Nvidia warns of “disaster” if it has to put kill switch and backdoor in chips

Nvidia said there are no backdoors or kill switches in its chips, denying an accusation from the Chinese government. The company also urged policymakers to reject proposals for backdoors and kill switches.

“There are no back doors in NVIDIA chips. No kill switches. No spyware. That’s not how trustworthy systems are built—and never will be,” Nvidia Chief Security Officer David Reber Jr. wrote in a blog post yesterday.

The Cyberspace Administration of China last week said it held a meeting with Nvidia over “serious security issues” in the company’s chips and claimed that US AI experts “revealed that Nvidia’s computing chips have location tracking and can remotely shut down the technology.”

The accusation is related to the H20 chip Nvidia made for the Chinese market to comply with US export restrictions. US lawmakers are meanwhile considering a Chip Security Act that would require exported chips to be built with “location verification.” The bill also calls for an assessment of mechanisms to stop unauthorized use—a proposal that critics say could lead to a “kill switch” like the kind that Nvidia wants to prevent.

The office of Sen. Tom Cotton (R-Ark.) said the purpose of the legislation is to “prevent advanced American chips from falling into the hands of adversaries like Communist China by improving oversight of advanced chips.” The White House’s AI Action Plan similarly calls on government agencies and chipmakers to “explore leveraging new and existing location verification features on advanced AI compute to ensure that the chips are not in countries of concern.”

Nvidia denied China’s accusation last week, telling media outlets that it “does not have ‘backdoors’ in our chips that would give anyone a remote way to access or control them.” The new blog post expanded on the company’s denial and argued that governments should not demand backdoors.

Nvidia: Kill switch an “open invitation for disaster”

The post seems to be at least partly a plea to the US government, given the location-tracking proposal and the long history of US officials arguing that tech products should have backdoors allowing government access to encrypted systems.

“To mitigate the risk of misuse, some pundits and policymakers propose requiring hardware ‘kill switches’ or built-in controls that can remotely disable GPUs without user knowledge and consent,” Reber Jr. wrote. “Some suspect they might already exist. Nvidia GPUs do not and should not have kill switches and backdoors.”