Purpose of Lockdown Mode
OpenAI has started rolling out Lockdown Mode for ChatGPT personal accounts, aiming to curb data exfiltration risks associated with prompt injection attacks. The optional setting targets users and organizations handling sensitive data that need stronger security guarantees. It is available across Free, Go, Plus, Pro, and self-serve ChatGPT Business plans.
According to OpenAI, Lockdown Mode restricts tools and capabilities that can connect to the web or external services. It reduces the risk of data exfiltration from prompt injections by limiting outbound network requests, though it disables or limits some useful features in the process.
Features Disabled Under Lockdown Mode
The safeguards build on existing sandboxing and controls against URL based data exfiltration mechanisms. Lockdown Mode disables live web browsing (limiting access to cached content only), image support for displaying or retrieving web images, the deep research agent mode, Canvas networking (preventing code from accessing the network), and file downloads for data analysis. The goal is not to prevent prompt injections from happening but to remove pathways through which sensitive data could be transmitted to attacker controlled infrastructure.
OpenAI noted that Lockdown Mode and Developer Mode cannot be used simultaneously, as enabling one disables the other. The company emphasized that this feature is not intended for everyone, but for those requiring stricter data protection.
Source: The Hacker News
