helpleft.GIF (53022 bytes) helptop.GIF (18701 bytes)

Virus security

Because StickyNote is constantly monitoring your network and accepting communication from other machines, you might very well be concerned about getting a virus. Is it easy (or possible) for someone to hack StickyNote and to send a virus through the note communication protocol to your machine?

The complete answer is no. Even knowing exactly how StickyNote works it is impossible to transfer a virus to your machine. This is because of the way StickyNote interprets information it accepts over the network.

When a program wishes to connect with StickyNote, it must resolve the StickyNote server’s port number and request a connection. Once the connection is made, some handshaking procedures are initiated on both sides which confirm for both programs that the connection is working and the guy on the other end is the right program. After this is completed, the sender pushes the note, in a serialized binary form identical to the StickyNote file format, over the network socket connection. On the receiving end, StickyNote interprets the serial information and constructs a note from it.

The information passed over the network is not code; it’s just information on how to construct a note. So the most malicious thing someone could do to your computer is send information describing a really ugly note. Because StickyNote just reads the information and builds a note from it, it’s impossible to get StickyNote to do something outside its normal range of operation. For example, you could never get StickyNote to erase your hard-drive (the most popular activity of viruses) because there is no note that has the right color, size and shape to make StickyNote do this. No part of the note creation algorithm executes code; therefore, it is impossible to cause the program to behave outside its designed, benign range.


Back to main