- This week I spent time trying to get openpose to build. I was unsuccessful due to files to install dependencies being missing from the release of openpose I tried to install. To be more specific Caffe is a necessary dependency and I had to manually install Caffe into the openpose directory structure. The build_win.cmd file fails to run as I do not have “ninja” installed. I tried to set the “WITH_NINJA” flag to 0 so CMake would build caffe using the Visual Studio C++ compiler instead of ninja. When I do this and try to run the file the flag seems to somehow get set back to 1. This is a very mystifying issue and I plan to ask Eric about it tomorrow and see if he ran into the same issue. In addition to this the weeks ABET question prompted me to think more about user privacy which led me to look into options and techniques for doing sanitization of user inputs in python and analysis tools to find potential security issues. The main vulnerability I am worried about is if User A has images stored on the app, and User B logs into the app and is able to inject malicious code through fields of user input (how long to record user for). I think this is a reasonable worry as we have a decent amount of user input into our system so I think user sanitization is a very sensible idea. So far I think the bandit tool looks somewhat promising as it is distributed in PyPI so it can be downloaded through pip. There are customization options for us to ignore certain levels of security issues, allowing us to focus on the most critical issues. In terms of user sanitization I am still looking at options and need to discuss them with Sirui tomorrow, but as of right now “regular expressions” seems promising due to its ability to filter out certain items in user input and it is a standard package in python so there is no need to install anything to use it. I was also involved in team meetings where we clarified parts of how our design would work, specifically the specifics of how we were going to evaluate users poses.
- My progress is on time with the group schedule.
- Deliverables I hope to complete by the end of next week is to help Ray get a basic UI design out for the design report and get openpose to build. I also plan to maybe look into and discuss more advanced tools for UI instead of just using TKinter.
- In terms of engineering principles that our team will use to develop solutions, I personally focused on the principle of ethics as I wanted to make sure this app would protect users privacy. Especially with our app where there would be pictures taken of people in incorrect poses, this might be embarrassing for some people and something they wish to keep private. Towards this end I looked into incorporating user sanitization into our app to prevent “injection” attacks as we will be taking in input from the user. Additionally, I looked into tools the team might want to incorporate into the testing process.
Carnegie Mellon University: ECE Capstone Projects, Fall 2023|| Sirui Huang, Hongzhe Cheng, Shiheng Wu, Jerry Feng