Nvidia asserts that their AI chips lack 'shutdown mechanisms' and 'covert entry points'
In a recent blog post, Nvidia's Chief Security Officer, David Reber, addressed allegations of backdoor security risks in the company's AI chips, specifically the H20 model. These allegations, made by Chinese state-affiliated media and the Cyberspace Administration of China, include claims of remote shutdown capabilities and embedded surveillance features [1].
However, Nvidia strongly denies these claims, emphasising that their chips contain no back doors, kill switches, or spyware. Reber asserted the security and trustworthiness of Nvidia's chips, denying any remote shutdown or backdoor functionalities [1].
The allegations reference historical and legislative contexts, such as a 1992 US government attempt at chip surveillance and a recent US bill mandating tracking features in chips, indicating suspicion of US government influence [1]. Nvidia counters this narrative, stressing its commitment to cybersecurity and the integrity of its products.
The Cyberspace Administration of China (CAC) summoned Nvidia last week to clarify the "backdoor security risks" associated with its H20 computing chips [1]. In April, Washington restricted Nvidia from selling its H20 chips to China, stating it would be required to have an export license "for the indefinite future" to sell the chips to the country [1]. However, last month, Nvidia announced it would resume sales of H20 AI chips to China after the U.S. pledged to remove licensing restrictions [1].
Reber argues that incorporating a kill switch or backdoor into Nvidia GPUs would harm U.S. national security interests. He further stated that secret backdoors violate the fundamental principles of cybersecurity and could be exploited by hackers, not just authorities [1]. Embedding backdoors and kill switches into chips, Reber added, would undermine global digital infrastructure and fracture trust in U.S. technology.
Nvidia expects to write down charges of up to $5.5 billion in its fiscal first quarter due to U.S. export requirements on its H20 chips for the Chinese market [1]. U.S. artificial intelligence experts have revealed that Nvidia's H20 computing chips have mature tracking and location, and remote shutdown technologies [1].
Despite the allegations, these security risk claims remain unsubstantiated by Nvidia or independent verification, reflecting geopolitical mistrust amid ongoing US-China technology tensions [1]. Chinese media linked to state broadcaster CCTV has urged a boycott of Nvidia's H20 chips, citing concerns about alleged hardware and software vulnerabilities that could allow remote control or surveillance [1].
Nvidia, a U.S. chip maker, produces AI chips and has denied any intention of compromising its products' security for political or commercial gain. The company continues to emphasise its commitment to maintaining the highest standards of cybersecurity and customer trust.
[1] Source: Various media reports and Nvidia's official blog post.
- The ongoing dispute between Nvidia and Chinese authorities over the alleged security risks in Nvidia's H20 AI chips has sparked discussions about the role of artificial-intelligence in the digital infrastructure, with concerns that hidden backdoors could be exploited.
- Despite the allegations, Nvidia continues to assert that their AI chips, including the H20 model, are secure and do not contain backdoors or remote shutdown technologies, reaffirming their commitment to upholding the principles of cybersecurity and customer trust.
