Fog Creek Copilot was originally built from a TightVNC core.
TightVNC is an open-source project that was derived from
VNC and is meant to be
a remote control software package. For use in
Fog Creek Copilot, TightVNC was stripped down to its bare essentials. It was
then secured with SSL encryption by implementing
PeerSec Networks MatrixSSL,
an open source embedded SSL implementation.
The Fog Creek Copilot Mac service is based on the efforts of
of the VNC, and uses Mac OS X's native OpenSSL subsystem to provide
VNC works by taking targeted screen shots of a controlled screen. It compares
screen shots to detect changes and updates those changes on both screens.
Various changes have been made to optimize VNC performance with Fog Creek
Copilot. There is detailed information on how VNC works
Dealing With Firewalls
A proprietary "Reflector" was built to reside on the Fog Creek Copilot servers.
This software accepts outgoing connections from the Fog Creek Copilot client
software on port 443. Port 443 is the secure http port (https)used for all
secure web transactions. Other than in cases of extreme security, this port is
almost always open for outgoing connections. After an invitation code is
generated for the helper and given to the person needing the help, the client
software is preconfigured for that specific connection on the Fog Creek Copilot
servers. Once both parties download and run their respective programs, the
programs make outgoing connections to the reflector through the open port. The
reflector then passes the data between the two parties so they can communicate
despite being firewalled.
As of Copilot 2.0, Fog Creek Copilot also makes use of a proprietary version
of the STUNT
protocol to provide direct connections in the vast majority of
Windows-to-Windows connection cases, even through simple firewalls and
NATs. Direct conection provides a much faster and responsive Fog Creek Copilot
experience. We hope to provide similar technology for our Mac OS X
clients over the coming year.
All information sent between both parties is encrypted on both sides of the
connection. The encryption keys reside with the client software so nobody
listening on the Fog Creek Copilot servers would be able to decipher any
information sent. If an invitation code is intercepted it would be useless to
any malicious user. This is because there is no place in the website to enter
helper. The helper can only use the same browser from the same computer in
order to use Fog Creek Copilot again.
We provide the Fog Creek Copilot client source code
in accordance with the GNU General Public License.