Technical Information

Core Information

Copilot was originally built from a TightVNC core. TightVNC is an open-source project that was derived from VNC and is meant to be a remote control software package. For use in Copilot, TightVNC was stripped down to its bare essentials. It was then secured with SSL encryption by implementing PeerSec Networks MatrixSSL, an open source embedded SSL implementation.

The Copilot Mac service is based on the efforts of OSXvnc and Chicken of the VNC, and uses Mac OS X's native OpenSSL subsystem to provide encryption.


VNC works by taking targeted screen shots of a controlled screen. It compares screen shots to detect changes and updates those changes on both screens.  Various changes have been made to optimize VNC performance with Copilot.  There is detailed information on how VNC works available here.

Dealing With Firewalls

A proprietary "Reflector" was built to reside on the Copilot servers. This software accepts outgoing connections from the Copilot client software on port 443. Port 443 is the secure http port (https)used for all secure web transactions. Other than in cases of extreme security, this port is almost always open for outgoing connections. After an invitation code is generated for the helper and given to the person needing the help, the client software is preconfigured for that specific connection on the Copilot servers. Once both parties download and run their respective programs, the programs make outgoing connections to the reflector through the open port. The reflector then passes the data between the two parties so they can communicate despite being firewalled.

As of Copilot 2.0, Copilot also makes use of a proprietary version of the STUNT protocol to provide direct connections in the vast majority of Windows-to-Windows connection cases, even through simple firewalls and NATs. Direct conection provides a much faster and responsive Copilot experience. We hope to provide similar technology for our Mac OS X clients over the coming year.


All information sent between both parties is encrypted on both sides of the connection. The encryption keys reside with the client software so nobody listening on the Copilot servers would be able to decipher any information sent. If an invitation code is intercepted it would be useless to any malicious user. This is because there is no place in the website to enter an invitation code as a helper. Copilot uses cookies to remember the helper. The helper can only use the same browser from the same computer in order to use Copilot again.

Source Code

We provide the Copilot client source code in accordance with the GNU General Public License.

© 2005-2017 LLC All Rights Reserved