automated controls to enforce the principle of least privilege, thereby enhancing security measures effectively. These controls provide visibility into agent activities, risk scoring for tool calls, and alerts on anomalous actions, facilitating automatic management of security without overburdening developers or security teams.
Additionally, integrating with platforms like Tailscale allows for improved data access, which is crucial in establishing secure environments. Looking ahead, Oso plans to expand its efforts by exploring further integrations that bolster the security framework around coding agents, solidifying their commitment to an automated least privilege model for these tools. This strategic direction aims to balance the benefits of increased productivity with the imperative need for robust security measures.
Keywords: #phi4, AI, AI Policy, Actions, Agents, Anomalous, Anomalous Actions, Aperture, Automated Least Privilege, Calls, Coding, Coding Agents, Developer, Developer Productivity, Gap, Integration, Least Privilege, Least Privilege Keywords: Automated, MDM/EDR, MDM/EDR Integration, Permissions, Permissions Gap, Policy, Productivity, Risk, Risk Scoring, Scoring, Security, Tailscale, Tool, Tool Calls
www.osohq.com a day ago
|
262.
HN
The bare minimum for syncing Git repos
The text outlines a transition from using GitHub to sync personal Git repositories—like dotfiles and scripts—to a simpler local synchronization method without cloud dependencies. The author finds the advanced features of GitHub unnecessary for their needs, leading them to synchronize files directly between devices using local storage and SSH access. A critical distinction made is between "bare" and "non-bare" repositories; bare ones only contain the `.git` folder without a working directory, preventing file conflicts during pushes. The author sets up a system where each repository has a central bare copy on an external drive connected to their desktop, with non-bare copies on other devices that sync through `git push` and `git pull`, using the desktop as the hub.
This approach allows flexibility in choosing storage locations such as external drives or SSH-accessible servers while avoiding third-party hosting risks. Although this setup lacks GitHub's advanced features, it provides a straightforward file synchronization solution tailored to the author’s needs. Additionally, the text reflects on past behaviors of indiscriminately sharing code online, often resulting in clutter rather than effective knowledge dissemination. The author now emphasizes curating public repositories with clear purposes and documentation, acknowledging that meaningful knowledge sharing demands intentional effort beyond mere publication.
Keywords: #phi4, Git, GitHub alternatives, SSH, Tailscale, bare, external drive, local filesystem, non-bare, pull, push, remote, repositories, syncing
alexwlchan.net a day ago
|
269.
HN
Security Hardened OpenClaw
The "Security Hardened OpenClaw" setup is designed to offer a secure server infrastructure on the cloud platform Scaleway using Terraform. It features an Ubuntu 24.04 instance with advanced security measures such as zero-trust networking and encrypted backups, all for approximately EUR 10-15 per month. The system employs multiple tools for comprehensive protection: UFW firewall, Tailscale VPN, Squid proxy, SSH key authentication, fail2ban, kernel safeguards against SYN floods, and anti-spoofing defenses.
For monitoring and alerts, the setup incorporates AIDE to maintain file integrity, auditd for syscall auditing, Prometheus-node-exporter for metrics collection, Signal-based alerting for security incidents, Telegram bot integration for notifications, and secure backups stored in Scaleway's S3 service. OpenClaw AI gateway is deployed on a loopback interface with access facilitated via an SSH tunnel. After deployment, users must configure Signal alerts and link a Telegram bot.
Setting up this infrastructure requires a Scaleway account, Tailscale account, along with installations of the Scaleway CLI and Terraform. The configuration process involves initializing the project in Scaleway, creating necessary S3 buckets, setting Terraform variables, deploying through specific Terraform commands, and integrating Signal and Telegram post-deployment.
The architecture includes a Scaleway DEV1-S instance running Ubuntu 24.04 with Tailscale VPN for secure access. Security measures such as UFW firewall, fail2ban, Squid proxy, AIDE integrity checks, restic backups to S3, signal-cli alerts, and node-exporter metrics are integrated into the setup.
