I looked into this and no longer have these concerns.
Thank you for this. I have some security concerns, and I am uninstalling the software after I received the message below from my university. Can you please respond here to explain?
“IS&T Information Security received a Crowdstrike alert about some software you downloaded from donethat.ai. Presumably it was intentional, but this software comes installed with what looks like keylogger functionality. …Having a keylogger on your system is pretty risky. Even if they purport to not store data, there is always the risk that the software or your machine is compromised, and the data stream is intercepted for misuse”
...
This installer wrote the following file, which is associated with keylogging functionality:
Ok, I have now read some comments where you explain the privacy below, and watched your video. I’m going to engage with the university security team and ask them what they think, and whether they feel this is appropriate to have on a work computer.
Thanks! As you probably saw this is because there is an option to log keys to improve accuracy. To be honest I am considering removing it soon because of these perceived risks but hesitating a bit because a lot of people are actually enabling that feature. Let me know if I can help you in another way, e.g. show you that part of the code / walk through the processing pipeline.
Yeah, I can see how that’s a bit of a dilemma. To avoid the flags, maybe you could make it a separate download or something people have to specifically email you to request.
I can also imagine that for some people, especially those in certain jobs, the screenshots or logging features won’t be worth the risk. On that note, I decided to uninstall the tool myself, given the security considerations and the requirements from my employer.
FYI removed the package in the latest version. Keylogging isn’t possible anymore (and added an on-device security feature for the screenshots where you can automatically grey out certain apps)
I looked into this and no longer have these concerns.
Thank you for this. I have some security concerns, and I am uninstalling the software after I received the message below from my university. Can you please respond here to explain?“IS&T Information Security received a Crowdstrike alert about some software you downloaded from donethat.ai. Presumably it was intentional, but this software comes installed with what looks like keylogger functionality. …Having a keylogger on your system is pretty risky. Even if they purport to not store data, there is always the risk that the software or your machine is compromised, and the data stream is intercepted for misuse”...This installer wrote the following file, which is associated with keylogging functionality:FILE: …\node_modules\node-global-key-listener\bin\WinKeyServer.exe”Ok, I have now read some comments where you explain the privacy below, and watched your video. I’m going to engage with the university security team and ask them what they think, and whether they feel this is appropriate to have on a work computer.
Thanks! As you probably saw this is because there is an option to log keys to improve accuracy. To be honest I am considering removing it soon because of these perceived risks but hesitating a bit because a lot of people are actually enabling that feature. Let me know if I can help you in another way, e.g. show you that part of the code / walk through the processing pipeline.
Yeah, I can see how that’s a bit of a dilemma. To avoid the flags, maybe you could make it a separate download or something people have to specifically email you to request.
I can also imagine that for some people, especially those in certain jobs, the screenshots or logging features won’t be worth the risk. On that note, I decided to uninstall the tool myself, given the security considerations and the requirements from my employer.
FYI removed the package in the latest version. Keylogging isn’t possible anymore (and added an on-device security feature for the screenshots where you can automatically grey out certain apps)