ChatGPT's Mac app exposed user conversations

Stored conversations in plain text

ChatGPT's Mac app exposed user conversations

OpenAI's recently launched Mac app for its AI chatbot, ChatGPT, contained a critical security flaw that left user conversations vulnerable.

The app, which allows users to interact with ChatGPT directly from their desktops, was storing conversation history in plain text, making it easily accessible to malicious software.

Threads user Pedro José Pereira Vieito identified the flaw, demonstrating how easy it was to access these conversations.

"The OpenAI ChatGPT app on macOS is not sandboxed and stores all the conversations in plain-text in a non-protected location," Pereira Vieito explained, meaning any other running app, process or malware could access them without permission.

In a subsequent post he noted, "macOS has blocked access to any user private data since macOS Mojave 10.14 (6 years ago!). Any app accessing private user data (Calendar, Contacts, Mail, Photos, any third-party app sandbox, etc.) now requires explicit user access. OpenAI chose to opt-out of the sandbox and store the conversations in plain text in a non-protected location, disabling all of these built-in defenses."

When asked how he discovered the issue, Pereira Vieito told The Verge, "I was curious about why [OpenAI] opted out of using the app sandbox protections and ended up checking where they stored the app data."

Pereira Vieito created a separate app that could read ChatGPT conversations with a single click. The Verge was able to verify this by using the app to access conversation history.

Thankfully, OpenAI reacted swiftly and released an update that encrypts stored conversations.

"We are aware of this issue and have shipped a new version of the application which encrypts these conversations," said OpenAI spokesperson Taya Christianson.

"We're committed to providing a helpful user experience while maintaining our high security standards as our technology evolves."

While the update addresses the immediate vulnerability, the app still bypasses Apple's sandboxing requirements, which are designed to isolate apps and prevent unauthorised access to data.

OpenAI distributes the app directly, and it isn't subject to the same scrutiny as apps on the Mac App Store.

This raises questions about user privacy, especially considering the potentially sensitive nature of information shared through ChatGPT. Users often rely on the AI for tasks like research and problem-solving, which may involve personal details.

For users who have downloaded the Mac app, updating to the latest version is crucial to protect their conversation history.

OpenAI plans to launch the desktop app for the Windows platform later this year.