Tailscale state file encryption no longer enabled by default
kept by eddie
Tailscale reversed its 1.90.2 decision, disabling state file encryption and hardware attestation keys by default due to unreliable TPM implementations causing support and breakage issues across heterogeneous devices.