In an embarrassing development so soon after Apple’s AI announcements at WWDC, it emerged this week that the ChatGPT app for Mac has been failing to sandbox conversations, meaning the data can be easily accessed by other apps or anyone else who has access to your machine.
Pedro José Pereira Vieito outlined his concerns on Threads earlier this week.
“The OpenAI ChatGPT app on macOS is not sandboxed,” he explained, “and stores all the conversations in plain-text in a non-protected location:
~/Library/Application Support/com.openai.chat/conve…{uuid}/
So basically any other running app / process / malware can read all your ChatGPT conversations without any permission prompt.”
Pereira Vieito demonstrated to The Verge that a second app could access ChatGPT’s logs and show you the text of a conversation immediately after it happened. That’s not how things are supposed to work on the Mac, which has a policy of data siloing, or sandboxing, so that each app is unable to see other apps’ data without explicit permission.
As The Verge reports, the flaw was patched with an update shortly after it raised the issue with OpenAI. But doubts concerning the service’s trustworthiness may remain.
And not just for OpenAI. Apple has long trumpeted its own pro-security and pro-privacy credentials, and only last month announced that OpenAI would be the first and highest-profile partner for the new Apple Intelligence project. When this AI feature launches later this year, most tasks will be handled by Apple’s own systems, but certain tasks will be handed off to third-party bots… with the user’s permission. Apple says ChatGPT in Apple Intelligence will obscure IP addresses and requests won’t stored.
Google Gemini and other third-party AI assistants are also expected to join Apple Intelligence, but ChatGPT is the only confirmed chatbot for now.