Safety

ChatGPT Introduces Lockdown Mode to Block Web Access and Protect Data

OpenAI has launched Lockdown Mode for ChatGPT, which disables web access and other functions to prevent data theft through prompt injection attacks.

A woman in red hoodie works intensely on her laptop indoors, illuminated by screen light.

Photo: Christina Morillo / Pexels

OpenAI has introduced a new security feature called Lockdown Mode for ChatGPT, which disables web access and other functions to protect users from potential data theft. The feature blocks all internet and external service connections, preventing sensitive data from being leaked during conversations with the AI. Users can activate Lockdown Mode in the security settings and temporarily disable it for individual conversations when broader functionality is needed. This mode is designed to safeguard users handling sensitive data by restricting features that connect ChatGPT to the internet or external services.

Lockdown Mode limits live web search to cached content, which may be outdated or unavailable. It fully disables Deep Research and Agent Mode, and ChatGPT can no longer download files or display web images in regular responses. Network access for Canvas-generated code is also blocked. OpenAI acknowledges that prompt injection remains an unsolved problem, calling it a 'frontier, challenging research problem' they are working to solve. Despite these measures, the mode only blocks the final step in an exfiltration chain, the attempt to send data to an attacker via network requests. OpenAI's FAQ states that prompt injection 'is not currently a major risk,' but the impact 'could grow as attackers develop more sophisticated methods.'

Lockdown Mode is available for personal accounts and self-managed ChatGPT Business accounts under 'Settings > Security.' In managed workspaces, admins can set up the mode through role-based access controls (RBAC) for individual members or groups. Users can temporarily turn off Lockdown Mode for specific chats when they need full functionality for a particular conversation. Lockdown Mode and Developer Mode are mutually exclusive. For apps and connectors, OpenAI distinguishes by account type, allowing personal account users to use connectors that access already-synced data while blocking live access, write actions, and finance and shopping features. In managed workspaces, OpenAI recommends admins only enable trusted apps and evaluate each one's exfiltration risk individually.

Source: thedecoder

Key points

OpenAI has released a new 'Lockdown Mode' for ChatGPT that disables functions such as web access, deep research, and agent mode to protect users from potential data theft.
Lockdown Mode blocks all connections to the internet and external services, preventing sensitive data from being leaked during conversations with the AI.
Users can activate Lockdown Mode in the security settings and temporarily disable it for individual conversations when broader functionality is needed.
Lockdown Mode restricts all features that connect ChatGPT to the internet or external services to prevent attackers from using prompt injections to manipulate the model's behavior.
Lockdown Mode limits live web search to cached content, which may be outdated or unavailable, and fully disables Deep Research and Agent Mode.
OpenAI acknowledges that prompt injection remains an unsolved problem, calling it a 'frontier, challenging research problem' they are working to solve.
Lockdown Mode and Developer Mode are mutually exclusive, and for apps and connectors, OpenAI distinguishes by account type, allowing personal account users to use connectors that access already-synced data while blocking live access, write actions, and finance and shopping features.

Source: The Decoder Read the original →

WRITTEN BY

Nadia Rahman

AI Safety, Alignment & Policy

Nadia follows AI safety, alignment, regulation, and the policy debates shaping the field.