Comprehensive documentation is provided in the `terraform/README.md` file, covering detailed instructions for setup, security details, verification checklists, troubleshooting guides, and contribution guidelines. Contributors are encouraged to adhere to best practices by using tools like `terraform fmt`, `terraform validate`, avoiding committing credentials, and testing with `terraform plan`. The project is licensed under the MIT license, emphasizing ease of use, strong security features, and effective monitoring for automated deployments on Scaleway.
Keywords: #phi4, AIDE, API Key, Alerts, Auditd, Automation, Backup, Bot, Cloud-init, Deployment, Encryption, Fail2ban, File Integrity, Firewall, Hardened, Infrastructure, Integration, Kernel Protection, Metrics, Monitoring, Networking, Openclaw, Outbound Proxy, Post-deploy, Prometheus, Provisioning, Restic, SSH, Scaleway, Secrets Management, Secrets ManagementKeywords: Scaleway, Security, Security Groups, Signal, Squid, Syscall Auditing, Tailscale, Telegram, Terraform, UFW, Ubuntu, Unattended Updates, VPN, VPS, Zero-trust
github.com a day ago
|
276.
HN
Turning Your Robot Vacuum into a Mesh VPN
The article details a process to enhance the autonomy, privacy, and functionality of a robot vacuum by converting it into a private network node using open-source software. It begins by addressing common concerns about robot vacuums that typically connect through a company's cloud for control and data processing, which raises privacy issues. The author outlines how rooting the device and installing de-clouded software enables local operation without relying on external servers, thereby improving user privacy.
To further expand capabilities, Tailscale is set up on the vacuum, creating a secure private mesh VPN that allows remote operation from anywhere in the world, bypassing dependency on company servers. This configuration also ensures continued functionality if the original service becomes unavailable, addressing concerns about electronic waste and retaining control over the device. Additionally, similar enhancements are applied to other home devices, such as an old thermostat, integrating them into this personal network for increased privacy and security.
Overall, the article underscores the importance of understanding IoT device risks and advocates for prioritizing autonomy, privacy, and sustainability in managing these technologies. By transforming smart devices into nodes on a private network, users can significantly mitigate potential privacy vulnerabilities and maintain control over their digital environments.
Keywords: #phi4, Autonomy, De-clouding, E-waste, IoT, LIDAR, Mesh VPN, Object Detection, Privacy, Robot Vacuum, Rooting, Security, Smart Devices, Tailscale
saewitz.com a day ago
|
310.
HN
Tailscale Aperture: Your team's private AI gateway
Tailscale Appliance is an advanced solution offered by Tailscale that serves as a private AI gateway specifically for teams. It facilitates secure and private access to various AI tools and resources within a team's network environment, emphasizing data privacy and controlled access. By integrating this platform, organizations can utilize artificial intelligence applications while ensuring the confidentiality of their data remains intact. The design of Tailscale Appliance addresses the critical need for balancing the advantages of AI technologies with stringent security measures, thereby enabling teams to harness the power of AI without compromising on data protection and governance.
Keywords: #phi4, Aperture, Extract, Information, Keywords, List, Private AI Gateway, Relevant, Simple, Tailscale, Team's, Technical, Text, Topic
aperture.tailscale.com a day ago
|
1016.
HN
How I Learned to Stop Worrying and Love OpenClaw
The author shares their journey in developing a personal assistant using OpenClaw, an open-source platform that integrates AI models with user data into a digital memory system. This approach contrasts with existing solutions like ChatGPT or Claude, which are limited by vendor lock-in and proprietary restrictions, lacking full integration, control, and flexibility. OpenClaw stands out by allowing users to store data in markdown files on their own devices, enabling customization and self-improvement.
A key aspect of the author's setup involves using a Mac mini with a dedicated Apple ID for running OpenClaw, ensuring security by isolating it from personal devices. To safeguard communication, they utilize private networks like Tailscale, preventing public exposure while maintaining read-only access to data such as messages and emails.
