ChatGPT for Mac Stores User Conversations in Plain Text, Exposing Sensitive Data to Malware

Last month, OpenAI announced that ChatGPT for Mac was available to all users. Through the official ChatGPT client, users can rapidly engage in text conversations, generate images, read screenshots or files, search conversations, and more.

However, even a company of OpenAI's scale has vulnerabilities in security. ChatGPT for Mac saves all user conversations on the local disk in plain text format.

This means any applications, processes, or malicious software running on Mac can directly access the full content of user chats without any authorization, potentially leading to the exposure of private data.

Since the release of macOS Mojave 10.14 in 2018, Apple has introduced new security features to prevent other applications from accessing private data. When access to private data is needed, the system prompts a request that must be approved by the user before proceeding.

When developing ChatGPT for Mac, OpenAI did not use Apple's recommended settings to store user data in a sandbox. Instead, OpenAI stored it in a vulnerable path at ~/Library/Application Support/com.openai.chat/conve…{uuid}/

Not only was the data stored in an unprotected path, but OpenAI also failed to encrypt user data, making it easy for anyone to steal complete chat contents.

Tech enthusiast Pedro Jose discovered this issue and posted a demonstration video on Meta Threads. Following user feedback, OpenAI promptly released a new version to address this issue.

In the latest version of ChatGPT for Mac, OpenAI has now encrypted the data stored locally. Although it's still not placed in a sandbox, the encrypted files increase security.

Users of ChatGPT for Mac are advised to immediately upgrade to the latest version to ensure their safety. The latest version can be downloaded from OpenAI's official website: https://openai.com/chatgpt/mac/

AI(223)ChatGPT(59)Mac(34)macOS(23)OPENAI(82)

Copyright Notice:
Thank you for reading. This article was written by Landian News, and the author is Brook.X. If you wish to repost this article, please include a link to the original: https://landian.news/article/2480.html

{{userData.name}}

ChatGPT for Mac Stores User Conversations in Plain Text, Exposing Sensitive Data to Malware

AI Showdown: Microsoft Doubles Bing Chat Input Limit, Challenging GPT-4 and Claude

Breaking Barriers: OpenAI Introduces GPT-4o for All and Tests No-Login ChatGPT App

Meta Releases Llama 3.1 Open Model with Up to 405 Billion Parameters, Surpassing Capabilities of Closed Models like GPT-4

Apple Launches iOS 18.1 Beta 1 to Test AI Features, Excludes China Mainland iPhones

OpenAI Begins Rolling Out Advanced Voice Mode to Select ChatGPT Plus Subscribers

Meta AI Releases Open-Source "Segment Anything Model" for Object Recognition and Segmentation

Bing Chat Unveils Plugin Support and Chat History Features, Surpassing Google in AI Chatbot Market

Google Admits AI Summary Feature Contains Factual Errors, Blames Users for Abnormal Search Queries

Apple Adds New Option for AirPlay Screen Sharing in macOS 15.2: Option to Share Specific Windows Only

Invisible Watermarks: OpenAI's Solution to Detect AI-Generated Content

MAS v2.8: The Ultimate Free Activation Script for Windows & Office

Arc Browser Halts Development: What's Next for The Browser Company?

Microsoft Once Again Delays the Launch of Windows Recall, Citing the Need for Further Refinement

Apple No Longer Requires Developers to Be in the EU for Debugging iOS Alternative Browser Engines/NFC, etc.

Apple Allows EU Users to Delete Core Apps Like App Store and Photos in iOS 18.2

OpenAI's ChatGPT for Windows/Mac Client Introduces Advanced Real-Time Voice Features

Linux Kernel Project Removes Entries of Several Russian Contributors Due to "Compliance Requirements"

Apple Blocks Methods to Bypass AI Restrictions in iOS 18.2 Beta 3, Including Nugget Software