Subj : ChatGPTs free macOS app had a big, worrying security hole To : All From : TechnologyDaily Date : Thu Jul 04 2024 11:15:04 ChatGPTs free macOS app had a big, worrying security hole Date: Thu, 04 Jul 2024 10:06:36 +0000 Description: OpenAIs ChatGPT app only recently launched on macOS, but its just been caught storing your private queries in a very unsafe way. FULL STORY ====================================================================== One of the key concerns raised during the rising artificial intelligence (AI) wave is what it all means for user privacy . With data leaks and copyright infringement seemingly rampant, a lot of people are worried about whether their information might end up in the wrong hands. Those concerns wont be eased with the news that the recently released ChatGPT app on macOS has been caught storing user conversations in plain text, potentially making them available to any other app (or user) on the Mac (via AppleInsider ). Its been revealed that this issue was present from the apps June 25 release until it was patched on June 28. It was first discovered by user Pereira Vieito, who detailed the vulnerability on Threads . Apples guidelines state that apps should keep data in sandboxes to ensures that nothing is available to other apps without explicit user permission (this also includes access to your photos, calendar details, text messages and more). However, it seems that ChatGPTs developer OpenAI decided to ignore this and simply stored conversations in an unencrypted and freely available form. Its not only other apps that could potentially have accessed your conversations with ChatGPT any Mac malware that made it onto your computer would have been able to sweep up everything you had typed into ChatGPT, too. Considering some of the sensitive information people enter into the chatbot, that could have had very serious consequences. What's notarization? (Image credit: Future / OpenAI) When an app is submitted to Apples App Store , it undergoes a process called notarization . This is where Apple checks the app across various criteria, one of which is that everything is sandboxed properly and inaccessible to outside apps. The problem here, though, is that the ChatGPT Mac app is distributed from OpenAIs website, not from the App Store. As such, it was never notarized by Apple, allowing this situation to arise. In a statement to The Verge , OpenAI said that we are aware of this issue and have shipped a new version of the application which encrypts these conversations. Were committed to providing a helpful user experience while maintaining our high security standards as our technology evolves. While ChatGPTs Mac app is the culprit in this instance, in theory any app distributed outside the App Store and not notarized by Apple could be similarly guilty. Its a reminder that you should only install apps that you trust, and even then, you should take reasonable precautions not to divulge anything too private, lest another situation like this arises with a different app. You might also like Mac users rejoice! The ChatGPT app is finally available for everyone, not just subscribers The tech tightrope: safeguarding privacy in an AI-powered world ChatGPTs big, free update with GPT-4o is rolling out now heres how to get it ====================================================================== Link to news story: https://www.techradar.com/computing/chatgpts-free-macos-app-had-a-big-worrying -security-hole --- Mystic BBS v1.12 A47 (Linux/64) * Origin: tqwNet Technology News (1337:1/100) .