OpenAI has begun rolling out a new security feature called ‘Lockdown Mode’ across its products, making the feature available to eligible Free, Go, Plus, Pro, and self-serve ChatGPT Business accounts. The company said the optional setting targets people and organisations that handle sensitive information and seek stronger protection against data exfiltration risks linked to prompt-injection attacks. The feature restricts several web-connected capabilities, including Deep Research, Agent Mode, and live web browsing.
However, OpenAI acknowledged that the feature is not a complete solution. In its FAQ, the company said Lockdown Mode is designed to “substantially reduce the risk of prompt injection-based data exfiltration” but “does not guarantee data exfiltration cannot happen”. OpenAI added that risks may still arise through third-party apps that remain enabled, cached data, unforeseen combinations of capabilities, or newly discovered attack techniques.
What is prompt injection? Prompt injection is a technique in which attackers hide malicious instructions inside content that an AI system reads, such as webpages, documents, emails, PDFs, or database records. If the model follows those instructions, it may ignore its original directions, reveal sensitive information to attackers, perform unintended actions, or generate misleading outputs.
What Lockdown Mode restricts: OpenAI said that Lockdown Mode disables or limits several features that can connect to the web or external services.
- Live web browsing: ChatGPT can access only cached content, which may be limited or outdated.
- Deep Research: Disabled.
- Agent Mode: Disabled.
- Image support: ChatGPT may not retrieve or display images from the web, although users can still upload and generate images.
- Canvas networking: Users cannot approve Canvas-generated code for internet access.
- File downloads: ChatGPT cannot download files for analysis, though manually uploaded files continue to work.
- Live connector access and connector write actions: Restricted for personal and self-serve Business accounts.
- Shopping agent and Finance experiences: These features are unavailable in Lockdown Mode.
At the same time, OpenAI clarified that Lockdown Mode does not change memory settings, file uploads, conversation sharing, or how the company uses conversations to improve its models.
How Lockdown Mode works and app risk categories: OpenAI said Lockdown Mode builds on existing protections such as sandboxing, URL-based data exfiltration safeguards, monitoring systems and enterprise controls. Rather than blocking prompt injections outright, it aims to prevent the final stage of an attack by limiting outbound network requests that could transfer sensitive information to an attacker.
The company also categorised apps and actions by risk level:
- High risk: Read or write actions involving untrusted apps. OpenAI advised users to enable only trusted applications.
- High…
Source link
Disclaimer
We strive to uphold the highest ethical standards in all of our reporting and coverage. We blogs.grocliq.com want to be transparent with our readers about any potential conflicts of interest that may arise in our work. It’s possible that some of the investors we feature may have connections to other businesses, including competitors or companies we write about. However, we want to assure our readers that this will not have any impact on the integrity or impartiality of our reporting. We are committed to delivering accurate, unbiased news and information to our audience, and we will continue to uphold our ethics and principles in all of our work. Thank you for your trust and support.
Website Upgradation is going on for any glitch kindly connect at [email protected]