The author envisions that personal assistants will become as ubiquitous as smartphones in the near future, highlighting both the potential benefits and risks associated with this technology. Despite concerns, they advocate for adopting these tools due to their significant transformative impact on AI development and personal computing.
Concluding the discussion, the author encourages others in the AI field to explore OpenClaw, underscoring the hands-on experience it offers in building intelligent agents. They emphasize the educational opportunities and excitement inherent in this emerging area of technology.
Keywords: #phi4, AI dogfooding, BlueBubbles Server, Codex CLI, Gmail access, OpenClaw, SSH key, Tailscale, context integration, imsg, markdown files, personal assistant, second brain, vector search
jpreagan.com 5 days ago
|
1070.
HN
Using Your Mac as a Remote Endless Working Agent with Moshi
The guide outlines how to configure a Mac as an always-on AI agent server, enabling remote control via iPhone using the Moshi app. The process involves setting up the Mac with `mosh` and `tmux`, tools that ensure persistent terminal sessions across network disruptions. Key steps include adjusting system settings to prevent sleep, enabling SSH access through Remote Login, and installing necessary software for stable connectivity and session persistence. For secure network connections, Tailscale or WireGuard VPNs are recommended, providing ease of use without requiring port forwarding. On the iPhone, the Moshi app facilitates interaction with the Mac's terminal sessions once both devices are configured to connect via Tailscale, enabling seamless remote operation and push notifications. This setup enables developers to manage AI tasks from anywhere, receiving prompts on their iPhones for inputs or approvals. Security measures include disabling SSH password authentication in favor of identity-based access through VPN solutions like Tailscale, ensuring secure connections without exposing ports directly to the internet.
Keywords: #phi4, AI, AI Agent, CLI Workflow, Endless Working AgentKeywords: Mac, Firewall, Mac, Moshi, Network Access, Notifications, OpenAI Whisper, Persistent Sessions, Powerline Fonts, Push Notifications, Remote, SSH, Scrollback Buffer, Secure Enclave, Security, Tailscale, Terminal Multiplexer, VPN, Voice Input, WireGuard, Zero Configuration, iPhone, macOS Tooling, mosh, tmux
getmoshi.app 6 days ago
|
1078.
HN
Show HN: Built two remote tools for coding agents (one in a night)
The developer created two open-source tools to facilitate remote command-line interface (CLI) agent management from a mobile device. The first tool, named "Visor," serves as a messaging bridge that enables users to manage long-running agent tasks with notifications via SMS or Telegram, supporting multiple providers. However, its user interface was not optimized for quick terminal access. To overcome this limitation, the developer developed "T-Lite" in a single night. T-Lite provides SSH access through an iPhone browser using WebSocket connections to pseudo-terminal (PTY) sessions. It features output replay on reconnects, mobile keyboard shortcuts, and allows self-hosting via Tailscale without requiring public exposure. While Visor is designed for asynchronous management of agent tasks with notifications, T-Lite focuses on offering rapid terminal access. Both tools reflect the developer's specific requirements for remote control and customization, and are available on GitHub under the user "Geddydukes."
Keywords: #phi4, CLI control, Email, GitHub Keywords: Remote tools, PTY sessions, Remote tools, SMS, SSH, Tailscale, Telegram, Terminus, Twilio, Visor, WebSocket, coding agents, iMessage, iPhone browser, messaging bridge, mobile keyboard shortcuts, multi-repo support, multi-session management, open source, output replay, reconnect, self-hosted
news.ycombinator.com 6 days ago
|
1252.
HN
Making OpenClaw safe: Docker isolation, scoped identity, and JIT secrets
The author details their development of a secure automation system using OpenClaw within Docker, with a focus on addressing agent permissions and identity concerns. Initially reluctant to provide agents full access due to security risks, they leveraged OpenClaw's flexible CLI-based execution model and introduced "scoped identity" by creating separate identities for each agent, retrieving secrets just-in-time via a 1Password service account. This strategy ensured controlled access without extensive permissions, enhancing both security and containment.
