This is a recap of some posts I published on Threads during the past week.
The OpenAI ChatGPT for Mac app stored user conversations in plain text in a non-protected location, making them accessible to any running app or malware. After public disclosure, OpenAI released an update encrypting the conversations but did not implement sandboxing.
The OpenAI ChatGPT app on macOS is not sandboxed and stored all conversations in plain text in a non-protected location:
~/Library/Application Support/com.openai.chat/conversations-{uuid}/
This approach is somewhat typical for non-sandboxed apps on macOS, but a high-profile chat app like ChatGPT should be more careful with user data. For example, Apple started blocking access to user private data 6 years ago with the introduction of macOS 10.14 Mojave. Before that, any non-sandboxed app could access any user file. With macOS Mojave, Apple began requiring explicit user permission to access sensitive files like the Calendar, Contacts, Mail or Messages databases. Later, Apple extended this requirement to the Desktop and Documents directories, and with macOS 14 Sonoma, any file stored by a sandboxed third-party app in its sandbox container is automatically protected. This protection prevents malware or untrusted apps from exfiltrating user data without triggering a permission prompt like this:
Unfortunately, OpenAI opted out of sandboxing the ChatGPT app on macOS and stored conversations in plain text in a non-protected location, disabling all these built-in defenses. This meant that any running app, process, or malware could read all your ChatGPT conversations without any permission prompt.
Here you can see how easily any other app could access any ChatGPT conversation without any permission prompt:
You can check the source code of this demo app, ChatGPTStealer, on GitHub.
Initially, I reported this issue to OpenAI through their security bug reporting program in BugCrowd, but they marked the report as “Not Applicable” as “in-order for an attacker to leverage this, they would need physical access to the victim’s device.”
As I disagreed with that consideration, I decided to post this issue publicly on Threads & Mastodon to raise awareness and encourage OpenAI to fix this issue and hopefully sandbox the ChatGPT app on macOS. These posts gained attention and were eventually covered by The Verge, Ars Technica, 9to5Mac, and others.
Following these publications, OpenAI finally acknowledged the issue and released ChatGPT 1.2024.171 for Mac, which now encrypts the conversations. The conversations are now stored in a new location:
~/Library/Application Support/com.openai.chat/conversations-v2-{uuid}/
These files are now encrypted with a key named com.openai.chat.conversations_v2_cache
stored securely in the macOS Keychain and the old plain-text conversations are removed after upgrading to the new version. However, the app is still not sandboxed, so the conversations are still stored in a non-protected location, but now at least they are encrypted so other apps can’t read them without user-granted access to the Keychain key.
Interestingly, macOS Sequoia will introduce protections for Group Containers, so non-sandboxed apps like ChatGPT could improve their security by moving sensitive data to a Group Container directory. This way, any other process or app trying to access the data would be blocked by the system, and a permission prompt would be presented to the user.
You can use the MakePass AI service in the MakePass app with the Ultra subscription to create Apple Wallet passes instantly using an input photo or document of a ticket or card:
MakePass is a mighty Apple Wallet pass editor, with it you can create and customize a myriad of passes with complex layouts including images, barcodes, colors and text fields. Now it includes a new service called MakePass AI available with the MakePass Ultra subscription that allows you to create Apple Wallet passes instantly using an input photo or document of a ticket or card. It can even design the pass using a pass description.
MakePass AI uses technologies like text recognition, barcode recognition and Artificial Intelligence powered by OpenAI ChatGPT models to compose Apple Wallet passes from photos or documents of tickets and cards.
Here you can see some examples of passes generated automatically with MakePass AI from some input image or document:
Input | Pass |
---|---|
![]() |
![]() |
![]() |
![]() |
![]() |
![]() |
MakePass is available on the App Store for iPhone, iPad and Mac.
This archive of WWDC sessions is meant to extend the current collection of videos available on Apple Developer website with all the sessions prior to WWDC 2017 that are not available there but continue to be hosted by Apple servers.
HomeControl is a powerful Mac app that allows you to control your HomeKit setup directly from the menu bar.
