OpenAI recently launched an official ChatGPT app for macOS, which is also the first ChatGPT app for any desktop platform. While having an app makes the process of talking to the chatbot more seamless, some users have raised privacy concerns. That’s because the app stores all conversations in plain text, which can expose sensitive user data.
As noted by developer Pedro Vieito in a post on Threads, the official ChatGPT app for Mac doesn’t use the standard macOS sandbox system. By looking at the preference and cache files stored by the app, Vieito noticed that all conversations registered in the app are kept saved in plain text, making it easy for anyone to access this data.
But what exactly does all this mean and why isn’t the ChatGPT app sandboxed?
Privacy and sandboxed apps on macOS
For those unfamiliar, “sandboxing” is a security control system that essentially runs an app and all its data in an isolated environment. This way, the app can’t access other parts of the system without permission, just as other apps can’t easily read data from a sandboxed app.
On iOS, all third-party apps run under a sandbox. But on the Mac, this system was only implemented with OS X Lion in 2011. Years later, with macOS Mojave, Apple added new layers of security so that apps always ask the user’s permission to access data outside their sandbox.
However, while running an app in sandbox makes everything more secure, this system remains optional on macOS as some more complex apps require full disk access. And there are a lot of macOS apps that aren’t sandboxed. However, when it comes to chat apps handling sensitive data, most of them are sandboxed.
But what are the implications for users?
Reading ChatGPT conversations without consent is quite easy
Anyone can find the conversations from the ChatGPT app by going to Library > Application Support > com.openai.chat. And since the conversations are stored outside a sandbox and in plain text, this also means that the conversations can be accessed by other apps, processes, or even malware running on the Mac – all without the user ever knowing.
9to5Mac was able to confirm that ChatGPT conversations are stored in plain text. We also built a tool to collect data from the ChatGPT app with just a click, and it works without asking for any permission.
Of course, OpenAI’s privacy policies make it clear that all your conversations with ChatGPT can be collected by the company to improve its language model. That alone is a good reason never to share sensitive data with ChatGPT. But knowing that this data could end up in anyone’s hands makes everything worse.
We’d like to believe that OpenAI just made an oversight by not sandboxing the ChatGPT app. But for now, OpenAI has yet to comment on users’ concerns.
And if you’re really concerned about privacy, a good way to keep your data safe on macOS is to only download apps from the Mac App Store or check whether an app downloaded from an external source runs in sandbox.
Read also
FTC: We use income earning auto affiliate links. More.