To address potential bot detection during browser operations, the author customized a non-standard headful Chrome setup within Docker that maintained persistent sessions and allowed live observation through network access, contributing to enhanced safety controls. Custom-built versions of OpenClaw's built-in skills were developed for tasks like web searches and 1Password access, ensuring transparency and alignment with security needs.
Overcoming identity-related challenges such as CAPTCHAs was achieved by using Google OAuth for platform sign-ups on services like X (Twitter) and GitHub, emphasizing the importance of a real, scoped identity for smooth operations. The system's effectiveness was demonstrated through various tasks ranging from simple email triage to more complex content creation workflows, highlighting both strengths and challenges, particularly with browser control and authentication.
Ultimately, the author underscores that secure agent automation begins with containment and effective identity management. Observability plays a crucial role in ensuring reliability and trustworthiness. While OpenClaw's capabilities were compelling, its true value lay in enabling secure containment within automated systems.
Keywords: #phi4, CAPTCHAs, CLIs, Docker, JIT secrets, OAuth, OpenClaw, Tailscale, Telegram, agents, automation, autonomy, browser-control, containment, identity, isolation, observability, permissions, sandbox, threat model
rida.me 7 days ago
|
1292.
HN
The Perfect Device
The article explores transforming a Xiaomi Smart Clock into a multifunctional control panel for self-hosted devices through hacking and installing custom firmware like Lineage OS via MTKClient. Initially designed as an Android phone without a battery, the clock can be modified despite its non-repairable casing to manage smart home elements on local networks. The author faced challenges in compatibility during this process and eventually utilized Windows tools such as fastboot and mtkclient after initial attempts with Linux Mint.
The modification involves backing up existing firmware, erasing partitions, unlocking the bootloader, and flashing necessary images to run Lineage OS successfully. Post-modification capabilities include music playback through Navidrome, network access via Tailscale, app management using F-Droid's Droid-ify, light control with HTTP shortcuts, and live wallpaper customization via Peristyle. The device can also support additional functionalities like running Doom or accessing bus schedules through local APIs.
The article underscores the potential of repurposing a basic smart clock into a versatile tool that surpasses its original design constraints, thereby making it suitable for various applications, including kitchen displays and interfaces tailored for elderly users. This transformation highlights overcoming capitalist limitations to create practical, customized solutions.
Keywords: #phi4, Android, Bluetooth, F-Droid, HTTP Shortcuts, Lineage OS, Linux Mint, MTKClient, Navidrome, Smart Clock, SystemUI Tuner, Tailscale, WPA2/WPA3, Wi-Fi, Xiaomi, bootloader, digital photo frame, fastboot, firmware hacking, landscape view, local network, recovery menu, smart home, super partition, vbmeta
sometimes.digital 7 days ago
https://en.wikipedia.org/wiki/TRIZ 3 days ago
|
1592.
HN
Tailscale Domain Mgmt. Gateway
Tailscale Domain Management Gateway (tsdmg) is an advanced service built on Tailscale's tsnet, designed to enhance custom domain management within a Tailnet by facilitating DNS record handling and TLS certificate acquisition from Let’s Encrypt at runtime. Its key features include the assignment of custom domains formatted as `<node>.yourdomain.com` for Tailscale nodes, enabling these nodes to manage their own DNS records and secure HTTPS certificates through a tsdmg server. Authentication and authorization are managed using Tailscale ACLs based on node identities.
The setup involves initializing the tsdmg service with credentials from DNS providers such as Cloudflare or Google via a Go application located at `./cmd/server/main.go`. Clients can then perform domain operations by sending HTTP requests to the tsdmg service, which in turn manages TLS certificates through an associated certificate manager. Tailscale ACLs are configured to authorize nodes for managing specific DNS records, including TXT records necessary for ACME challenges and optionally other types like A records.
