Pedro José Pereira VieitoJul 1, 2024

The OpenAI ChatGPT app on macOS is not sandboxed and stores all the conversations in **plain-text** in a non-protected location:

~/Library/Application\ Support/com.openai.chat/conversations-{uuid}/

So basically any other running app / process / malware can read all your ChatGPT conversations without any permission prompt:

Show threadJanne Moren

@pvieito
Isn't that just the case for all your personal data? Any app can read your Word and Excel files and so on as well. That's the security model for PCs, that data isn't sandboxed between apps for a single user.

We do sandbox critical data (cf. password managers). But is a chat transcript really any more critical than, say, a spreadsheet containing your personal economy, or unpublished fanfic, or whatever other personal data you keep unencrypted?

Jul 2, 2024 at 2:25amWeb
Show threadNegative12DollarBillJul 2, 2024
@jannem @pvieito
Your regular data files like images, documents and spreadsheets aren't kept in `~/Library/Application\ Support/some.application.name/`. That's for files needed for the application to work and for the use of that application only.
Show threadJanne MorenJul 2, 2024
@negative12dollarbill @pvieito
Isn't that open for you (and by extension, any app you run) to read, though?
Show threadPedro José Pereira VieitoJul 2, 2024

@jannem @negative12dollarbill Apple has blocked access to any private data (including Mail data) since macOS Mojave 10.14 (6 years ago!).

Any app accessing private user data (Calendar, Contacts, Mail, Photos, any third-party app sandbox, etc.) now requires explicit user access.

OpenAI chose to opt-out of the sandbox and store the conversations in plain text in a non-protected location, disabling all of these built-in defenses.

Show threadSpooky FrankJul 2, 2024
@jannem No, you have to explicitly give permission to folders (Documents, Downloads, etc.) per app, when the app first attempts to access these folders. This is different than Windows and Linux.