HomeControl also includes full automation support for all the actions available in the app (triggering scenes, switching a device or device group status, changing the primary home and also changing device properties) with “x-callback-url”-compatible Automation URLs which can be easily invoked from AppleScript, Terminal and other apps.
HomeControl Automation URLs can be easily generated from the “Customize Items” section available in the HomeControl preferences window. Just right-click an actionable item like a device or scene and select “Copy Automation URL”.
A HomeControl Automation URL will be now available in your pasteboard. By default, Automation URLs run the same action that is executed when clicking on the item in the HomeControl menu:
You can customize these default Automation URL to unleash a lot of more actions.
Device and device group Automation URLs can be modified so they always activate or deactivate the item instead of toggling its state by changing the activation-mode
parameter to activate
or deactivate
instead of toggle
:
homecontrol://x-callback-url/run-action?action-type=switch-device-status&item-type=device&item-name=Outlet&room-name=Principal&home-name=Home&
activation-mode=toggle
&authentication-token=TOKEN
homecontrol://x-callback-url/run-action?action-type=switch-device-status&item-type=device&item-name=Outlet&room-name=Principal&home-name=Home&
activation-mode=activate
&authentication-token=TOKEN
homecontrol://x-callback-url/run-action?action-type=switch-device-status&item-type=device&item-name=Outlet&room-name=Principal&home-name=Home&
activation-mode=deactivate
&authentication-token=TOKEN
You can also remove the home-name
parameter of the URL and it will be invoked on the device or scene named as the item-name
available in the current primary home. This is handy if you have the same scene available in multiple homes and want to trigger the scene in the one you are at the moment the automation is triggered.
There is a forth type of automation action that is not available directly with the “Copy Automation URL” shortcut, the change-device-property
action. This action allows you to change a property of a device like light brightness, light color, thermostat mode, thermostat temperature or blinds position by setting the property-type
and property-value
parameters. These are some examples of what is posible with this powerful action type:
homecontrol://x-callback-url/run-action?action-type=change-device-property&item-type=device&item-name=Light&
property-type=light-brightness&property-value=70
&authentication-token=TOKEN
homecontrol://x-callback-url/run-action?action-type=change-device-property&item-type=device&item-name=Light&
property-type=light-hue&property-value=60
&authentication-token=TOKEN
homecontrol://x-callback-url/run-action?action-type=change-device-property&item-type=device&item-name=Light&
property-type=light-saturation&property-value=30
&authentication-token=TOKEN
homecontrol//x-callback-url/run-action?action-type=change-device-property&item-type=device&item-name=Light&
property-type=light-color-temperature&property-value=3200
&authentication-token=TOKEN
homecontrol://x-callback-url/run-action?action-type=change-device-property&item-type=device&item-name=Air%20Conditioner&
property-type=thermostat-temperature&property-value=21
&authentication-token=TOKEN
homecontrol://x-callback-url/run-action?action-type=change-device-property&item-type=device&item-name=Air%20Conditioner&
property-type=thermostat-mode&property-value=auto
&authentication-token=TOKEN
homecontrol://x-callback-url/run-action?action-type=change-device-property&item-type=device&item-name=Blinds&
property-type=position&property-value=70
&authentication-token=TOKEN
homecontrol://x-callback-url/run-action?action-type=change-device-property&item-type=device&item-name=Window&
property-type=position&property-value=30
&authentication-token=TOKEN
homecontrol://x-callback-url/run-action?action-type=change-device-property&item-type=device&item-name=Fan&
property-type=rotation-speed&property-value=60
&authentication-token=TOKEN
You can easily invoke HomeControl Automation URLs from AppleScript, Terminal or other apps like Shortcuts, Keyboard Maestro or Stream Deck.
tell application "HomeControl" to open location "homecontrol://…"
$ open -g "homecontrol://…"
Simply use an “Open URL” or “Open X-Callback URL” action and set it to launch the Automation URL. Some apps also support running Terminal scripts or AppleScript.