Generative AI models like ChatGPT have many advantages, but they also have limitations. It’s common knowledge that they produce errors and make up facts, but it’s increasingly important to acknowledge the potential security risks associated with their implementation.
ChatGPT for Mac: not good. Until June 28, the ChatGPT app for macOS (as of now, there’s no Windows version) had a major security vulnerability: It was saving all conversations in plain text. This meant that if someone gained access to the user’s device, they could potentially access these conversations and the data within them.
Not safe from prying eyes. A user named Pedro José Pereira Vieito demonstrated how someone could develop a simple app to access and display these conversations as they were taking place in a post on Threads. In his experience, in addition to the conversations being saved in plain text, their location was also not adequately protected.
OpenAI doesn’t care about security. Curiously enough, as Vieito states, macOS has offered a simple way for each app to keep its data private for six years. “OpenAI chose to opt-out of the sandbox and store the conversations in plain text in a non-protected location, disabling all of these built-in defenses [on macOS],” he adds.
An update is the solution. OpenAI has released an update that encrypts chats, which helps make sure that conversations no longer vulnerable to “eavesdropping” by anyone other than the ChatGPT user.
AI needs to prioritize security. This isn’t the first controversy involving artificial intelligence tools. One of the most recent and serious incidents involves Windows Recall, Microsoft’s new feature that has proven to be a security and privacy disaster.
Overall: Be careful what you tell the chatbot. However, there’s a broader challenge to address: Both ChatGPT and its competitors struggle to keep secrets and have been known to inadvertently reveal sensitive data that was part of their training datasets. As a result, AI companies have introduced specific versions like ChatGPT Enterprise, aiming to ensure that conversations with this enterprise chatbot remain completely private.
View 0 comments