OpenAI Codex controls Mac even in locked state
After announcing a remote function via the ChatGPT app, OpenAI is stepping up its game: Codex is set to control the Mac via Computer Use in Locked Mode.
Mac takeover by Codex: The AI mind in the machine.
(Image: OpenAI)
Agentic AI controls Mac without the user seeing it: For some users, this may sound dystopian, but for OpenAI's coding assistant Codex, it will soon be a reality. With the latest version of the app and corresponding permissions, the machine no longer needs to be unlocked for the AI to become active. OpenAI announced this last week via X and updated its Codex documentation accordingly.
Computer Use and Locked Use not within the EEA
According to the company, the Mac no longer needs to be "unlocked" by the user "for Codex to use your computer." The corresponding option in the macOS app is called "Locked Use". However, like Codex's computer control itself ("Computer Use"), it is currently not available within the European Economic Area (including the EU), Switzerland, or Great Britain. There is also no Locked Use or Computer Use for Windows or Linux.
Videos by heise
For Computer Use to work at all, Codex must be granted permissions for screen recording and accessibility access – the app can fundamentally do anything on the computer. However, Codex itself asks within the app which macOS applications users want to allow for the coding assistant and which not. For the use of Locked Use, these two permissions are not sufficient. Apple requires a so-called Authorization Plug-in that supports the "macOS Unlock Flow."
Security Considerations – and Remote Control from a Mobile Device
OpenAI is aware that both Computer Use and Locked Use can pose a security risk. For example, the AI company advises users to give Codex "clear target apps or flows," and only one at a time. Within Locked Use, Codex detects user activity on the keyboard, trackpad, or mouse and temporarily deactivates automatic unlocking until the next manual unlock occurs. Codex should have access to all screens, but only during "active computer use turns." Furthermore, the authorization window is "short and focused on the current unlock attempt."
Nevertheless, users should think carefully about what they are doing here. Most recently, OpenAI equipped the ChatGPT app with new remote control functions for Codex on the Mac. This works on both iOS and Android. The function is currently still officially considered a "preview." It can now be used directly in conjunction with Locked Use. Previously, the home Mac had to remain unlocked, which was insecure.
Empfohlener redaktioneller Inhalt
Mit Ihrer Zustimmung wird hier ein externer Preisvergleich (heise Preisvergleich) geladen.
Ich bin damit einverstanden, dass mir externe Inhalte angezeigt werden. Damit können personenbezogene Daten an Drittplattformen (heise Preisvergleich) übermittelt werden. Mehr dazu in unserer Datenschutzerklärung.
(bsc)
