Less than one month ago Apple took to the stage at WWDC 2024 to unveil Apple Intelligence, including integration with OpenAI's ChatGPT on Mac, iPhone, and iPad. Now, a recently-fixed ChatGPT privacy clanger has everyone looking sideways at Apple's new AI bedfellow.
As reported by The Verge, "Until Friday, OpenAI’s recently launched ChatGPT macOS app had a potentially worrying security issue: it wasn’t hard to find your chats stored on your computer and read them in plain text." The result? Anyone with access to your Mac and malicious intent "could easily read your conversations with ChatGPT and the data contained within them," possibly even using a remote app.
The issue was spotted by developer Pedro José Pereira Vieito, who uncovered that "it was possible to have another app access those files and show you the text of your conversations right after they happened." By simply changing the name of a ChatGPT conversation file, the chat therein would be revealed in plain text.
ChatGPT scramble
Naturally, OpenAI has released an update to encrypt these chats, so if you have downloaded ChatGPT on macOS, you should do that right away. "We are aware of this issue and have shipped a new version of the application which encrypts these conversations" OpenAI told The Verge.
Turns out, Pereira Vieito discovered the issue because he was curious about OpenAI's decision to opt out of using Apple's app sandbox protections on macOS, which are only required for apps offered on the macOS App Store.
The issue has been squashed without much fuss, but it's a worrying misstep for a company that has just signed a major co-beneficial deal to bring its AI LLM to all of Apple's best iPhones, iPads, and Macs.
Apple prides itself on making products with bulletproof privacy and security measures, and its Apple Intelligence offering is no exception. Apple was keen to highlight the importance of on-device processing for its new AI tools, as well as Private Cloud Compute for requests and features that require cloud-based processing. Much of Apple's branding and reputation relies heavily on the perception that it is a company that thrives on privacy, so Apple is sure to be watching OpenAI closely. There's no prospect of Apple pulling the plug but with rumors of a Google Gemini deal and confirmation that ChatGPT isn't going to be Apple's exclusive AI partner for all things "GPT", Open AI will need to keep its ducks in a row if it wants to hang onto that seat at the table.