Technical Information

Core Information

Fog Creek Copilot was originally built from a TightVNC core. TightVNC is an open-source project that was derived from VNC and is meant to be a remote control software package. For use in Fog Creek Copilot, TightVNC was stripped down to its bare essentials. It was then secured with SSL encryption by implementing PeerSec Networks MatrixSSL, an open source embedded SSL implementation.

The Fog Creek Copilot Mac service is based on the efforts of OSXvnc and Chicken of the VNC, and uses Mac OS X's native OpenSSL subsystem to provide encryption.

VNC

VNC works by taking targeted screen shots of a controlled screen. It compares screen shots to detect changes and updates those changes on both screens.  Various changes have been made to optimize VNC performance with Fog Creek Copilot.  There is detailed information on how VNC works available here.

Dealing With Firewalls

A proprietary "Reflector" was built to reside on the Fog Creek Copilot servers. This software accepts outgoing connections from the Fog Creek Copilot client software on port 443. Port 443 is the secure http port (https)used for all secure web transactions. Other than in cases of extreme security, this port is almost always open for outgoing connections. After an invitation code is generated for the helper and given to the person needing the help, the client software is preconfigured for that specific connection on the Fog Creek Copilot servers. Once both parties download and run their respective programs, the programs make outgoing connections to the reflector through the open port. The reflector then passes the data between the two parties so they can communicate despite being firewalled.

As of Copilot 2.0, Fog Creek Copilot also makes use of a proprietary version of the STUNT protocol to provide direct connections in the vast majority of Windows-to-Windows connection cases, even through simple firewalls and NATs. Direct conection provides a much faster and responsive Fog Creek Copilot experience. We hope to provide similar technology for our Mac OS X clients over the coming year.

Security

All information sent between both parties is encrypted on both sides of the connection. The encryption keys reside with the client software so nobody listening on the Fog Creek Copilot servers would be able to decipher any information sent. If an invitation code is intercepted it would be useless to any malicious user. This is because there is no place in the website to enter an invitation code as a helper. Fog Creek Copilot uses cookies to remember the helper. The helper can only use the same browser from the same computer in order to use Fog Creek Copilot again.

Source Code

We provide the Fog Creek Copilot client source code in accordance with the GNU General Public License.


© 2005-2013 Fog Creek Software, Inc. All Rights Reserved