The primary goal of tsdmg is to extend accessibility for internal services within a Tailnet by enabling secure HTTPS connections via custom domains without exposing them to the public internet. This capability is particularly advantageous for private network environments requiring sophisticated domain management solutions.
Keywords: #phi4, A Records, ACLs, Autocert, Certificate Manager, Cloudflare, Custom Domains, DNS, DNS Providers, Domain Management, Gateway, GoDaddy, Google, HTTP Requests, Let's Encrypt, Node Identity, Subdomains, TCP Listener, TLS Certificates, TXT Records, Tailscale, tsdmg Service
github.com 8 days ago
https://github.com/adrianosela/tsdmg 8 days ago
https://www.reddit.com/r/Tailscale/comments/1 8 days ago
|
1800.
HN
We Improved Rails Response Times by 87% – Fast Retro Blog
The Fast Retro team significantly enhanced their Rails application's performance by integrating Prometheus monitoring, which led to an 87% reduction in response times by swiftly identifying inefficiencies caused by N+1 queries. Their observability infrastructure on a single server includes Prometheus for metrics scraping, Grafana for dashboard visualization, Loki + Promtail for log aggregation, and Node Exporter + cAdvisor for resource metrics. Rails-specific metrics are gathered using Yabeda gems seamlessly integrated with the framework's internals.
The performance analysis pinpointed three problematic controllers: Retros::DiscussionsController, RetrosController index, and Retros::VotingsController show, which exhibited high latencies of 400ms, 360ms, and 243ms respectively. These issues were primarily due to N+1 query problems that were effectively resolved by optimizing database interactions. The team employed several strategies such as eager-loading associations with `includes`, substituting `.count` with `.size` to leverage preloaded data, batching aggregate data using `GROUP BY`, and performing filtering in Ruby rather than through multiple database queries.
The integration of Prometheus facilitated the rapid detection and resolution of these performance bottlenecks that might have otherwise persisted unnoticed. The deployment of their monitoring stack is streamlined through Kamal, minimizing the need for manual configuration. Utilizing Yabeda for Rails metrics and leveraging Prometheus/Grafana proved instrumental in quickly identifying and resolving N+1 query issues, showcasing the substantial impact of an efficient monitoring setup on application performance optimization.
Keywords: #phi4, ActionCable, ActiveJob, CGNAT range, Docker, GROUP BY, Grafana, Kamal, Loki, N+1 queries, Prometheus, Promtail, Rails, Rails internals, Ruby filtering, SolidQueue, Tailnet, Tailscale, Yabeda, cAdvisor, dashboard, eager-loading, includes, latency, metrics, monitoring, observability, optimization, p95 latency, performance, scrape config, size
fastretro.app 9 days ago
|
1810.
HN
The Project 8
SKYNET OpenClaw is an advanced iteration of OpenClaw that emphasizes autonomous functionality through self-improvement capabilities, peer-to-peer communication, and proactive operations. It enhances interaction clarity and quality by enabling gateway-to-gateway communication using `peers_chat`, with configurable autonomy levels adhering to specified security policies. Configuration is streamlined via the `~/.openclaw/config.yaml` file, where users can activate self-improvement features; an onboarding wizard aids setup across macOS, Linux, and Windows (via WSL2), compatible with package managers like npm, pnpm, or bun.
The system employs recommended models such as Anthropic Pro/Max with Opus 4.6 to bolster context handling and security. It secures direct message (DM) access on platforms like Telegram and WhatsApp by requiring pairing codes for unknown senders, preventing unauthorized data processing. Development involves tools like pnpm or bun, with source code available through GitHub repositories; security defaults treat inbound DMs as untrusted inputs to protect real messaging interfaces.
SKYNET OpenClaw's architecture features a Gateway control plane and agents that facilitate operations across multiple communication platforms such as WhatsApp and Telegram. It supports Tailscale automation for secure remote access and node.invoke for local actions, enhancing its operational flexibility. Optional companion apps for macOS and mobile devices offer additional functionalities like voice wake-up and push-to-talk.
