OpenAI has introduced a new security feature called Lockdown Mode for ChatGPT, designed to protect users from data theft through prompt injection attacks. This security setting is now available to all logged-in users across Free, Go, Plus, Pro, and self-serve ChatGPT Business plans. The feature works by disabling several key functionalities including live web browsing, agent mode, deep research, image retrieval, Canvas networking, and file downloads.
Prompt injection attacks represent what OpenAI describes as a "frontier" security challenge affecting all large language models. These attacks work by embedding malicious instructions within content that the AI processes, such as webpages or uploaded documents. When the model follows these hidden instructions, it can be manipulated into transmitting sensitive user data to servers controlled by attackers.
Whilst Lockdown Mode doesn't prevent prompt injections from occurring, it effectively closes the exit routes attackers would use to steal data. Malicious code can still be embedded in cached webpages or PDF files and influence the model's behaviour, but the feature blocks the outbound channels needed for data exfiltration. Without live browsing capabilities, the system cannot make network requests to external servers, and without image retrieval, pixel-based data transmission channels are eliminated.
OpenAI acknowledges that Lockdown Mode "substantially reduces" the risk of data theft but doesn't provide absolute protection. Some risk may persist through enabled applications, unexpected capability combinations, or newly discovered attack techniques. The security enhancement comes with significant trade-offs, as ChatGPT loses most of its advanced agent and research capabilities when Lockdown Mode is activated. Users are restricted to cached content only, with agent mode completely disabled.
This feature arrives amid growing concerns about prompt injection vulnerabilities in AI agents. Security researchers have successfully demonstrated attacks against systems from Anthropic, Google, and Microsoft, all of which paid bug bounties but issued no public warnings. The fundamental issue remains that large language models cannot reliably distinguish between legitimate data and malicious instructions. OpenAI has also launched a complementary session management feature allowing users to review active sessions and remotely log out of devices if they detect unauthorised access. For users handling sensitive information, the functionality sacrifice may be worthwhile given the escalating security risks in the expanding AI agent ecosystem.
Fuente Original: https://thenextweb.com/news/chatgpt-lockdown-mode-prompt-injection
Artículos relacionados de LaRebelión:
- ChatGPT Vulnerability Exposes Users to Phishing Attacks
- AI Attacks 12-Hour Patching Mandate for Internet Flaws
- AI Repositories Under Siege by Malware Attacks
- OpenAI Backs OpenClaw Whilst Anthropic Blocks Access
- Redpine Secures 68M for Licensed AI Data API
Artículo generado mediante LaRebelionBOT
No hay comentarios:
Publicar un comentario