ChatGPT Gets a 'Lockdown Mode' to Counter Data Leaks from Prompt Injection
- OpenAI begins offering a new 'lockdown mode' security feature for ChatGPT
- It aims to reduce data exfiltration risks from prompt injection attacks
- When enabled, web browsing and external service connections are restricted
- The mode targets individuals and organizations handling sensitive data
OpenAI shipping a lockdown mode is an official admission: prompt injection is a structural, incurable vulnerability of the AI-agent era. Once ChatGPT browses the web and connects to external services, instructions hidden in malicious pages can trick the AI into surrendering data — not a bug, but a consequence of large language models' inability to separate instructions from data. Unable to cure the disease, OpenAI borrows the operating-system playbook: an isolation mode that trades capability for safety.
The trade-off matters for enterprise AI adoption: an agent's power is proportional to its attack surface — every connected tool is another exfiltration path. Where security vendors once sold antivirus and firewalls, 'AI agent permission governance' is the next industry: which agents touch which data and services demands a whole policy framework. Apple's Lockdown Mode served journalists and dissidents; ChatGPT's version heralds tiered controls for corporate AI.
If AI capability and security are destined to conflict, how much convenience will your organization trade away?