OpenAI opened up its ChatGPT app for macOS to anyone who wants it as recently as last week, from its previous drip feed access to Plus subscribers. It’s probably a good thing that the floodgates were not immediately open from the start, as it has been recently reported that the app had a security issue. In short, the app was found storing your chats in plain text, and in a non-protected location.
This was first discovered by a data engineer, Pedro Jose Pereira Vieito, on Threads, complete with a demonstration on the way it was done. The combination of the two aforementioned factors meant that any other software installed on said macOS device, including malware, can read your ChatGPT conversations without permission prompts popping up.
The Verge has since reported that OpenAI has rolled out an update that encrypts chats, following a request for comment. Said report quotes company spokesperson Taya Christianson as saying “We are aware of this issue and have shipped a new version of the application which encrypts the chats”.
Interestingly, Pereira Vieito mentions that his curiousity as to “why OpenAI opted out using the app sandbox protections” that set him down this path of checking where the app data for ChatGPT on macOS is stored. This is because the app is something that is downloaded via the OpenAI website rather than the Apple App Store, which makes the sandboxing a mandatory element.
The report closes with stating that unless you opt out, OpenAI may review your ChatGPT logs for safety and for training its models. Of course, one can argue that a lot of files we store on our computer is not encrypted, and would be vulnerable to malware anyway. But on the flip side, additional protections against such situations don’t hurt.
(Source: The Verge, @pvieito / Threads)
Follow us on Instagram, Facebook, Twitter or Telegram for more updates and breaking news.