Furthermore, the system includes a skills registry named ClawHub, allowing agents to automatically discover and integrate new skills. Command-line tools are provided for effective session management and coordination across different sessions. Overall, SKYNET OpenClaw focuses on improving autonomy in communication platforms while maintaining robust security measures and offering versatile configuration options.
Keywords: #phi4, Android, Nodejs, OpenClaw, SKYNET, Tailscale, agents, autonomy, channels, configuration, gateway, iOS, macOS, models, peer-to-peer, runtime safety, security, self-improvement, sessions, skills registry, tools automation, workspace
github.com 9 days ago
|
1901.
HN
Keeping WSL Alive
The author emphasizes their preference for maintaining an active Windows Subsystem for Linux (WSL) to ensure a stable remote development environment across devices like an M1 MacBook Air and a Beelink SER8, which serves as a shared family desktop with substantial storage and RAM. To keep Fedora Linux accessible remotely via WSL, they implement specific configurations and scripts. Key adjustments include setting `vmIdleTimeout` to -1 and disabling `autoMemoryReclaim` in the `.wslconfig` file, preventing the VM from shutting down during idle times. A custom script named `KeepWSLAlive.vbs` is employed to keep WSL active by executing a dbus-launch command. Networking configurations are also tailored for mosh server connectivity through Tailscale on Windows. The author appreciates reader engagement and clarifies that no AI was used in writing the post, although Hugo with AI assistance is utilized for site maintenance.
Keywords: #phi4, Beelink SER8, Fedora Linux, Hugo site, KeepWSLAlivevbs, M1 MacBook Air, NeoVim, OpenCode, Tailscale, WSL, autoMemoryReclaim, dbus-launch, dnsTunneling, firewall rule, mosh server, networkingMode, terminal, tmux, vmIdleTimeout, wslconfig
shift1w.com 10 days ago
|
2337.
HN
Tailscale: Custom OIDC Providers
Tailscale’s OIDC integration mandates that any identity provider used for a new Tailnet offer the standard `openid`, `profile`, and `email` scopes, provide a callback URL, and sign tokens with either ES256 or RSA (≥2048‑bit); the provider must also expose a WebFinger endpoint at `https://<domain>/.well‑known/webfinger`, returning a JSON Resource Descriptor that includes the exact issuer URL and a `rel="http://openid.net/specs/connect/1.0/issuer"` relation, which then must match the provider’s `/.well‑known/openid-configuration`; during first-time setup Tailscale reads only this issuer URL from WebFinger, and any subsequent issuer change requires editing the WebFinger entry and reaching out to Tailscale support; for a custom OIDC provider the user must supply the issuer URL (from WebFinger), client ID, client secret, and the mandatory scopes, optionally specifying a prompt value (`none`, `consent`, `login`, or `select_account`), with the provider’s callback set to `https://login.tailscale.com/a/oauth_response`; most mainstream OIDC providers plug in “out of the box” (Auth0, AWS Cognito, Codeberg, Dex, Duo, Keycloak, Ory, Ping Identity, Pocket ID, ZITADEL, GitLab, etc.), while a handful require additional steps: Authelia and Authentik follow specific Tailscale integration guides; FoxIDs uses its own OpenID‑Connect instructions; GitLab users must sign in within the same browser session during Tailscale signup; JumpCloud requires mapping `email` and `fullname` to its attributes and setting client authentication to “Client Secret Basic”; Zoho demands a server‑based application client and an issuer URL that matches the user’s data‑center region (e.g., `https://accounts.zoho.com` for US, `https://accounts.zohocloud.ca` for Canada); Tailscale’s admin console workflow for OIDC signup involves entering the administrator’s full email that matches the domain hosting the WebFinger endpoint and the Tailscale domain, clicking “Get OIDC Issuer” to retrieve the URL, configuring client credentials and optional prompt, then signing in to the provider, after which the first configured user becomes the Tailnet owner and all subsequent users from the same domain register via email and are routed to the same provider; visual resources are available (e.g., a YouTube video on using custom OIDC providers and Pocket ID passkeys), and Tailnet migration to a custom OIDC provider is only possible for custom domains (e.g., @yourdomain.com) if a functional WebFinger endpoint exists, as non‑custom domains such as Gmail cannot be migrated.
