You can use it for pretty much anything you would use a VPN for, but it is much easier to configure and secure by default with a built-in firewall. Only services you actively expose are reachable by others - by default nothing on your device can be accessed by others.
In the future, it will also provide some amount of privacy on the network.
I think the biggest user-facing difference is the ease of configuration (ie. none) - if Mycoria had proper installers.
Any node on the network can find my node via mDNS discovery and access any services which I expose. Services need to be secured in the same way I'd do on the public Internet, and not in the same way I do on a trusted private network between a few trusted nodes.
That said, I do believe this is useful in a lot of scenarios where a VPN might be too much work to set up. While one does need to ensure that all services do authentication, the encryption part is valuable, and this does ease exposing services from non-routable nodes with no consistent public IP.
Ease of configuration is very much also a feature of the finest VPN software I've ever used, Wireguard.
Mycoria aims to interconnect participants. Eg. you and your friend all have their home server. Everyone wants to connect to their own server, but also to the server of their friends. All of this is super easy with Mycoria. Let a new friend install Mycoria, add them to your friends in the config and give them a URL for accessing. Voila!
Also, Mycoria is an automatic mesh network, I think Wireguard requires a fixed set of peers you configure.
Not really. One can add as many peers (though there's a artificial limit to just how many, I think) at runtime. It isn't fixed. Products like Tailscale couldn't be built otherwise.
A VPN is used to create (the illusion of) privacy when accessing anything on the internet.
But I can't access anything that's not connected to mycoria with it, can I? If I were to access something like Netflix, would I need something like a mycoria reverse proxy server for Netflix?
It would be more correct to call such a provider a secure (two-way) proxy service (and in the past people did), but for some reason they went with VPN and that stuck.
Mycoria is basically the textbook definition of a VPN.
Not really. Some more recent "VPN" products position themselves that way, but traditionally a VPN has been a way to have something that behaves like a private LAN between computers that are not physically connected to each other (hence the name).
As was patiently explained to me, Mycoria relies to quite an extent on the network effect: you can only use it if other nodes are using it, using it by yourself does not make sense. So the informed layperson's perspective is relevant here. That's why I insist on "dumbing it down" :D
Names are hard.
Personally this Mycoria reminds me more of a global tailnet I.e tailscale's VPN
VPN = Virtual Private Network. It’s (historically) a way of tunneling segregated / encrypted traffic over another network - generally to allow access to another private network or similar. That’s exactly what this is.
Protocol wise, consumer VPN is using traditional VPN protocols, but it’s effectively being used as secure proxy.
In an open mesh network, you still want privacy from the other network participants.
Mycoria might have exit nodes similar to Tailscale in the future, but it won't be a fan-out multi-exit system like SPN, for example.
Firms could replace their VPNs for remote work with mycoria and have better security and control.
I could also set this up for my home network and access my (for example) NAS securely.
For the use-case "I want to access a publicly available page anonymously", we still need a VPN / TOR.
What I understood: it is basically overlaying privacy and net neutrality on the internet.
I am therefore restricted to communicating with other users of mycoria and can't access "the whole Internet" via mycoria.
Am I correct?
What isn't clear for end users, IMO:
- What's the primary use case it was built for? Are there applications using it for chatting / exchanging data / whatever?
- what's the difference to similar projects like, say, yggdrasil?
- what's the difference to using a VPN?