Yesterday, it was discovered that the ChatGPT app for Mac had a major security flaw: All our conversations with the OpenAI chatbot were saved in plain text. A situation on the Mac that raised many alarm bells, though today we’ve found a simple solution.

Unencrypted conversation until yesterday’s update

Privacy is a very important topic in the information age, and the recent situation surrounding the official ChatGPT application for macOS has highlighted this once again. How data is managed and stored needs to be addressed..

In macOS, sandboxing provides an isolated environment for system applications, limiting their ability to interact with other parts of the system without explicit permission. This feature is necessary to protect personal data, but The ChatGPT app did not use this system.Storing the conversation in a way that is accessible to any application or process on the device.

While Because App Store rules require apps to use sandboxing, not all apps on Macs come from Apple’s App Store.. In such cases, the absence of sandboxing means that any process or application, including malicious ones, can access conversations stored by the ChatGPT app.

Fortunately, after the news was published, OpenAI released an update that encrypts stored conversations.Reducing the risk of unauthorized access. Updating your device as soon as possible, then, while we wait for the app to decide to use the sandboxing technique, we can do now.

Beyond that, entering the realm of general recommendations, there are a number of things we should consider.

  1. Always update to the latest version.: OpenAI has responded to the security issue with an update that encrypts stored data. The same can happen with other apps — or even our AirPods — so it’s important to keep them up to date.
  2. Review app permissions.: macOS allows more flexibility than iOS in terms of system access, but you can review the permissions of your apps. System Preferences > Privacy and security.
  3. Only download apps from trusted sources.: It is recommended that you download apps from the Mac App Store, or ensure that any applications downloaded from external sources are trusted and use techniques such as sandboxing.
  4. Sensitivity in conversation: Although security measures can be improved, it is advised to be very careful with personal or sensitive information shared through any application, including ChatGPT.

The truth is that OpenAI’s response to the situation has been swift and precise. However, the initial choice to leave conversations without encryption or protection is also noteworthy. Yesterday we were talking about the more than 3 million apps that are being exposed due to a security flaw in CocoPods. In this case, just the update is enough, but the situation works as one A reminder that caution is often not enough.

Source link