Till Friday, OpenAI’s lately launched ChatGPT macOS app had a doubtlessly worrying safety difficulty: it wasn’t exhausting to seek out your chats saved in your pc and skim them in plain textual content. That meant that if a nasty actor or malicious app had entry to your machine, they might simply learn your conversations with ChatGPT and the info contained inside them.
As demonstrated by Pedro José Pereira Vieito on Threads, the benefit of entry meant it was doable to have one other app entry these recordsdata and present you the textual content of your conversations proper after they occurred. Pereira Vieito shared the app he made with me, and I used it to make a video exhibiting how the app can learn my ChatGPT conversations with the press of a button. I used to be additionally capable of finding the recordsdata on my pc and see the textual content of conversations simply by altering the file identify.
After The Verge contacted OpenAI in regards to the difficulty, the corporate launched an replace that it says encrypts the chats. “We’re conscious of this difficulty and have shipped a brand new model of the applying which encrypts these conversations,” OpenAI spokesperson Taya Christianson says in an announcement to The Verge. “We’re dedicated to offering a useful person expertise whereas sustaining our excessive safety requirements as our know-how evolves.”
After downloading the replace, Pereira Vieito’s app now not works for me, and I can’t see my conversations in plain textual content.
I requested Pereira Vieito how he found the unique difficulty. “I used to be inquisitive about why [OpenAI] opted out of utilizing the app sandbox protections and ended up checking the place they saved the app knowledge,” he mentioned. OpenAI solely presents the ChatGPT macOS app by means of its personal web site, that means the app doesn’t need to observe Apple’s sandboxing necessities that apply to software program distributed by way of the Mac App Retailer.
Except you’ve opted out, OpenAI might evaluation ChatGPT conversations for security and to coach its fashions. However that privilege isn’t one you’d count on to increase to unknown third events that get entry and know the place to look.