OpenAI’s ChatGPT Mac app stored conversations in plain text

Until Friday, OpenAI’s recently launched ChatGPT macOS app had a potentially worrying security issue: it was easy to find your chats on your computer and read them in plaintext. That meant that if a malicious or harmful app had access to your machine, it could easily read your ChatGPT conversations and the data inside them.

As Pedro José Pereira Vieito pointed out on Threads, the ease of access meant that it was possible to give another app access to those files and show you the text of your conversations right after they happened. Pereira Vieito shared the app he created with me, and I used it to make a video demonstrating how the app can read my ChatGPT conversations with the click of a button. I was also able to find the files on my computer and see the text of conversations just by changing the file name.

After The edge When OpenAI was contacted about the issue, the company released an update that it says encrypts the chats. “We are aware of this issue and have released a new version of the application that encrypts these conversations,” OpenAI spokesperson Taya Christianson said in a statement to The edge“We strive to provide a helpful user experience while maintaining our high security standards as our technology evolves.”

After downloading the update, the Pereira Vieito app stops working and I can no longer see my conversations in plain text.

I asked Pereira Vieito how he discovered the original song. “I was curious about why [OpenAI] chose not to use the app’s sandbox protections and ultimately controlled where they stored the app’s data,” he said. OpenAI only offers the ChatGPT macOS app through its own website, meaning the app does not have to comply with Apple’s sandbox requirements that apply to software distributed through the Mac App Store.

Unless you’ve opted out, OpenAI can review ChatGPT conversations for security and to train its models. But don’t expect that privilege to be extended to unknown third parties who are given access and know where to look.

Leave a Comment