Apple has strict tips about defending consumer information with sandboxing, however ChatGPT for Mac bypassed all of this by storing conversations in plain textual content till it was patched on June 28.
When every little thing is working the way in which it ought to on Mac, information ought to be siloed between apps so no single app can entry one other app’s information with out APIs or consumer permission. ChatGPT determined to disregard Apple’s steerage and broke that construction by opting out of sandboxing and storing consumer conversations in plain textual content.
Storing information this fashion left them open for another Mac app to seek out and skim them freely. Which means if a consumer’s Mac was contaminated with malware or malicious apps, the personal information shared with ChatGPT might be learn freely.
Pereira Vieito found the issue and shared it on Threads.
An replace to ChatGPT for Mac was issued on Friday to patch this downside. All information from utilizing ChatGPT is now hidden behind encryption.
“We are aware of this issue and have shipped a new version of the application which encrypts these conversations,” OpenAI spokesperson Taya Christianson says in an announcement to The Verge. “We’re committed to providing a helpful user experience while maintaining our high security standards as our technology evolves.”
When an app is submitted to the Mac App Retailer or for it notarization, it goes by way of a overview course of that ensures the app handles information through sandboxing. It’s a methodology that ensures apps solely have entry to the information they’ve and none else on the system.
OpenAI’s ChatGPT for Mac app is distributed from the online and does not use sandboxing. The app can entry personal information the consumer shares, like emails and confidential data, to carry out no matter activity the consumer asks.
Should you’ve put in ChatGPT for Mac, guarantee it has been up to date to the most recent model. Whereas the vulnerability possible wasn’t taken benefit of within the quick time for the reason that app launched, it’s nonetheless a foolish mistake for an organization like OpenAI to make.
The ChatGPT for Mac app is separate from the bigger partnership OpenAI has with Apple. Later within the fall, customers can decide to ship some requests to ChatGPT as an alternative of Apple Intelligence as part of macOS Sequoia.