OpenAI unveils Lockdown Mode to protect sensitive data from prompt injection attacks

OpenAI 发布“锁定模式”，旨在保护敏感数据免受提示词注入攻击

OpenAI announced a new feature that it says will provide additional protection from prompt injection attacks, where malicious chatbot instructions are hidden in webpages and other content sources. OpenAI 宣布推出一项新功能，称其将为提示词注入攻击提供额外的保护。此类攻击通常指将恶意的聊天机器人指令隐藏在网页或其他内容源中。

Among other things, Lockdown Mode will disable live web browsing (so you can only access cached content), the retrieval and display of images from the web (you can still generate images), deep research, and agent mode. 除其他功能外，“锁定模式”（Lockdown Mode）将禁用实时网页浏览（用户只能访问缓存内容）、从网络检索和显示图片（仍可生成图片）、深度研究以及智能体模式。

The company says that even with Lockdown Mode turned on, ChatGPT could still be vulnerable to prompt injections — which could, for example, “appear in cached web content or in an uploaded file, and could still affect the behavior or accuracy of a response.” But the goal is to reduce the likelihood that sensitive data gets shared in the process. 该公司表示，即使开启了“锁定模式”，ChatGPT 仍可能面临提示词注入的风险——例如，这些指令可能“出现在缓存的网页内容或上传的文件中，并可能影响回复的行为或准确性”。但该模式的目标是降低在此过程中敏感数据被泄露的可能性。

“Lockdown Mode is not intended for everyone,” OpenAI says. “It is designed for people and organizations that handle sensitive data and want stricter protection from data exfiltration risks related to prompt injection.” OpenAI 表示：“‘锁定模式’并非面向所有人。它是为那些处理敏感数据，并希望针对与提示词注入相关的数据外泄风险获得更严格保护的个人和组织而设计的。”

The company says it’s currently rolling Lockdown Mode out to self-serve ChatGPT Business accounts, as well as eligible personal accounts. 该公司表示，目前正向自助服务的 ChatGPT 企业账户以及符合条件的个人账户推出“锁定模式”。