/cdn.vox-cdn.com/uploads/chorus_asset/file/25462005/STK155_OPEN_AI_CVirginia_B.jpg)
Until Friday, OpenAI’s recently launched ChatGPT macOS app had a potentially worrying security issue: it wasn’t hard to find your chats stored on your computer and read them in plain text. That meant that if a bad actor or malicious app had access to your machine, they could easily read your conversations with ChatGPT and the data contained within them.
As demonstrated by Pedro José Pereira Vieito on Threads, the ease of access meant it was possible to have another app access those files and show you the text of your conversations right after they happened. Pereira Vieito shared the app he made with me, and I used it to make a video showing how the app can read my ChatGPT conversations with the click of a button. I was also able to find the files on my computer and see the text of conversations just by changing the file name.
After The Verge contacted OpenAI about the issue, the company released an update that it says encrypts the chats. “We are aware of this issue and have shipped a new version of the application which encrypts these conversations,” OpenAI spokesperson Taya Christianson says in a statement to The Verge. “We’re committed to providing a helpful user experience while maintaining our high security standards as our technology evolves.”
After downloading the update, Pereira Vieito’s app no longer works for me, and I can’t see my conversations in plain text.
I asked Pereira Vieito how he discovered the original issue. “I was curious about why [OpenAI] opted out of using the app sandbox protections and ended up checking where they stored the app data,” he said. OpenAI only offers the ChatGPT macOS app through its own website, meaning the app doesn’t have to follow Apple’s sandboxing requirements that apply to software distributed via the Mac App Store.
Unless you’ve opted out, OpenAI may review ChatGPT conversations for safety and to train its models. But that privilege isn’t one you’d expect to extend to unknown third parties that get access and know where to look.
Of course, it could be worse — this app still wasn’t storing everything you’ve seen on your computer in plain text.