In an embarrassing development so soon after Apple’s AI announcements at WWDC, it emerged this week that the ChatGPT app for Mac fails to sandbox conversations, meaning the data can be easily viewed by other apps or anyone else with access to your machine.
Pedro José Pereira Vieito expressed his concerns on Threads earlier this week.
“The OpenAI ChatGPT app on macOS is not sandboxed,” he explained, “and stores all conversations in plain text in an unprotected place:
~/Library/Application\Support/com.openai.chat/conve…{uuid}/
“So basically any other running application/process/malware can read all your ChatGPT conversations without any permission request.”
Pereira Vieito demonstrated to The Verge that a second app could access ChatGPT’s logs and display the text of a conversation immediately after it took place. This isn’t how things are supposed to work on the Mac, which has a data silo policy, or sandboxing, so each app can’t see the data of another app without explicit permission.
As The Verge reports, the flaw was fixed with an update shortly after the issue was reported to OpenAI. But doubts about the reliability of the service may remain.
And not just OpenAI. Apple has long touted its own security and privacy credentials, and just last month it announced that OpenAI would be the first and largest partner in the new Apple Intelligence project. When that AI feature launches later this year, most of the tasks will be handled by Apple’s own systems, but some tasks will be outsourced to third-party bots… with the user’s permission. Apple says that ChatGPT in Apple Intelligence will mask IP addresses and queries won’t be stored.
Google Gemini and other third-party AI assistants are also expected to join Apple Intelligence, but ChatGPT is the only confirmed chatbot so far.