Keywords: #gpt-oss:20b-cloud, AWS Cognito, Auth0, ES256, Keycloak, OAuth, OIDC, Ping Identity, RSA, Redirect, Tailnet, Tailscale, WebFinger
tailscale.com 13 days ago
|
2386.
HN
A sandbox-safe macOS gateway for AI agents
Mac Agent Gateway (MAG) is a local FastAPI‐based HTTP REST API that securely exposes Apple Reminders and Messages to AI assistants by managing TCC permissions and executing CLI commands under a controlled web interface; it offers endpoints such as `/v1/reminders` and `/v1/messages` with fine‑grained read‑only or send‑only permissions, stores all data on the host without invoking Apple binaries, and remains bound to localhost unless explicitly configured, yet can be accessed by remote VMs via SSH tunnels or VPNs, and includes interactive documentation at `/docs`. Installation is streamlined through `make` targets, with environment variables configuring API keys, allowed capabilities (e.g., `MAG_MESSAGES_READ`, `MAG_REMINDERS_WRITE`), optional firewall or reverse‑proxy hardening, mandatory X‑API‑Key authentication, strict CORS to localhost, global rate limiting (100 req/min per IP, 10 req/min for sending endpoints), audit logging (`MAG_LOG_DIR`, `MAG_LOG_ACCESS`), PII masking, and optional send/recipient allowlists (`MAG_MESSAGES_SEND_ALLOWLIST`) that reject unknown recipients with a 403 error; attachment handling is confined to `~/Library/Messages/Attachments/` with appropriate permissions. The platform supports AI agent skill integration (OpenClaw, Claude) with portable skill definitions that provide CRUD operations for reminders, message thread browsing, attachment downloads, and contact management, while exposing `/v1/capabilities` for capability discovery; remote access is recommended through secure SSH tunnels (`ssh -L 8123:localhost:8123 …` or `ssh -R 8123:localhost:8123 …`) or cautious binding to `0.0.0.0`. MAG’s roadmap details incremental releases from v0.1 (basic CRUD reminders and messages) to v0.2 (full message stack, threads, history, search, SSE, attachment download, calendar, and contacts) and ultimately v1.0 (plugin registry), with comprehensive development tools (`make test`, `make lint`, `make format`, `make clean`), documentation (`EXAMPLES.md`), troubleshooting guides, and an MIT license.
Keywords: #gpt-oss:20b-cloud, API, CLI, Messages, OpenAPI, Reminders, SSH, TCC, Tailscale, VMs, ZeroTier, gateway, macOS, open-source, permissions
github.com 13 days ago
https://github.com/ericblue/mac-agent-gateway 13 days ago
|
2537.
HN
Show HN: NovaAccess – SSH access to Tailscale tailnet hosts on iOS without VPN
NovaAccess is an indie iOS app built in Swift that enables reliable SSH access to Tailscale tailnet hosts without requiring VPN permissions, by utilizing libtailscale directly to run alongside any VPN (including Tailscale’s own) and maintaining user‑space networking for persistent sessions when the app is backgrounded. The app provides a native VT100 terminal via SwiftTerm with automatic host discovery, key management, optional custom login servers or Headscale support, and a focus on user experience that was substantially rewritten in v1.1.0, adding resumable sessions and a redesigned UI. The free tier offers full SSH functionality, custom themes, and Headscale compatibility, while the Pro tier adds multi‑tailnet switching, real‑time Linux monitoring dashboards (CPU, memory, disk, network, processes), an in‑app web browser for MagicDNS services and, on iOS 17+, public‑internet browsing, as well as SFTP file management with preview, upload/download, and syntax‑highlighted editing. The application is open‑source, built on forked versions of SwiftTerm and libtailscale on GitHub, and is not affiliated with Tailscale Inc.; it collects no telemetry and can be supported via email.
