Recently, the issue of a backdoor risk in NVIDIA's H20 chip has drawn widespread attention. At 6 a.m. on August 6th, NVIDIA officially issued another statement in response, firmly stating that "NVIDIA chips do not have backdoors, stop switches, or monitoring software."

Previously, in order to safeguard the cybersecurity and data security of Chinese users, the Cyberspace Administration of China, in accordance with the relevant provisions of the Cybersecurity Law, the Data Security Law, and the Personal Information Protection Law, summoned NVIDIA Corporation on July 31, demanding that it explain the security risks of the backdoor vulnerabilities in the H20 computing power chips sold to China and submit relevant supporting materials. At 1 a.m. on August 1st, NVIDIA responded that there were no "backdoors" in its chips and that it would not allow anyone to remotely access or control these chips.

This time, NVIDIA further explained in its statement that to reduce the risk of misuse, some experts and policymakers have proposed setting "stop switches" or built-in controls in the hardware to remotely disable Gpus without the user's knowledge and consent. However, NVIDIA Gpus do not have and should not have such stop switches and backdoors.

Nvidia pointed out that embedding backdoors and stop switches in chips may create opportunities for hackers and hostile forces, seriously damaging the global digital infrastructure and undermining the industry's trust in leading technologies. Moreover, the laws of many countries and regions explicitly require companies to correct vulnerabilities rather than create them. For instance, when security researchers discovered vulnerabilities such as "Spectre" and "Meltdown" in cpus, the government and industry promptly took response measures to eliminate the risks. This principle still holds true to this day. Product security should be achieved through strict internal testing, independent verification, and full compliance with global cybersecurity standards. Strong security is based on the "deep defense" principle, that is, superimposing multiple safeguard measures to prevent single-point vulnerabilities from damaging or shutting down the system.

Nvidia believes that some people compare the functions of smartphones such as "Find My Phone" or "Remote Erase" to the GPU termination switch model, and this analogy is not reasonable. Because the software functions are selected and controlled by users, they are not hardware backdoors. Nvidia always supports open and transparent software. With the user's knowledge and consent, it helps customers fully utilize GPU driver systems for diagnosis, performance monitoring, error reporting, and timely patching, etc. However, embedding a "stop switch" in the chip is a permanent defect that users cannot control and may lead to serious consequences. This is an overreaction that will cause irreparable damage to the US and global economies as well as national security interests.

Nvidia emphasized that deliberately weakening critical infrastructure is by no means a wise move and once again solemnly declared that there are no backdoors, stop switches or monitoring software in NVIDIA chips. These are by no means the way to build a trusted system and will never be in the future.

The following is the full response

NVIDIA GPU is at the core of modern computing and is widely used in industries such as healthcare, finance, scientific research, autonomous driving systems, and AI infrastructure. The industry integrates NVIDIA Gpus into a wide range of systems, including CT scanners, MRI machines, DNA sequencers, air traffic radar tracking systems, urban traffic management systems, self-driving cars, supercomputers, television broadcasting systems, and game consoles, etc.

To reduce the risk of misuse, some experts and policymakers have proposed the need to set up a "stop switch" or built-in controls in the hardware so that the GPU can be remotely disabled without the user's knowledge and consent. Some people suspect that this situation already exists.

NVIDIA Gpus do not have and should not have a stop switch or backdoor set.

Hard-coded single-point control has always been an unadvisable idea

More than 30 years ago, NVIDIA began designing processors. Experience tells us that embedding backdoors and stop switches into chips may provide opportunities for hackers and hostile forces, which will undermine the global digital infrastructure and the industry's trust in leading technologies. The established laws of many countries and regions also have clear regulations on this, requiring companies to correct loopholes instead of creating them.

Until recently, this policy was still widely adopted. When security researchers discovered vulnerabilities such as "Spectre" and "Meltdown" in cpus, the government and the industry promptly and consistently took response measures to eliminate the risks.

This principle remains valid. There is no such thing as a "good" secret backdoor; there are only dangerous loopholes that must be completely eliminated. Product security must always be achieved in the right way: through rigorous internal testing and independent verification, and in full compliance with global cybersecurity standards. Strong security is built on the principle of "deep defense" : superimposing multiple safeguard measures to ensure that no single point of vulnerability will damage or shut down the system. For decades, NVIDIA and the industry have been promoting innovation in this way while protecting users and boosting economic growth. We believe that this effective practice should continue to be adhered to.

Historical lesson: The Clipper chip crash incident - policy and technical blunders

In the 1990s, the cybersecurity community learned a painful lesson through the Clipper chip project of the US National Security Agency. This project was launched in 1993, aiming to provide powerful encryption capabilities while allowing government backdoor access through a key escrow system.

The backdoor built into the Clipper chip has been proven to be a wrong practice. Security researchers have discovered fundamental flaws in the system that could lead malicious parties to tamper with the software, creating centralized vulnerabilities that can be exploited by adversaries. The existence of government backdoors itself can undermine users' confidence in the security of the system.

Termination switches and built-in backdoors can cause single points of failure and violate the fundamental principles of network security.

Promote intelligent software tools to eliminate dangerous hardware traps

Some people regard functions such as "Find My Phone" or "Remote Erase" on smartphones as models of GPU termination switches. This analogy doesn't hold water because software functions are entirely chosen and controlled by users, and they are not hardware backdoors.

We always support open and transparent software, helping customers make the most of their GPU-driven systems (including diagnostics, performance monitoring, error reporting and timely patching) with the user's knowledge and consent. We adhere to responsible and secure computing, which will help our customers stand out and stay at the forefront of the industry.

Hardplanting a "stop switch" in the chip is completely different: this is a permanent defect that users cannot control and may cause serious consequences. This is like when you buy a car, the dealer sets up remote braking to control your driving behavior. This is not a reasonable policy but an excessive reaction, which will cause irreparable damage to the economic and national security interests of the United States and the world.

Hardware integrity should be unbiased and non-negotiable

For decades, policymakers have consistently supported the industry's efforts to create safe and reliable hardware. The government also has many tools and methods to protect the country, consumers and economic development. But deliberately weakening critical infrastructure should never be one of them.

There are no backdoors, stop switches or monitoring software in NVIDIA chips. These are by no means the ways to build a trusted system, and they will never be.

Disclaimer: The article is sourced from the Internet. In case of any dispute, please contact customer service.