Until recently, the OpenAI ChatGPT app for macOS saved conversations with a chatbot in clear text on the computer, making the files easy to find and read. This meant that an attacker or malicious application, having gained access to the computer, could read the chat with ChatGPT and the information contained in it.
The problem was brought to the attention of Threads social network user Pedro José Pereira Vieito. He recalled that back in 2018, with the release of macOS Mojave 10.14, access to user data was blocked at the system level, but OpenAI neglected these information security measures: the text was stored in unencrypted form and even in an unsafe location. To highlight the seriousness of the problem, he wrote his own application that, at the click of a button, read correspondence with ChatGPT.
OpenAI’s Response and Resolution
To date, the error has been corrected. Journalists from The Verge contacted OpenAI, and the company released an update to the application. “We are aware of the problem and have released a new version of the application that encrypts this correspondence. We are committed to offering a great user experience while maintaining our high security standards as our technology evolves,” said OpenAI spokesperson Taya Christianson. After installing the update, the application for intercepting chat content stopped performing its function.
Distribution and User Options
The ChatGPT client for macOS is only distributed through the OpenAI website, and such software is not guaranteed to comply with Apple’s sandbox requirements that apply to apps in the Mac App Store, notes NIX Solutions. OpenAI has also granted itself the right to review user communications with ChatGPT for security purposes and to further train its models, but users have the option to opt out. We’ll keep you updated on any further developments.