Keywords: #gpt-oss:20b-cloud, Headscale, MagicDNS, NovaAccess, Pro tier, SFTP, SSH, Swift, SwiftTerm, Tailnet, Tailscale, VPN, WireGuard, auto-discovery, iOS, key management, libtailscale, monitoring, multi-tailnet, network, servers
apps.apple.com 14 days ago
|
2545.
HN
OpenClaw security vulnerabilities include data leakage and prompt injections
OpenClaw is an agentic AI platform that connects instant‑messaging services to autonomous agents capable of executing commands on remote hosts via an AI Gateway; agents use a modular skill system and a toolbox that includes file, runtime, messaging, session, browser, and gateway primitives. The default design exposes a web‑based Control UI over an unprotected port, leaks access tokens through query strings, and shares a persistent “main” session across all direct messages, allowing cross‑user data leakage; group sessions, while isolated from DMs, lack Docker‑style sandboxing, letting malicious prompts read or modify system environment variables, local files, WebSocket configurations, and even re‑route the bot. Attackers can trigger unsafe tool calls through prompt injection via emails, web pages, or skills, leading to exfiltration of credentials, session histories, or private conversations, with the bot acting as a Trojan horse if overly privileged. The core vulnerabilities stem not from the AI model but from architectural gaps: exposed Control UI, weak session management, shared global context, and absent sandboxing. Remediation requires hardening session controls, restricting the tool allowlist to messaging and session‑management only, rotating secrets away from client‑side tokens, confining sessions to per‑peer or per‑account scopes, sandboxing group chats with a non‑main mode, disabling default public DM or group policies, and treating all incoming content as untrusted by processing with read‑only agents before exposing summaries to assistants. Continuous security validation should be achieved through automated AI‑red‑team testing with tools like Giskard, which simulate exploitation scenarios (prompt injection, tool misuse, cross‑session data leaks, API key extraction), provide risk‑classified attack traces, and guide teams to tighten guardrails, enforce strict invitation workflows, and validate that configuration changes or new skills do not reintroduce OpenClaw‑style holes.
Keywords: #gpt-oss:20b-cloud, AI, AI Gateway, AI agent, AI security, API keys, Chain‑of‑Thought, ClawHub, Configuration tampering, Control UI, DM scoping, DMs, Data confidentiality, Discord, Docker‑based isolation, Encrypted, Giskard, Giskard team, HTTP, HTTPS, IM, IM apps, LLM‑powered, MCP, MCP host, OAuth tokens, OWASP LLM, OpenClaw, SNI, Slack, TLS, Tailscale, Telegram, Token, Trojan Horse, URLs, WhatsApp, access tokens, adversarial probes, agents, architecture, authentication, bot, broad tool, browser, channels, configuration, configuration files, credential theft, credentials, cross‑session leakage, cross‑user, data leakage, default main, environment variables, excessive‑agency probes, exfiltrate, external user, fast, files, filesystem, gateway, group chats, group messages, groups, guardrails, hardening, headers, history, injection paths, isolated session, leakage, local workspace, logs, macOS, messaging, metadata, monitoring, nodes, notes, over‑privileged, pairing, pairing codes, parameters, per‑session containers, plugin, privacy breaches, private DM, production, prompt, prompt injection, query, query parameters, red teaming, remote control, runtime, sandboxing, secrets, security, server, session management, sessiondmScope, shared workspace, ship, skills, source code, tokens, tool allowlists, tool use, tools, tool‑abuse, unsafe workspace, vulnerabilities, workspace
www.giskard.ai 14 days ago
|
