OpenAI has unveiled a new feature, known as Lockdown Mode, aimed at bolstering protection against prompt injection attacks. These attacks involve embedding malicious instructions within webpages and other content sources that can manipulate chatbot responses.
This innovative mode will restrict functionalities such as live web browsing, allowing access only to cached content, and will prevent the retrieval and display of images from the internet, although users can still generate images. Additionally, it limits deep research and agent mode capabilities.
While OpenAI acknowledges that Lockdown Mode does not completely eliminate the risk of prompt injections--since such vulnerabilities may still arise from cached web content or uploaded files--the primary objective is to minimize the chances of sensitive information being inadvertently shared.
OpenAI clarifies that this feature is not designed for universal application. Instead, it targets individuals and organizations that manage sensitive data and seek enhanced protection against data exfiltration risks associated with prompt injection.
The rollout of Lockdown Mode is currently being implemented for self-serve ChatGPT Business accounts and select personal accounts, marking a significant step towards greater data security in AI interactions.