It turns out that OpenAI’s Mac desktop program for ChatGPT had a very major security flaw: user messages were kept in plain text, which meant that anyone with malicious intent could see them if they managed to get access to your computer. The app was highly anticipated when it was released a few weeks ago.
“The OpenAI ChatGPT app on macOS is not sandboxed and stores all the conversations in plain-text in a non-protected location,” as Threads user Pedro José Pereira Vieito pointed out earlier this week. This means that “any other running app / process / malware can read all your ChatGPT conversations without any permission prompt.”
The local talks are now encrypted thanks to an update from OpenAI, but they are still not sandboxed.
Nowadays, a lot of individuals use ChatGPT in the same way that they might use Google: to ask crucial questions, work through problems, and so on. Sensitive personal information may frequently be discussed in those discussions.
OpenAI, which recently partnered with Apple to provide conversation bot services integrated into Siri searches in Apple operating systems, isn’t doing well. However, Apple disclosed some of the security measures surrounding those inquiries at WWDC last month, and they’re stricter than what OpenAI did—or rather, didn’t do—with its Mac app, which is an independent project unrelated to the collaboration.
Make sure to update the app as soon as you can if you’ve been using it recently.
