ChatGPT for macOS raises concerns for storing chats in plain text

Share via:


OpenAI recently launched an official ChatGPT app for macOS, which is also the first ChatGPT app for any desktop platform. While having an app makes the process of talking to the chatbot more seamless, some users have raised privacy concerns. That’s because the app stores all conversations in plain text, which can expose sensitive user data.

As noted by developer Pedro Vieito in a post on Threads, the official ChatGPT app for Mac doesn’t use the standard macOS sandbox system. By looking at the preference and cache files stored by the app, Vieito noticed that all conversations registered in the app are kept saved in plain text, making it easy for anyone to access this data.

But what exactly does all this mean and why isn’t the ChatGPT app sandboxed?

Privacy and sandboxed apps on macOS

For those unfamiliar, “sandboxing” is a security control system that essentially runs an app and all its data in an isolated environment. This way, the app can’t access other parts of the system without permission, just as other apps can’t easily read data from a sandboxed app.

On iOS, all third-party apps run under a sandbox. But on the Mac, this system was only implemented with OS X Lion in 2011. Years later, with macOS Mojave, Apple added new layers of security so that apps always ask the user’s permission to access data outside their sandbox.

However, while running an app in sandbox makes everything more secure, this system remains optional on macOS as some more complex apps require full disk access. And there are a lot of macOS apps that aren’t sandboxed. However, when it comes to chat apps handling sensitive data, most of them are sandboxed.

macOS Sandbox privacy request

But what are the implications for users?

Anyone can find the conversations from the ChatGPT app by going to Library > Application Support > com.openai.chat. And since the conversations are stored outside a sandbox and in plain text, this also means that the conversations can be accessed by other apps, processes, or even malware running on the Mac – all without the user ever knowing.

9to5Mac was able to confirm that ChatGPT conversations are stored in plain text. We also built a tool to collect data from the ChatGPT app with just a click, and it works without asking for any permission.

Of course, OpenAI’s privacy policies make it clear that all your conversations with ChatGPT can be collected by the company to improve its language model. That alone is a good reason never to share sensitive data with ChatGPT. But knowing that this data could end up in anyone’s hands makes everything worse.

ChatGPT app for macOS raises privacy concerns for storing conversations in plain text

We’d like to believe that OpenAI just made an oversight by not sandboxing the ChatGPT app. But for now, OpenAI has yet to comment on users’ concerns.

And if you’re really concerned about privacy, a good way to keep your data safe on macOS is to only download apps from the Mac App Store or check whether an app downloaded from an external source runs in sandbox.

Read also

FTC: We use income earning auto affiliate links. More.



Source link

Disclaimer

We strive to uphold the highest ethical standards in all of our reporting and coverage. We StartupNews.fyi want to be transparent with our readers about any potential conflicts of interest that may arise in our work. It’s possible that some of the investors we feature may have connections to other businesses, including competitors or companies we write about. However, we want to assure our readers that this will not have any impact on the integrity or impartiality of our reporting. We are committed to delivering accurate, unbiased news and information to our audience, and we will continue to uphold our ethics and principles in all of our work. Thank you for your trust and support.

Popular

More Like this

ChatGPT for macOS raises concerns for storing chats in plain text


OpenAI recently launched an official ChatGPT app for macOS, which is also the first ChatGPT app for any desktop platform. While having an app makes the process of talking to the chatbot more seamless, some users have raised privacy concerns. That’s because the app stores all conversations in plain text, which can expose sensitive user data.

As noted by developer Pedro Vieito in a post on Threads, the official ChatGPT app for Mac doesn’t use the standard macOS sandbox system. By looking at the preference and cache files stored by the app, Vieito noticed that all conversations registered in the app are kept saved in plain text, making it easy for anyone to access this data.

But what exactly does all this mean and why isn’t the ChatGPT app sandboxed?

Privacy and sandboxed apps on macOS

For those unfamiliar, “sandboxing” is a security control system that essentially runs an app and all its data in an isolated environment. This way, the app can’t access other parts of the system without permission, just as other apps can’t easily read data from a sandboxed app.

On iOS, all third-party apps run under a sandbox. But on the Mac, this system was only implemented with OS X Lion in 2011. Years later, with macOS Mojave, Apple added new layers of security so that apps always ask the user’s permission to access data outside their sandbox.

However, while running an app in sandbox makes everything more secure, this system remains optional on macOS as some more complex apps require full disk access. And there are a lot of macOS apps that aren’t sandboxed. However, when it comes to chat apps handling sensitive data, most of them are sandboxed.

macOS Sandbox privacy request

But what are the implications for users?

Anyone can find the conversations from the ChatGPT app by going to Library > Application Support > com.openai.chat. And since the conversations are stored outside a sandbox and in plain text, this also means that the conversations can be accessed by other apps, processes, or even malware running on the Mac – all without the user ever knowing.

9to5Mac was able to confirm that ChatGPT conversations are stored in plain text. We also built a tool to collect data from the ChatGPT app with just a click, and it works without asking for any permission.

Of course, OpenAI’s privacy policies make it clear that all your conversations with ChatGPT can be collected by the company to improve its language model. That alone is a good reason never to share sensitive data with ChatGPT. But knowing that this data could end up in anyone’s hands makes everything worse.

ChatGPT app for macOS raises privacy concerns for storing conversations in plain text

We’d like to believe that OpenAI just made an oversight by not sandboxing the ChatGPT app. But for now, OpenAI has yet to comment on users’ concerns.

And if you’re really concerned about privacy, a good way to keep your data safe on macOS is to only download apps from the Mac App Store or check whether an app downloaded from an external source runs in sandbox.

Read also

FTC: We use income earning auto affiliate links. More.



Source link

Disclaimer

We strive to uphold the highest ethical standards in all of our reporting and coverage. We StartupNews.fyi want to be transparent with our readers about any potential conflicts of interest that may arise in our work. It’s possible that some of the investors we feature may have connections to other businesses, including competitors or companies we write about. However, we want to assure our readers that this will not have any impact on the integrity or impartiality of our reporting. We are committed to delivering accurate, unbiased news and information to our audience, and we will continue to uphold our ethics and principles in all of our work. Thank you for your trust and support.

Website Upgradation is going on for any glitch kindly connect at office@startupnews.fyi

More like this

Shark Tank judge Anupam Mittal to CCI: Humari Nahi...

Shark Tank judge and People Group chairman Anupam Mittal...

Israeli digital health startup secures $40m in equity, debt

The company addresses the affordability of prescription drugs,...

How Q Protocol is changing the future of blockchain...

Cointelegraph Research delves into Q Protocol’s unique governance...

Popular

Upcoming Events

Startup Information that matters. Get in your inbox Daily!