Users were alarmed by a security vulnerability that was recently found in OpenAI’s ChatGPT macOS software. The software, which was only released last week, was discovered to save user computer communications with the AI in plain text. This implied that these talks might be readily read by anybody with device access, even those with malicious software.
Pedro José Pereira Vieito revealed the vulnerability on the social media site Threads. Vieito showed how the conversation text could be viewed virtually immediately after it took place by another program that had access to these unencrypted data.
Additionally, he demonstrated how simple it was to develop an app that could click a button to access ChatGPT’s plain text discussions and change file names to get additional data.After being promptly alerted to the issue by The Verge, OpenAI released a patch for ChatGPT that encrypts the chats that were previously accessible in plain text.
This is the statement that The Verge received from an OpenAI representative.We have released an updated version of the application that encrypts these discussions because we are aware of this problem. As technology advances, we’re dedicated to delivering a beneficial customer experience while upholding our strict security protocols.
According to The Verge’s testing, the update resolves the security vulnerability.This is how Pedro José Pereira Vieito originally became aware of the security vulnerability.I wanted to know why [OpenAI] decided to inspect where they saved the app data instead of using the app sandbox protections.
OpenAI’s ChatGPT app gets around Apple’s security limitations (often referred to as “sandboxing”), unlike apps downloaded via the company’s official Mac App Store. This implies that there is less supervision over the app’s operations but also more independence.I wanted to know why [OpenAI] decided to inspect where they saved the app data instead of using the app sandbox protections.
OpenAI’s ChatGPT app gets around Apple’s security limitations (often referred to as “sandboxing”), unlike apps downloaded via the company’s official Mac App Store. This implies that there is less supervision over the app’s operations but also more independence.
