search

SreejanPersonal / JARVIS-AGI

JARVIS AGI || AI Powered Voice Assistant with Real Human Capabilities
Other
133 stars 15 forks source link

major safety hazard #5

Closed gaohaozhang closed 3 months ago

gaohaozhang commented 3 months ago

I call your code, and you scan my computer terminal in the background. This is extremely outrageous. I thought my computer had a virus, but after checking, I found that it was caused by running your code. Very excessive.

gaohaozhang commented 3 months ago

_20240710111358 This code I found belongs to your personal website

Divy0The0Fire commented 3 months ago

_20240710111358 This code I found belongs to your personal website

The personal website utilizes JavaScript for efficient speech recognition, addressing challenges encountered with Python. Selenium framework is employed to render the website and facilitate audio recognition. The project adheres strictly to using plain HTML, CSS, and JavaScript, ensuring transparency and maintaining privacy standards without data breaches.

Divy0The0Fire commented 3 months ago

I call your code, and you scan my computer terminal in the background. This is extremely outrageous. I thought my computer had a virus, but after checking, I found that it was caused by running your code. Very excessive.

could you provide the details. There is very less posibilty for a bug plsease provide context to debut it and do you have any screen shots or task manager values what exactly you ended to stop your issue.

OE-LUCIFER commented 3 months ago

@gaohaozhang Hi Owen,

Thank you for bringing this to our attention. I understand your concern about potential security issues related to running the provided code. I assure you that the code is intended solely for creating a speech-to-text web application and does not include any functionality that would scan your computer terminal or perform any background activities beyond the described features.

Here’s a brief explanation of what the code does:

  1. HTML Structure: Sets up a simple web page with a title, a dropdown menu for language selection, a textarea to display converted text, and a button to start/stop recording.

  2. CSS Styling: Provides styling to make the page visually appealing. This includes setting up a dark theme, centering content, and adding some effects like shadows and gradients.

  3. JavaScript Functionality:

    • Speech Recognition: Utilizes the Web Speech API (window.SpeechRecognition or window.webkitSpeechRecognition) to listen to the user's speech and convert it into text displayed in the textarea.
    • Event Handling: Listens for clicks on the “Start Recording” button to initiate speech recognition and updates the UI to show the recording status and confidence level of the transcription.

Here is the relevant part of the JavaScript code for your reference:

const click_to_record = document.getElementById('click_to_record');
const convert_text = document.getElementById('convert_text');
const is_recording = document.getElementById('is_recording');
const confidence_id = document.getElementById('confidence_id');
const language_select = document.getElementById('language_select');

click_to_record.addEventListener('click',function(){
var speech = true;
window.SpeechRecognition = window.webkitSpeechRecognition;

const recognition = new SpeechRecognition();
recognition.interimResults = true;
recognition.lang = language_select.value;

recognition.addEventListener('start', () => {
is_recording.innerHTML = "Recording: True";
});

recognition.addEventListener('end', () => {
is_recording.innerHTML = "Recording: False";
});

recognition.addEventListener('result', e => {
const transcript = Array.from(e.results)
.map(result => result[0])
.map(result => result.transcript)
.join('');

convert_text.innerHTML = transcript;

const confidence = Array.from(e.results)
.map(result => result[0])
.map(result => result.confidence)
.join('');
confidence_id.innerHTML = `Confidence: ${confidence}`;
});

if (speech == true) {
recognition.start();
}
});

This script strictly performs the following:

Thank you for your vigilance, and we appreciate your feedback.

Best regards, Vortex

gaohaozhang commented 3 months ago

Of course, after I run DevsDoCode.py. My mouse started to automatically open my social software and file manager, and I had no choice but to shut it down immediately. But unfortunately, I encountered this problem again after troubleshooting all the problems except running devsdocode.py. Therefore, it cannot be explained at this time that it is caused by other operations.

gaohaozhang commented 3 months ago

For security reasons, I now set up a network firewall and comment out :website_path: str = "https://realtime-stt-devs-do-code.netlify.app/". . .

SreejanPersonal commented 3 months ago

@gaohaozhang Dear Owen,

You have raised some serious allegations against me, but you haven't provided any proof to support them. I assure you that I have not manipulated the code or published any malicious content on my website.

For transparency, I have included the source code of the website in the same folder as this file.I take your issue seriously and want to resolve it promptly. To discuss this matter in detail and ensure no other users encounter similar problems, I invite you to join my Telegram group, Devs do Code. Here is the Telegram link - https://t.me/devsdocode.

Thank you, Devs Do Code

gaohaozhang commented 3 months ago

@SreejanPersonal My classmates witnessed the process of my computer being scanned. If you confirm that it is not a problem with your private website, I apologize for my remarks and let us work together to find and solve this problem.

SreejanPersonal commented 3 months ago

@gaohaozhang As far as I remember my code and my intentions. I haven't provided any kind of malicious code inside it.

Thanks for your response. We could surely work on it and figure it out. You are requested to join the group for further proceedings 👇

https://t.me/devsdocode

GhostByte-HUB commented 3 months ago

There's no problem with code..... It only uses selenium and access to Microphone. You have examined the code.. so, did you try to find out what it scans and do with scans results.

AnonymousCoderArtist commented 3 months ago

@gaohaozhang Hi Owen,

We appreciate you raising your concerns regarding potential security vulnerabilities. We understand the importance of code transparency and the potential risks associated with executing scripts without a clear understanding of their functionality.

Please be assured that the code in question is designed solely for the development of a speech-to-text web application. It does not include any functionality that would grant access to your computer terminal or perform any unauthorized background operations.

The code leverages the Web Speech API, a standard web browser feature, to capture and transcribe speech input exclusively through your microphone. It does not interact with your computer terminal, file system, or any running processes beyond the scope of its intended purpose.

Here’s a brief explanation of what the code does:

The Speech to Text script strictly performs the following:

  1. Listens to the user's voice and converts it to text.
  2. Record's the user voice using his microphone.
  3. Displays the transcription in the textarea.
  4. Updates the recording status and confidence level of the transcription.
  5. Return the transcription

  6. Transparency is a core principle guiding the development of this project. We encourage you to reach out if you require further clarification or wish to review specific sections of the code. Your inquiries are welcome and will be addressed promptly.

P.S. I've also personally reviewed and tested this code, and I can confirm that it does not contain any malicious elements. Also i have seen the website code.

Best regards, Anonymous Coder/Artist