Apple has strict pointers about defending person knowledge with sandboxing, however ChatGPT for Mac bypassed all of this by storing conversations in plain textual content till it was patched on June 28.
When every thing is working the best way it ought to on Mac, knowledge must be siloed between apps so no single app can entry one other app’s knowledge with out APIs or person permission. ChatGPT determined to disregard Apple’s steerage and broke that construction by opting out of sandboxing and storing person conversations in plain textual content.
Storing recordsdata this fashion left them open for some other Mac app to search out and skim them freely. Meaning if a person’s Mac was contaminated with malware or malicious apps, the personal knowledge shared with ChatGPT may very well be learn freely.
Pereira Vieito found the issue and shared it on Threads.
An replace to ChatGPT for Mac was issued on Friday to patch this downside. All knowledge from utilizing ChatGPT is now hidden behind encryption.
“We’re conscious of this problem and have shipped a brand new model of the applying which encrypts these conversations,” OpenAI spokesperson Taya Christianson says in a statement to The Verge. “We’re dedicated to offering a useful person expertise whereas sustaining our excessive safety requirements as our know-how evolves.”
When an app is submitted to the Mac App Store or for it notarization, it goes by a overview course of that ensures the app handles knowledge by way of sandboxing. It’s a technique that ensures apps solely have entry to the info they’ve and none else on the system.
OpenAI’s ChatGPT for Mac app is distributed from the online and would not use sandboxing. The app can entry personal knowledge the person shares, like emails and confidential information, to carry out no matter process the person asks.
Should you’ve put in ChatGPT for Mac, guarantee it has been up to date to the most recent model. Whereas the vulnerability possible wasn’t taken benefit of within the brief time because the app launched, it’s nonetheless a foolish mistake for an organization like OpenAI to make.
The ChatGPT for Mac app is separate from the bigger partnership OpenAI has with Apple. Later within the fall, customers can decide to ship some requests to ChatGPT as a substitute of Apple Intelligence as part of macOS Sequoia.