NVIDIA says AI chips don't have kill switches, calling them invitations to disaster

No backdoor, no kill switch, no spyware. This is NVIDIA's commitment following allegations from the China Cyberspace Administration, which requires NVIDIA to provide documentation last week about security vulnerabilities in NVIDIA H20 data center GPUs, specifically referring to “backdoor” security risks. Nvidia responds formally With blog post David Reber Jr, the company's chief security officer.

“The chips embedded in the backdoor and kill switches will be a gift for hackers and hostile actors,” Raiber wrote. “It will undermine global data infrastructure and broken trust in American technology. The laws established are wise to require companies to address vulnerabilities rather than create them.”

China's focus on cyberspace management is particularly derived from NVIDIA's H20 GPU, which is made for the Chinese market and aims to comply with U.S. export guidelines. ARS Technica Note U.S. lawmakers are considering adopting a chip security law that would “need to use “position verification” and “call the evaluation mechanism to stop unauthorized use of chips”. In other words, kill the switch.

If you've seen it Lock the lawyer On YouTube, even for a few minutes, you know there is no lock – just locks that require more professional tools. The same goes for hardware backdoors. Once there is a door there, someone will find a way to stroll. Something as ubiquitous as the NVIDIA GPU, it’s spread all over the world of data centers and consumer PCs, is a particularly attractive target.

Reber quotes “Clippers chip crash“In it, the NSA and the U.S. government pushed for the installation of chips in telecom equipment, which would allow backdoor access through encryption keys. Launched in 1993, security experts discovered multiple vulnerabilities in the coming years, and the chips were unpopular before adoption.

“Security researchers have discovered basic flaws in the system that can cause malicious parties to tamper with the software” and “create core vulnerabilities that can be exploited by opponents.” In other words, such backdoor access may give the U.S. government access to the GPU, but it will also give other governments and other malicious actors access.

Reber continued, “Smartphone features like ‘Find My Phone’ (such as ‘Find My Phone’…as a model for the GPU Kill Switch), explaining that these are user-controlled software options. “The kill switch is completely different: a permanent flaw beyond user control, and a public invitation to disaster…it’s not a reasonable policy. This is an overreaction that can harm the economic and national security interests of the United States. ”

“For decades, policy makers have advocated for the industry’s efforts to create secure, trustworthy hardware,” Lebb wrote. “Government has many tools to protect the country, consumers and the economy. Tools that deliberately weaken critical infrastructure should never be one of them.”