Nvidia says its AI chips don't have a 'kill switch' after Chinese accusation

On Tuesday, Nvidia firmly dismissed allegations from China claiming that its data center GPUs for artificial intelligence are equipped with a remote deactivation feature, often referred to as a 'kill switch.' In a blog post, Chief Security Officer David Reber emphasized, "NVIDIA GPUs do not and should not have kill switches and backdoors." This statement follows the Cyberspace Administration of China's recent request for Nvidia to submit documentation regarding what it described as security vulnerabilities in the H20, Nvidia's AI chip tailored for the Chinese market. The Chinese regulator specifically pointed to potential 'backdoor' security risks, according to reports. Nvidia's response highlights the complexities the company faces amid geopolitical tensions, as its AI chips continue to be sought after by nations and businesses globally. In the U.S., lawmakers have suggested new regulations that would require AI chips designated for export to include location-tracking capabilities. The U.S. has already imposed export controls on certain Nvidia chips to China, citing national security concerns, including fears that these chips could be utilized to enhance China's military or AI capabilities. Nvidia CEO Jensen Huang has previously argued that it would be beneficial for the U.S. if Nvidia's chips became the global standard for AI computing, particularly among developers in China. The H20 chip generates significant revenue for Nvidia, reportedly contributing billions in sales each quarter, although the company does not typically disclose specific revenue figures for individual products. In April, exports of the H20 to China were temporarily halted, and Nvidia indicated that its guidance would have been approximately $8 billion higher were it not for these restrictions on sales. In July, the Trump administration announced it would issue a waiver allowing the resumption of sales for these chips. Experts in Silicon Valley, including security professionals, generally criticize the concept of backdoors in technology, as they pose inherent risks. Apple has similarly resisted government pressures to create what it refers to as 'backdoors' in its products. In his blog post, Reber highlighted that hidden backdoors are not just a risk for government misuse but could also be exploited by cybercriminals, contradicting the core tenets of cybersecurity. He warned that incorporating a kill switch or backdoor into products like Nvidia's GPUs would endanger U.S. national security, stating, "Hardwiring a kill switch into a chip is something entirely different: a permanent flaw beyond user control, and an open invitation for disaster." Reber's analogy compared this risk to purchasing a car while the dealership retains a remote control for the parking brake, indicating a severe loss of control for the consumer.